urlscan.io logo urlscan.io
SecurityTrails logo

www.bg3.co Open in urlscan Pro
84.17.37.44  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.bg3.co/a/qiang-ni-dai-pu-nan-shen-ji-lao-13sui-ke-neng-yuan-yin-pu-guang.html
Submission: On October 01 via manual from US — Scanned from AU
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 116 IPs in 14 countries across 121 domains to perform 637 HTTP transactions. The main IP is 84.17.37.44, located in Central, Hong Kong and belongs to CDN77 ^_^, GB. The main domain is www.bg3.co. The Cisco Umbrella rank of the primary domain is 601985.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G2 on May 20th 2022. Valid for: a year.
This is the only time www.bg3.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 84.17.37.44 60068 (CDN77 ^_^)
1 66 172.217.194.132 15169 (GOOGLE)
1 3 209.58.171.197 59253 (LEASEWEB-...)
4 172.67.71.254 13335 (CLOUDFLAR...)
2 42.99.140.144 4637 (ASN-TELST...)
5 42.99.140.200 4637 (ASN-TELST...)
2 69.16.175.10 20446 (STACKPATH...)
23 104.26.2.91 13335 (CLOUDFLAR...)
58 74.125.24.154 15169 (GOOGLE)
3 64.120.88.131 133752 (LEASEWEB-...)
14 74.125.24.155 15169 (GOOGLE)
6 13.76.45.37 8075 (MICROSOFT...)
12 142.251.10.155 15169 (GOOGLE)
1 74.125.200.94 15169 (GOOGLE)
2 142.251.12.97 15169 (GOOGLE)
4 142.251.12.102 15169 (GOOGLE)
2 18 142.250.4.155 15169 (GOOGLE)
2 7 103.229.10.211 16509 (AMAZON-02)
1 104.16.88.20 13335 (CLOUDFLAR...)
8 15 104.254.151.36 29990 (ASN-APPNEX)
3 51.79.234.101 16276 (OVH)
1 182.161.73.145 55569 (CRITEO-AS...)
1 34.223.235.65 16509 (AMAZON-02)
7 20 145.40.88.5 54825 (PACKET)
2 12 35.244.159.8 15169 (GOOGLE)
9 26 104.18.19.126 13335 (CLOUDFLAR...)
4 13.112.222.132 16509 (AMAZON-02)
1 69.173.158.65 26667 (RUBICONPR...)
1 184.25.221.62 16625 (AKAMAI-AS)
1 35.213.111.127 15169 (GOOGLE)
1 34.107.148.139 396982 (GOOGLE-CL...)
1 52.74.101.6 16509 (AMAZON-02)
2 74.125.130.156 15169 (GOOGLE)
6 142.251.12.155 15169 (GOOGLE)
2 13.33.33.38 16509 (AMAZON-02)
1 13.33.33.43 16509 (AMAZON-02)
2 172.217.194.95 15169 (GOOGLE)
2 104.211.156.162 8075 (MICROSOFT...)
1 13.33.33.86 16509 (AMAZON-02)
2 142.251.12.94 15169 (GOOGLE)
1 12 74.125.24.105 15169 (GOOGLE)
16 184.25.248.23 16625 (AKAMAI-AS)
2 42.99.140.216 4637 (ASN-TELST...)
18 184.25.220.23 16625 (AKAMAI-AS)
6 142.251.10.156 15169 (GOOGLE)
2 182.161.73.129 55569 (CRITEO-AS...)
1 1 202.232.238.37 2497 (IIJ Inter...)
25 64 172.253.118.154 15169 (GOOGLE)
1 34.96.105.8 396982 (GOOGLE-CL...)
7 8 185.84.60.29 198622 (ADFORM)
1 1 150.95.47.241 7506 (INTERQ GM...)
4 11 35.71.178.8 16509 (AMAZON-02)
1 1 18.179.72.109 16509 (AMAZON-02)
2 2 20.127.253.7 8075 (MICROSOFT...)
2 2 162.19.138.82 16276 (OVH)
13 14 35.71.131.137 16509 (AMAZON-02)
7 7 103.229.206.241 30419 (MEDIAMATH...)
2 2 66.155.71.150 13768 (COGECO-PEER1)
19 21 35.213.12.39 15169 (GOOGLE)
6 6 35.227.202.26 15169 (GOOGLE)
4 5 107.178.244.193 15169 (GOOGLE)
2 2 18.155.68.101 16509 (AMAZON-02)
3 3 13.214.106.63 16509 (AMAZON-02)
3 3 124.146.215.42 2514 (INFOSPHER...)
13 14 64.202.112.255 23352 (SERVERCEN...)
4 16 184.25.249.212 16625 (AKAMAI-AS)
8 142.250.4.148 15169 (GOOGLE)
14 34.149.43.113 15169 (GOOGLE)
4 4 35.186.193.173 15169 (GOOGLE)
4 7 213.180.193.90 13238 (YANDEX)
3 74.125.130.154 15169 (GOOGLE)
5 182.161.73.136 55569 (CRITEO-AS...)
1 23.44.1.2 16625 (AKAMAI-AS)
3 11 23.15.148.136 16625 (AKAMAI-AS)
1 52.84.45.7 16509 (AMAZON-02)
1 23.44.0.183 16625 (AKAMAI-AS)
2 4 54.69.10.121 16509 (AMAZON-02)
3 3 50.116.239.135 6336 (TURN-US-ASN)
2 2 13.33.88.20 16509 (AMAZON-02)
2 3 13.107.42.14 8068 (MICROSOFT...)
1 2 104.18.102.194 13335 (CLOUDFLAR...)
3 6 18.142.166.252 16509 (AMAZON-02)
3 6 52.46.130.91 16509 (AMAZON-02)
1 204.79.197.200 8068 (MICROSOFT...)
4 4 104.119.104.208 16625 (AKAMAI-AS)
2 2 198.8.71.129 54312 (ROCKETFUEL)
4 23.44.0.196 16625 (AKAMAI-AS)
11 13 74.118.186.45 26120 (RHYTHMONE)
3 3 13.213.209.254 16509 (AMAZON-02)
1 3 182.161.73.146 55569 (CRITEO-AS...)
2 2 35.156.36.186 16509 (AMAZON-02)
2 50.16.238.86 14618 (AMAZON-AES)
1 104.19.158.19 13335 (CLOUDFLAR...)
1 104.21.41.253 13335 (CLOUDFLAR...)
6 6 52.74.162.2 16509 (AMAZON-02)
11 14 69.173.158.64 26667 (RUBICONPR...)
3 3 37.157.5.142 198622 (ADFORM)
7 7 3.92.9.222 14618 (AMAZON-AES)
1 1 23.106.127.165 59253 (LEASEWEB-...)
5 8 103.231.98.197 62713 (AS-PUBMATIC)
4 8 67.199.150.85 62713 (AS-PUBMATIC)
2 6 104.18.18.126 13335 (CLOUDFLAR...)
4 4 209.191.163.209 32475 (SINGLEHOP...)
1 52.209.60.98 16509 (AMAZON-02)
1 67.199.150.77 62713 (AS-PUBMATIC)
1 46.137.211.219 16509 (AMAZON-02)
1 143.198.114.225 14061 (DIGITALOC...)
1 3.224.71.39 14618 (AMAZON-AES)
1 4 67.199.150.81 3257 (GTT-BACKB...)
2 3 52.95.126.160 16509 (AMAZON-02)
2 54.168.48.215 16509 (AMAZON-02)
2 4 23.106.127.52 59253 (LEASEWEB-...)
1 3 23.20.206.0 14618 (AMAZON-AES)
14 34.251.200.30 16509 (AMAZON-02)
2 2 209.191.163.210 32475 (SINGLEHOP...)
1 19 13.112.54.241 16509 (AMAZON-02)
3 3 72.34.250.75 27630 (AS-XFERNET)
1 18.142.38.64 16509 (AMAZON-02)
2 2 23.106.69.72 59253 (LEASEWEB-...)
1 104.18.12.76 13335 (CLOUDFLAR...)
4 209.197.3.19 20446 (STACKPATH...)
4 12 67.199.150.86 62713 (AS-PUBMATIC)
4 151.101.130.49 54113 (FASTLY)
1 1 18.138.18.111 16509 (AMAZON-02)
1 1 103.3.63.48 63949 (LINODE-AP...)
2 6 103.231.98.194 62713 (AS-PUBMATIC)
1 202.131.200.84 17941 (BIT-ISLE ...)
1 18.176.32.10 16509 (AMAZON-02)
6 6 35.213.93.179 15169 (GOOGLE)
2 2 52.74.118.249 16509 (AMAZON-02)
1 2 151.101.193.44 54113 (FASTLY)
1 2 104.18.35.11 13335 (CLOUDFLAR...)
1 195.5.165.20 44968 (IPROM-AS)
2 104.19.172.108 13335 (CLOUDFLAR...)
2 169.197.150.8 398989 (DEEPINTENT)
2 3 35.190.60.146 15169 (GOOGLE)
2 2 107.178.254.65 15169 (GOOGLE)
1 1 34.98.67.3 396982 (GOOGLE-CL...)
2 2 35.247.47.28 396982 (GOOGLE-CL...)
1 1 34.102.253.54 396982 (GOOGLE-CL...)
3 3 104.254.150.228 29990 (ASN-APPNEX)
2 2 89.207.22.140 41041 (VCLK-EU-SE)
2 2 18.176.21.36 16509 (AMAZON-02)
1 54.186.254.183 16509 (AMAZON-02)
1 1 80.77.87.163 46636 (NATCOWEB)
1 52.220.40.119 16509 (AMAZON-02)
34 205.185.216.10 20446 (STACKPATH...)
3 3 38.133.127.159 22075 (AS-OUTBRAIN)
1 1 54.243.184.83 14618 (AMAZON-AES)
1 1 52.87.71.254 14618 (AMAZON-AES)
1 150.136.26.45 31898 (ORACLE-BM...)
2 2 18.180.216.240 16509 (AMAZON-02)
1 1 74.214.196.131 19189 (PULSEPOINT)
2 2 185.184.8.90 204995 (RTB-HOUSE...)
1 1 69.173.151.100 26667 (RUBICONPR...)
6 18.136.78.69 16509 (AMAZON-02)
4 184.25.220.49 16625 (AKAMAI-AS)
1 172.217.194.94 15169 (GOOGLE)
1 1 35.186.253.211 15169 (GOOGLE)
1 1 54.95.110.129 16509 (AMAZON-02)
1 2 119.9.108.191 45187 (RACKSPACE...)
1 2 52.76.92.197 16509 (AMAZON-02)
8 8 142.251.12.148 15169 (GOOGLE)
637 116
1    84.17.37.44 (Central, Hong Kong)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-84-17-37-44.cdn77.com
www.bg3.co
66    172.217.194.132 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f132.1e100.net
cdn.ampproject.org
4ba42ddf9525c38ddaa3d364ddd556c5.safeframe.googlesyndication.com
318a65eb6825e2da5df410395aa8245e.safeframe.googlesyndication.com
tpc.googlesyndication.com
eae788224dba35857150c6163776964a.safeframe.googlesyndication.com
3    209.58.171.197 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
ads.aralego.com
4    172.67.71.254 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.aralego.net
2    42.99.140.144 (Japan)

ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK)
PTR: ip-42-99-140-144.pacnet.net
delivery.adrecover.com
5    42.99.140.200 (Japan)

ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK)
PTR: ip-42-99-140-200.pacnet.net
cdn.adpushup.com
2    69.16.175.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: tlb.hwcdn.net
code.jquery.com
23    104.26.2.91 (United States)

ASN13335 (CLOUDFLARENET, US)
static.bg3.co
58    74.125.24.154 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f154.1e100.net
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
3    64.120.88.131 (Central, Hong Kong)

ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK)
sync.aralego.com
14    74.125.24.155 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f155.1e100.net
securepubads.g.doubleclick.net
pagead2.googlesyndication.com
6    13.76.45.37 (Singapore, Singapore)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
e3.adpushup.com
12    142.251.10.155 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f155.1e100.net
adservice.google.com
1    74.125.200.94 (United States)

ASN15169 (GOOGLE, US)
PTR: sa-in-f94.1e100.net
d-22584574612209393543.ampproject.net
2    142.251.12.97 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f97.1e100.net
www.googletagmanager.com
4    142.251.12.102 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f102.1e100.net
www.google-analytics.com
18    142.250.4.155 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f155.1e100.net
googleads.g.doubleclick.net
adservice.google.com.au
7    103.229.10.211 (Singapore)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
cms.quantserve.com
1    104.16.88.20 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
15    104.254.151.36 (Los Angeles, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 897.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
ib.adnxs.com
3    51.79.234.101 (Singapore, Singapore)

ASN16276 (OVH, FR)
PTR: ip101.ip-51-79-234.net
onetag-sys.com
1    182.161.73.145 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
bidder.criteo.com
1    34.223.235.65 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-223-235-65.us-west-2.compute.amazonaws.com
hb-api.omnitagjs.com
20    145.40.88.5 (Secaucus, United States)

ASN54825 (PACKET, US)
prebid.a-mo.net
12    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
adpushup-d.openx.net
u.openx.net
us-u.openx.net
jp-u.openx.net
26    104.18.19.126 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
4    13.112.222.132 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-112-222-132.ap-northeast-1.compute.amazonaws.com
prebid-server.rubiconproject.com
1    69.173.158.65 (Ashburn, United States)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
1    184.25.221.62 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a184-25-221-62.deploy.static.akamaitechnologies.com
a.teads.tv
1    35.213.111.127 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 127.111.213.35.bc.googleusercontent.com
grid.bidswitch.net
1    34.107.148.139 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 139.148.107.34.bc.googleusercontent.com
prebid.media.net
1    52.74.101.6 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-74-101-6.ap-southeast-1.compute.amazonaws.com
tlx.3lift.com
2    74.125.130.156 (United States)

ASN15169 (GOOGLE, US)
PTR: sb-in-f156.1e100.net
partner.googleadservices.com
6    142.251.12.155 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f155.1e100.net
adservice.google.com.au
2    13.33.33.38 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-33-38.sin2.r.cloudfront.net
adx.holmesmind.com
1    13.33.33.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-33-43.sin2.r.cloudfront.net
rules.quantcount.com
2    172.217.194.95 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f95.1e100.net
fonts.googleapis.com
2    104.211.156.162 (Mumbai, India)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
aplogger.adpushup.com
1    13.33.33.86 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-33-86.sin2.r.cloudfront.net
pxl.qccerttest.com
2    142.251.12.94 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f94.1e100.net
fonts.gstatic.com
12    74.125.24.105 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f105.1e100.net
www.google.com
16    184.25.248.23 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a184-25-248-23.deploy.static.akamaitechnologies.com
hblg.media.net
warp.media.net
lg3.media.net
cs.media.net
2    42.99.140.216 (Japan)

ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK)
PTR: ip-42-99-140-216.pacnet.net
qsearch-a.akamaihd.net
18    184.25.220.23 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a184-25-220-23.deploy.static.akamaitechnologies.com
contextual.media.net
6    142.251.10.156 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f156.1e100.net
www.googletagservices.com
2    182.161.73.129 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
static.criteo.net
1    202.232.238.37 (Minato-ku, Japan)

ASN2497 (IIJ Internet Initiative Japan Inc., JP)
sync.fout.jp
64    172.253.118.154 (United States)

ASN15169 (GOOGLE, US)
PTR: sl-in-f154.1e100.net
cm.g.doubleclick.net
1    34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com
tr.blismedia.com
8    185.84.60.29 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
1    150.95.47.241 (Japan)

ASN7506 (INTERQ GMO Internet,Inc, JP)
PTR: v150-95-47-241.a00c.g.jpt1.static.cnode.io
sync.dsp.reemo-ad.jp
11    35.71.178.8 (United States)

ASN16509 (AMAZON-02, US)
PTR: ade9ecc7904667038.awsglobalaccelerator.com
eb2.3lift.com
1    18.179.72.109 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-179-72-109.ap-northeast-1.compute.amazonaws.com
google.dap.fw-ad.jp
2    20.127.253.7 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
sync.inmobi.com
2    162.19.138.82 (France)

ASN16276 (OVH, FR)
PTR: ns31532337.ip-162-19-138.eu
id5-sync.com
14    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
7    103.229.206.241 (Singapore)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
2    66.155.71.150 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
21    35.213.12.39 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 39.12.213.35.bc.googleusercontent.com
x.bidswitch.net
6    35.227.202.26 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 26.202.227.35.bc.googleusercontent.com
odr.mookie1.com
5    107.178.244.193 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 193.244.178.107.bc.googleusercontent.com
pixel.tapad.com
2    18.155.68.101 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-155-68-101.sin52.r.cloudfront.net
aa.agkn.com
3    13.214.106.63 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-214-106-63.ap-southeast-1.compute.amazonaws.com
match.360yield.com
ad.360yield.com
3    124.146.215.42 (Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)
tg.socdm.com
14    64.202.112.255 (Lovettsville, United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
16    184.25.249.212 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a184-25-249-212.deploy.static.akamaitechnologies.com
cdn.doubleverify.com
8    142.250.4.148 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f148.1e100.net
s0.2mdn.net
14    34.149.43.113 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 113.43.149.34.bc.googleusercontent.com
rtb0.doubleverify.com
tps.doubleverify.com
tpsc-ae1.doubleverify.com
4    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
ipac.ctnsnet.com
7    213.180.193.90 (Russian Federation)

ASN13238 (YANDEX, RU)
PTR: bs.yandex.ru
an.yandex.ru
3    74.125.130.154 (United States)

ASN15169 (GOOGLE, US)
PTR: sb-in-f154.1e100.net
googleads4.g.doubleclick.net
ade.googlesyndication.com
5    182.161.73.136 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
gum.criteo.com
1    23.44.1.2 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-44-1-2.deploy.static.akamaitechnologies.com
js-sec.indexww.com
11    23.15.148.136 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-15-148-136.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
secure-assets.rubiconproject.com
1    52.84.45.7 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-84-45-7.mrs52.r.cloudfront.net
public.servenobid.com
1    23.44.0.183 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-44-0-183.deploy.static.akamaitechnologies.com
acdn.adnxs.com
4    54.69.10.121 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-69-10-121.us-west-2.compute.amazonaws.com
adobe.demdex.net
3    50.116.239.135 (United States)

ASN6336 (TURN-US-ASN, US)
ad.turn.com
2    13.33.88.20 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-88-20.sin2.r.cloudfront.net
cr-p3.ladsp.com
3    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
2    104.18.102.194 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
p.adsymptotic.com
6    18.142.166.252 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-142-166-252.ap-southeast-1.compute.amazonaws.com
pr-bh.ybp.yahoo.com
6    52.46.130.91 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    204.79.197.200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
PTR: a-0001.a-msedge.net
c.bing.com
4    104.119.104.208 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a104-119-104-208.deploy.static.akamaitechnologies.com
stags.bluekai.com
2    198.8.71.129 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
4    23.44.0.196 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-44-0-196.deploy.static.akamaitechnologies.com
ads.pubmatic.com
13    74.118.186.45 (Serangoon, Singapore)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
3    13.213.209.254 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-213-209-254.ap-southeast-1.compute.amazonaws.com
pm.w55c.net
3    182.161.73.146 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
dis.criteo.com
2    35.156.36.186 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-36-186.eu-central-1.compute.amazonaws.com
rtb.mfadsrvr.com
2    50.16.238.86 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-16-238-86.compute-1.amazonaws.com
cs.emxdgt.com
1    104.19.158.19 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
assets.a-mo.net
1    104.21.41.253 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
id.a-mx.com
6    52.74.162.2 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-74-162-2.ap-southeast-1.compute.amazonaws.com
ups.analytics.yahoo.com
14    69.173.158.64 (Singapore, Singapore)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
token.rubiconproject.com
3    37.157.5.142 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
7    3.92.9.222 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-92-9-222.compute-1.amazonaws.com
ssp.disqus.com
1    23.106.127.165 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
ssbsync-global.smartadserver.com
8    103.231.98.197 (Japan)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
8    67.199.150.85 (Los Angeles, United States)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
simage4.pubmatic.com
6    104.18.18.126 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
ssum.casalemedia.com
ssum-sec.casalemedia.com
4    209.191.163.209 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
1    52.209.60.98 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-209-60-98.eu-west-1.compute.amazonaws.com
c.deployads.com
1    67.199.150.77 (Los Angeles, United States)

ASN62713 (AS-PUBMATIC, US)
ow.pubmatic.com
1    46.137.211.219 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-46-137-211-219.ap-southeast-1.compute.amazonaws.com
pb-server.ezoic.com
1    143.198.114.225 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
pb.vuukle.com
1    3.224.71.39 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-224-71-39.compute-1.amazonaws.com
pbs.nextmillmedia.com
4    67.199.150.81 (Los Angeles, United States)

ASN3257 (GTT-BACKBONE GTT, US)
image6.pubmatic.com
3    52.95.126.160 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
2    54.168.48.215 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-168-48-215.ap-northeast-1.compute.amazonaws.com
g2.gumgum.com
rtb.gumgum.com
4    23.106.127.52 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
ssbsync.smartadserver.com
rtb-csync.smartadserver.com
3    23.20.206.0 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-20-206-0.compute-1.amazonaws.com
x.yieldlift.com
14    34.251.200.30 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-251-200-30.eu-west-1.compute.amazonaws.com
ads.servenobid.com
2    209.191.163.210 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ce.lijit.com
19    13.112.54.241 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
usersync.gumgum.com
3    72.34.250.75 (Los Angeles, United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
1    18.142.38.64 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-142-38-64.ap-southeast-1.compute.amazonaws.com
d.adroll.com
2    23.106.69.72 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
gu.dyntrk.com
1    104.18.12.76 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
cdn.indexww.com
4    209.197.3.19 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: vip0x013.map2.ssl.hwcdn.net
servedby.flashtalking.com
12    67.199.150.86 (Los Angeles, United States)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
4    151.101.130.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    18.138.18.111 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-138-18-111.ap-southeast-1.compute.amazonaws.com
cm.ambientdsp.com
1    103.3.63.48 (Singapore, Singapore)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li819-48.members.linode.com
gocm.c.appier.net
6    103.231.98.194 (Japan)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
1    202.131.200.84 (Japan)

ASN17941 (BIT-ISLE Equinix Japan Enterprise K.K., JP)
sync-dsp.ad-m.asia
1    18.176.32.10 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-176-32-10.ap-northeast-1.compute.amazonaws.com
dps.jp.cinarra.com
6    35.213.93.179 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 179.93.213.35.bc.googleusercontent.com
a.sportradarserving.com
2    52.74.118.249 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-74-118-249.ap-southeast-1.compute.amazonaws.com
cm.adgrx.com
2    151.101.193.44 (United States)

ASN54113 (FASTLY, US)
trc.taboola.com
match.taboola.com
2    104.18.35.11 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    195.5.165.20 (Slovenia)

ASN44968 (IPROM-AS, SI)
core.iprom.net
2    104.19.172.108 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
csync.loopme.me
2    169.197.150.8 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com
match.deepintent.com
3    35.190.60.146 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com
idsync.rlcdn.com
2    107.178.254.65 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 65.254.178.107.bc.googleusercontent.com
pippio.com
1    34.98.67.3 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 3.67.98.34.bc.googleusercontent.com
tags.rd.linksynergy.com
2    35.247.47.28 (The Dalles, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 28.47.247.35.bc.googleusercontent.com
um.simpli.fi
1    34.102.253.54 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 54.253.102.34.bc.googleusercontent.com
ads.playground.xyz
3    104.254.150.228 (Los Angeles, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 907.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
secure.adnxs.com
2    89.207.22.140 (Singapore, Singapore)

ASN41041 (VCLK-EU-SE, US)
PTR: sin03-login-ds.dotomi.com
pubmatic-match.dotomi.com
2    18.176.21.36 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-176-21-36.ap-northeast-1.compute.amazonaws.com
match.prod.bidr.io
1    54.186.254.183 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-186-254-183.us-west-2.compute.amazonaws.com
dpm.demdex.net
1    80.77.87.163 (Clifton, United States)

ASN46636 (NATCOWEB, US)
cs.admanmedia.com
1    52.220.40.119 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-220-40-119.ap-southeast-1.compute.amazonaws.com
match.sharethrough.com
34    205.185.216.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map2.hwcdn.net
cdn.flashtalking.com
3    38.133.127.159 (United States)

ASN22075 (AS-OUTBRAIN, US)
sync.outbrain.com
1    54.243.184.83 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-243-184-83.compute-1.amazonaws.com
sync.srv.stackadapt.com
1    52.87.71.254 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-87-71-254.compute-1.amazonaws.com
sync.ipredictive.com
1    150.136.26.45 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
sync.technoratimedia.com
2    18.180.216.240 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-180-216-240.ap-northeast-1.compute.amazonaws.com
pool.admedo.com
1    74.214.196.131 (Sunnyvale, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
2    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
1    69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
6    18.136.78.69 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-136-78-69.ap-southeast-1.compute.amazonaws.com
d9.flashtalking.com
4    184.25.220.49 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a184-25-220-49.deploy.static.akamaitechnologies.com
secure.flashtalking.com
1    172.217.194.94 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f94.1e100.net
www.gstatic.com
1    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
1    54.95.110.129 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-95-110-129.ap-northeast-1.compute.amazonaws.com
cc.adingo.jp
2    119.9.108.191 (Hong Kong)

ASN45187 (RACKSPACE-AP Rackspace IT Hosting AS IT Hosting Provider Hong Kong, HK)
uipglob.semasio.net
2    52.76.92.197 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-76-92-197.ap-southeast-1.compute.amazonaws.com
sync.crwdcntrl.net
8    142.251.12.148 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f148.1e100.net
ad.doubleclick.net
Apex Domain
Subdomains		 Transfer
114 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 102
4ba42ddf9525c38ddaa3d364ddd556c5.safeframe.googlesyndication.com
318a65eb6825e2da5df410395aa8245e.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 143
eae788224dba35857150c6163776964a.safeframe.googlesyndication.com
ade.googlesyndication.com — Cisco Umbrella Rank: 273
1 MB
101 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 180
googleads.g.doubleclick.net — Cisco Umbrella Rank: 42
cm.g.doubleclick.net — Cisco Umbrella Rank: 212
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 299
ad.doubleclick.net — Cisco Umbrella Rank: 163
642 KB
48 flashtalking.com
servedby.flashtalking.com — Cisco Umbrella Rank: 827
cdn.flashtalking.com — Cisco Umbrella Rank: 1114
d9.flashtalking.com — Cisco Umbrella Rank: 1628
secure.flashtalking.com — Cisco Umbrella Rank: 2411
415 KB
43 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 457
image8.pubmatic.com — Cisco Umbrella Rank: 596
image4.pubmatic.com — Cisco Umbrella Rank: 853
ow.pubmatic.com — Cisco Umbrella Rank: 2644
image6.pubmatic.com — Cisco Umbrella Rank: 647
simage2.pubmatic.com — Cisco Umbrella Rank: 686
image2.pubmatic.com — Cisco Umbrella Rank: 904
simage4.pubmatic.com — Cisco Umbrella Rank: 1185
49 KB
35 media.net
prebid.media.net — Cisco Umbrella Rank: 1147
hblg.media.net — Cisco Umbrella Rank: 1594
contextual.media.net — Cisco Umbrella Rank: 560
warp.media.net — Cisco Umbrella Rank: 2302
lg3.media.net — Cisco Umbrella Rank: 3952
cs.media.net — Cisco Umbrella Rank: 1341
341 KB
32 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 481
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 528
ssum.casalemedia.com — Cisco Umbrella Rank: 1327
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 429
dsum.casalemedia.com — Cisco Umbrella Rank: 1323
26 KB
31 rubiconproject.com
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 957
fastlane.rubiconproject.com — Cisco Umbrella Rank: 465
eus.rubiconproject.com — Cisco Umbrella Rank: 557
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 903
pixel.rubiconproject.com — Cisco Umbrella Rank: 336
token.rubiconproject.com — Cisco Umbrella Rank: 667
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 806
54 KB
30 doubleverify.com
cdn.doubleverify.com — Cisco Umbrella Rank: 468
rtb0.doubleverify.com — Cisco Umbrella Rank: 676
tps.doubleverify.com — Cisco Umbrella Rank: 472
tpsc-ae1.doubleverify.com — Cisco Umbrella Rank: 13895
483 KB
24 google.com
adservice.google.com — Cisco Umbrella Rank: 76
www.google.com — Cisco Umbrella Rank: 2
6 KB
24 bg3.co
www.bg3.co — Cisco Umbrella Rank: 601985
static.bg3.co
419 KB
22 bidswitch.net
grid.bidswitch.net — Cisco Umbrella Rank: 930
x.bidswitch.net — Cisco Umbrella Rank: 288
10 KB
21 gumgum.com
g2.gumgum.com — Cisco Umbrella Rank: 1362
usersync.gumgum.com — Cisco Umbrella Rank: 2029
rtb.gumgum.com — Cisco Umbrella Rank: 1016
7 KB
21 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 925
assets.a-mo.net — Cisco Umbrella Rank: 3138
9 KB
19 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 229
acdn.adnxs.com — Cisco Umbrella Rank: 593
secure.adnxs.com — Cisco Umbrella Rank: 428
45 KB
15 servenobid.com
ads.servenobid.com — Cisco Umbrella Rank: 1671 Failed
public.servenobid.com — Cisco Umbrella Rank: 3450
9 KB
15 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 382
341 KB
14 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 532
8 KB
14 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 344
7 KB
13 openx.net
adpushup-d.openx.net — Cisco Umbrella Rank: 13577
u.openx.net — Cisco Umbrella Rank: 641
us-u.openx.net — Cisco Umbrella Rank: 394
jp-u.openx.net — Cisco Umbrella Rank: 10620
rtb.openx.net — Cisco Umbrella Rank: 1470
3 KB
13 adpushup.com
cdn.adpushup.com — Cisco Umbrella Rank: 14921
e3.adpushup.com — Cisco Umbrella Rank: 16219
aplogger.adpushup.com — Cisco Umbrella Rank: 15729
217 KB
12 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 439
ups.analytics.yahoo.com — Cisco Umbrella Rank: 282
5 KB
12 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 543
eb2.3lift.com — Cisco Umbrella Rank: 376
5 KB
11 adform.net
c1.adform.net — Cisco Umbrella Rank: 614
cm.adform.net — Cisco Umbrella Rank: 1501
5 KB
9 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 530
5 KB
9 amazon-adsystem.com
s.amazon-adsystem.com — Cisco Umbrella Rank: 287
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1216
6 KB
9 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 728
gum.criteo.com — Cisco Umbrella Rank: 402
dis.criteo.com — Cisco Umbrella Rank: 665
9 KB
8 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 268
311 KB
7 disqus.com
ssp.disqus.com — Cisco Umbrella Rank: 1702
3 KB
7 yandex.ru
an.yandex.ru — Cisco Umbrella Rank: 2395
1 KB
7 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 441
4 KB
7 google.com.au
adservice.google.com.au — Cisco Umbrella Rank: 103730
2 KB
7 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 922
pixel.quantserve.com — Cisco Umbrella Rank: 417
cms.quantserve.com — Cisco Umbrella Rank: 979
12 KB
6 sportradarserving.com
a.sportradarserving.com — Cisco Umbrella Rank: 2183
3 KB
6 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 598
ce.lijit.com — Cisco Umbrella Rank: 918
4 KB
6 mookie1.com
odr.mookie1.com — Cisco Umbrella Rank: 924
866 B
6 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 191
262 KB
6 aralego.com
ads.aralego.com — Cisco Umbrella Rank: 32100
sync.aralego.com — Cisco Umbrella Rank: 2902
4 KB
5 smartadserver.com
ssbsync-global.smartadserver.com — Cisco Umbrella Rank: 1741
ssbsync.smartadserver.com — Cisco Umbrella Rank: 832
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 626
2 KB
5 demdex.net
adobe.demdex.net — Cisco Umbrella Rank: 3818
dpm.demdex.net — Cisco Umbrella Rank: 211
4 KB
5 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 430
774 B
4 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 537
358 B
4 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1165
2 KB
4 bluekai.com
stags.bluekai.com — Cisco Umbrella Rank: 480
3 KB
4 ctnsnet.com
ipac.ctnsnet.com — Cisco Umbrella Rank: 23644
720 B
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 28
565 B
4 aralego.net
cdn.aralego.net — Cisco Umbrella Rank: 9124
45 KB
3 outbrain.com
sync.outbrain.com — Cisco Umbrella Rank: 810
1 KB
3 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 329
570 B
3 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 980
2 KB
3 yieldlift.com
x.yieldlift.com — Cisco Umbrella Rank: 3498
742 B
3 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 727
2 KB
3 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 365
1 KB
3 turn.com
ad.turn.com — Cisco Umbrella Rank: 746
1 KB
3 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1195
3 KB
3 360yield.com
match.360yield.com — Cisco Umbrella Rank: 3547
ad.360yield.com — Cisco Umbrella Rank: 671
986 B
3 gstatic.com
fonts.gstatic.com
www.gstatic.com
74 KB
3 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 749
2 KB
2 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 708
856 B
2 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 1041
1 KB
2 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 648
700 B
2 admedo.com
pool.admedo.com — Cisco Umbrella Rank: 4515
1 KB
2 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 479
1 KB
2 dotomi.com
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 3077
743 B
2 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 815
1 KB
2 pippio.com
pippio.com — Cisco Umbrella Rank: 723
718 B
2 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 863
60 B
2 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 909
32 B
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 805
s.tribalfusion.com — Cisco Umbrella Rank: 2173
1 KB
2 taboola.com
trc.taboola.com — Cisco Umbrella Rank: 690
match.taboola.com — Cisco Umbrella Rank: 2703
562 B
2 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1400
1 KB
2 dyntrk.com
gu.dyntrk.com — Cisco Umbrella Rank: 1344
1 KB
2 emxdgt.com
cs.emxdgt.com — Cisco Umbrella Rank: 981
133 B
2 mfadsrvr.com
rtb.mfadsrvr.com — Cisco Umbrella Rank: 898
1 KB
2 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 713
1 KB
2 adsymptotic.com
p.adsymptotic.com — Cisco Umbrella Rank: 488
476 B
2 ladsp.com
cr-p3.ladsp.com — Cisco Umbrella Rank: 25058
1 KB
2 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 604
cdn.indexww.com — Cisco Umbrella Rank: 1368
2 KB
2 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 455
1 KB
2 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 573
978 B
2 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 456
3 KB
2 inmobi.com
sync.inmobi.com — Cisco Umbrella Rank: 2059
1 KB
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 636
57 KB
2 akamaihd.net
qsearch-a.akamaihd.net — Cisco Umbrella Rank: 1603
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 41
2 KB
2 holmesmind.com
adx.holmesmind.com — Cisco Umbrella Rank: 359293
2 KB
2 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 862
1008 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 64
75 KB
2 jquery.com
code.jquery.com — Cisco Umbrella Rank: 663
60 KB
2 adrecover.com
delivery.adrecover.com — Cisco Umbrella Rank: 15435
11 KB
1 adingo.jp
cc.adingo.jp — Cisco Umbrella Rank: 3202
421 B
1 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 517
664 B
1 technoratimedia.com
sync.technoratimedia.com — Cisco Umbrella Rank: 1181
293 B
1 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 886
465 B
1 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 689
581 B
1 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 538
280 B
1 admanmedia.com
cs.admanmedia.com — Cisco Umbrella Rank: 1299
686 B
1 playground.xyz
ads.playground.xyz — Cisco Umbrella Rank: 3648
462 B
1 linksynergy.com
tags.rd.linksynergy.com — Cisco Umbrella Rank: 4438
390 B
1 iprom.net
core.iprom.net — Cisco Umbrella Rank: 5768
277 B
1 cinarra.com
dps.jp.cinarra.com — Cisco Umbrella Rank: 19845
220 B
1 ad-m.asia
sync-dsp.ad-m.asia — Cisco Umbrella Rank: 2735
243 B
1 appier.net
gocm.c.appier.net — Cisco Umbrella Rank: 2208
395 B
1 ambientdsp.com
cm.ambientdsp.com — Cisco Umbrella Rank: 26232
650 B
1 adroll.com
d.adroll.com — Cisco Umbrella Rank: 1483
181 B
1 nextmillmedia.com
pbs.nextmillmedia.com — Cisco Umbrella Rank: 4346
455 B
1 vuukle.com
pb.vuukle.com — Cisco Umbrella Rank: 7535
471 B
1 ezoic.com
pb-server.ezoic.com — Cisco Umbrella Rank: 5580
454 B
1 deployads.com
c.deployads.com — Cisco Umbrella Rank: 3527
297 B
1 a-mx.com
id.a-mx.com — Cisco Umbrella Rank: 3280
508 B
1 bing.com
c.bing.com — Cisco Umbrella Rank: 224
668 B
1 fw-ad.jp
google.dap.fw-ad.jp — Cisco Umbrella Rank: 117608
568 B
1 reemo-ad.jp
sync.dsp.reemo-ad.jp — Cisco Umbrella Rank: 112069
403 B
1 blismedia.com
tr.blismedia.com — Cisco Umbrella Rank: 2295
174 B
1 fout.jp
sync.fout.jp — Cisco Umbrella Rank: 58082
716 B
1 qccerttest.com
pxl.qccerttest.com — Cisco Umbrella Rank: 993
548 B
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 861
681 B
1 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1254
360 B
1 omnitagjs.com
hb-api.omnitagjs.com — Cisco Umbrella Rank: 4130
517 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 389
2 KB
1 ampproject.net
d-22584574612209393543.ampproject.net
0 atdmt.com Failed
ad.atdmt.com Failed
637 121
Domain Requested by
64 cm.g.doubleclick.net 25 redirects googleads.g.doubleclick.net
www.bg3.co
eae788224dba35857150c6163776964a.safeframe.googlesyndication.com
u.openx.net
eb2.3lift.com
g2.gumgum.com
62 pagead2.googlesyndication.com cdn.ampproject.org
ads.aralego.com
pagead2.googlesyndication.com
www.bg3.co
securepubads.g.doubleclick.net
adx.holmesmind.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
eae788224dba35857150c6163776964a.safeframe.googlesyndication.com
www.googletagservices.com
45 tpc.googlesyndication.com 1 redirects securepubads.g.doubleclick.net
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.bg3.co
eae788224dba35857150c6163776964a.safeframe.googlesyndication.com
pagead2.googlesyndication.com
34 cdn.flashtalking.com servedby.flashtalking.com
cdn.flashtalking.com
eae788224dba35857150c6163776964a.safeframe.googlesyndication.com
www.bg3.co
23 dsum-sec.casalemedia.com 9 redirects googleads.g.doubleclick.net
ssum-sec.casalemedia.com
23 static.bg3.co www.bg3.co
21 x.bidswitch.net 19 redirects prebid.a-mo.net
20 prebid.a-mo.net 7 redirects cdn.adpushup.com
prebid.a-mo.net
ads.pubmatic.com
19 usersync.gumgum.com 1 redirects public.servenobid.com
g2.gumgum.com
eus.rubiconproject.com
ads.pubmatic.com
18 contextual.media.net googleads.g.doubleclick.net
contextual.media.net
cdn.adpushup.com
ads.pubmatic.com
eus.rubiconproject.com
17 googleads.g.doubleclick.net 2 redirects cdn.ampproject.org
googleads.g.doubleclick.net
pagead2.googlesyndication.com
www.bg3.co
eae788224dba35857150c6163776964a.safeframe.googlesyndication.com
16 cdn.doubleverify.com 4 redirects eae788224dba35857150c6163776964a.safeframe.googlesyndication.com
cdn.doubleverify.com
cdn.flashtalking.com
www.bg3.co
15 ib.adnxs.com 8 redirects cdn.adpushup.com
googleads.g.doubleclick.net
prebid.a-mo.net
acdn.adnxs.com
15 cdn.ampproject.org www.bg3.co
cdn.ampproject.org
googleads.g.doubleclick.net
14 b1sync.zemanta.com 13 redirects www.bg3.co
14 match.adsrvr.org 13 redirects cdn.adpushup.com
14 ads.servenobid.com cdn.adpushup.com
public.servenobid.com
ssum-sec.casalemedia.com
ssbsync.smartadserver.com
g2.gumgum.com
eus.rubiconproject.com
12 simage2.pubmatic.com 4 redirects ads.pubmatic.com
12 www.google.com 1 redirects tpc.googlesyndication.com
googleads.g.doubleclick.net
eae788224dba35857150c6163776964a.safeframe.googlesyndication.com
12 adservice.google.com cdn.ampproject.org
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
www.bg3.co
11 eb2.3lift.com 4 redirects cdn.adpushup.com
eb2.3lift.com
10 pixel.rubiconproject.com 7 redirects www.bg3.co
10 securepubads.g.doubleclick.net cdn.adpushup.com
cdn.aralego.net
securepubads.g.doubleclick.net
9 sync.1rx.io 9 redirects
8 ad.doubleclick.net 8 redirects
8 tpsc-ae1.doubleverify.com eae788224dba35857150c6163776964a.safeframe.googlesyndication.com
cdn.doubleverify.com
8 image8.pubmatic.com 5 redirects ads.pubmatic.com
8 eus.rubiconproject.com cdn.adpushup.com
contextual.media.net
eus.rubiconproject.com
public.servenobid.com
g2.gumgum.com
8 s0.2mdn.net www.bg3.co
s0.2mdn.net
eae788224dba35857150c6163776964a.safeframe.googlesyndication.com
8 c1.adform.net 7 redirects ads.pubmatic.com
7 ssp.disqus.com 7 redirects
7 an.yandex.ru 4 redirects www.bg3.co
eae788224dba35857150c6163776964a.safeframe.googlesyndication.com
7 sync.mathtag.com 7 redirects
7 adservice.google.com.au pagead2.googlesyndication.com
securepubads.g.doubleclick.net
6 d9.flashtalking.com cdn.flashtalking.com
d9.flashtalking.com
eae788224dba35857150c6163776964a.safeframe.googlesyndication.com
6 a.sportradarserving.com 6 redirects
6 image2.pubmatic.com 2 redirects ads.pubmatic.com
6 image4.pubmatic.com 4 redirects ads.pubmatic.com
6 ups.analytics.yahoo.com 6 redirects
6 s.amazon-adsystem.com 3 redirects eb2.3lift.com
www.bg3.co
ssum-sec.casalemedia.com
6 pr-bh.ybp.yahoo.com 3 redirects ssum-sec.casalemedia.com
ads.pubmatic.com
6 odr.mookie1.com 6 redirects
6 www.googletagservices.com googleads.g.doubleclick.net
eae788224dba35857150c6163776964a.safeframe.googlesyndication.com
6 e3.adpushup.com www.bg3.co
5 ssum-sec.casalemedia.com 1 redirects js-sec.indexww.com
public.servenobid.com
ssum-sec.casalemedia.com
g2.gumgum.com
5 us-u.openx.net 2 redirects u.openx.net
5 gum.criteo.com cdn.adpushup.com
contextual.media.net
static.criteo.net
gum.criteo.com
5 pixel.tapad.com 4 redirects public.servenobid.com
5 lg3.media.net googleads.g.doubleclick.net
www.bg3.co
5 hblg.media.net www.bg3.co
googleads.g.doubleclick.net
5 cdn.adpushup.com www.bg3.co
cdn.adpushup.com
4 tps.doubleverify.com cdn.doubleverify.com
4 secure.flashtalking.com eae788224dba35857150c6163776964a.safeframe.googlesyndication.com
cdn.flashtalking.com
4 sync-tm.everesttech.net ads.pubmatic.com
ssum-sec.casalemedia.com
ssbsync.smartadserver.com
g2.gumgum.com
4 servedby.flashtalking.com eae788224dba35857150c6163776964a.safeframe.googlesyndication.com
4 token.rubiconproject.com 4 redirects
4 image6.pubmatic.com 1 redirects ads.pubmatic.com
4 ap.lijit.com 4 redirects
4 sync.targeting.unrulymedia.com 2 redirects ads.pubmatic.com
g2.gumgum.com
4 ads.pubmatic.com contextual.media.net
public.servenobid.com
ads.pubmatic.com
g2.gumgum.com
4 stags.bluekai.com 4 redirects
4 adobe.demdex.net 2 redirects eae788224dba35857150c6163776964a.safeframe.googlesyndication.com
4 ipac.ctnsnet.com 4 redirects
4 cms.quantserve.com 1 redirects googleads.g.doubleclick.net
eae788224dba35857150c6163776964a.safeframe.googlesyndication.com
4 cs.media.net contextual.media.net
4 eae788224dba35857150c6163776964a.safeframe.googlesyndication.com securepubads.g.doubleclick.net
4 prebid-server.rubiconproject.com cdn.adpushup.com
prebid.a-mo.net
4 adpushup-d.openx.net cdn.adpushup.com
4 www.google-analytics.com www.bg3.co
www.googletagmanager.com
4 cdn.aralego.net www.bg3.co
ads.aralego.com
3 sync.outbrain.com 3 redirects
3 secure.adnxs.com 3 redirects
3 idsync.rlcdn.com 2 redirects ads.pubmatic.com
3 sync.go.sonobi.com 3 redirects
3 x.yieldlift.com 1 redirects public.servenobid.com
ads.pubmatic.com
3 aax-eu.amazon-adsystem.com 2 redirects www.bg3.co
3 cm.adform.net 3 redirects
3 dis.criteo.com 1 redirects contextual.media.net
ads.pubmatic.com
3 pm.w55c.net 3 redirects
3 secure-assets.rubiconproject.com 3 redirects
3 px.ads.linkedin.com 2 redirects www.bg3.co
3 ad.turn.com 3 redirects
3 tg.socdm.com 3 redirects
3 onetag-sys.com cdn.adpushup.com
public.servenobid.com
3 sync.aralego.com ads.aralego.com
www.bg3.co
3 ads.aralego.com 1 redirects ads.aralego.com
2 sync.crwdcntrl.net 1 redirects public.servenobid.com
2 uipglob.semasio.net 1 redirects public.servenobid.com
2 simage4.pubmatic.com ads.pubmatic.com
2 creativecdn.com 2 redirects
2 pool.admedo.com 2 redirects
2 rtb-csync.smartadserver.com 1 redirects ssbsync.smartadserver.com
2 match.prod.bidr.io 2 redirects
2 pubmatic-match.dotomi.com 2 redirects
2 um.simpli.fi 2 redirects
2 pippio.com 2 redirects
2 match.deepintent.com ads.pubmatic.com
g2.gumgum.com
2 csync.loopme.me ads.pubmatic.com
ssbsync.smartadserver.com
2 cm.adgrx.com 2 redirects
2 gu.dyntrk.com 2 redirects
2 ce.lijit.com 2 redirects
2 ssbsync.smartadserver.com 1 redirects public.servenobid.com
2 cs.emxdgt.com contextual.media.net
g2.gumgum.com
2 rtb.mfadsrvr.com 2 redirects
2 p.rfihub.com 2 redirects
2 p.adsymptotic.com 1 redirects eb2.3lift.com
2 cr-p3.ladsp.com 2 redirects
2 jp-u.openx.net u.openx.net
2 googleads4.g.doubleclick.net www.bg3.co
2 rtb0.doubleverify.com cdn.doubleverify.com
2 match.360yield.com 2 redirects
2 aa.agkn.com 2 redirects
2 pixel-sync.sitescout.com 2 redirects
2 id5-sync.com 2 redirects
2 sync.inmobi.com 2 redirects
2 static.criteo.net cdn.adpushup.com
static.criteo.net
2 warp.media.net googleads.g.doubleclick.net
2 qsearch-a.akamaihd.net www.bg3.co
2 fonts.gstatic.com fonts.googleapis.com
2 pixel.quantserve.com 1 redirects www.bg3.co
2 aplogger.adpushup.com cdn.adpushup.com
2 fonts.googleapis.com googleads.g.doubleclick.net
2 adx.holmesmind.com pagead2.googlesyndication.com
2 partner.googleadservices.com pagead2.googlesyndication.com
2 htlb.casalemedia.com cdn.adpushup.com
2 www.googletagmanager.com cdn.ampproject.org
cdn.adpushup.com
2 code.jquery.com delivery.adrecover.com
cdn.adpushup.com
2 delivery.adrecover.com www.bg3.co
1 ade.googlesyndication.com www.bg3.co
1 cc.adingo.jp 1 redirects
1 rtb.openx.net 1 redirects
1 www.gstatic.com googleads.g.doubleclick.net
1 pixel-us-east.rubiconproject.com 1 redirects
1 bh.contextweb.com 1 redirects
1 ad.360yield.com 1 redirects
1 sync.technoratimedia.com g2.gumgum.com
1 sync.ipredictive.com 1 redirects
1 sync.srv.stackadapt.com 1 redirects
1 match.sharethrough.com ssbsync.smartadserver.com
1 cs.admanmedia.com 1 redirects
1 dsum.casalemedia.com ssum-sec.casalemedia.com
1 dpm.demdex.net ssum-sec.casalemedia.com
1 rtb.gumgum.com ads.pubmatic.com
1 ads.playground.xyz 1 redirects
1 tags.rd.linksynergy.com 1 redirects
1 core.iprom.net ads.pubmatic.com
1 s.tribalfusion.com ads.pubmatic.com
1 a.tribalfusion.com 1 redirects
1 match.taboola.com ads.pubmatic.com
1 trc.taboola.com 1 redirects
1 dps.jp.cinarra.com ads.pubmatic.com
1 sync-dsp.ad-m.asia ads.pubmatic.com
1 gocm.c.appier.net 1 redirects
1 cm.ambientdsp.com 1 redirects
1 cdn.indexww.com ssum-sec.casalemedia.com
1 d.adroll.com ssum-sec.casalemedia.com
1 g2.gumgum.com public.servenobid.com
1 pbs.nextmillmedia.com prebid.a-mo.net
1 pb.vuukle.com prebid.a-mo.net
1 pb-server.ezoic.com prebid.a-mo.net
1 ow.pubmatic.com prebid.a-mo.net
1 c.deployads.com prebid.a-mo.net
1 ssum.casalemedia.com 1 redirects
1 ssbsync-global.smartadserver.com 1 redirects
1 id.a-mx.com prebid.a-mo.net
1 assets.a-mo.net prebid.a-mo.net
1 c.bing.com eb2.3lift.com
1 acdn.adnxs.com cdn.adpushup.com
1 public.servenobid.com cdn.adpushup.com
1 u.openx.net cdn.adpushup.com
1 js-sec.indexww.com cdn.adpushup.com
1 google.dap.fw-ad.jp 1 redirects
1 sync.dsp.reemo-ad.jp 1 redirects
1 tr.blismedia.com googleads.g.doubleclick.net
1 sync.fout.jp 1 redirects
1 pxl.qccerttest.com www.bg3.co
1 rules.quantcount.com secure.quantserve.com
1 318a65eb6825e2da5df410395aa8245e.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 4ba42ddf9525c38ddaa3d364ddd556c5.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 tlx.3lift.com cdn.adpushup.com
1 prebid.media.net cdn.adpushup.com
1 grid.bidswitch.net cdn.adpushup.com
1 a.teads.tv cdn.adpushup.com
1 fastlane.rubiconproject.com cdn.adpushup.com
1 hb-api.omnitagjs.com cdn.adpushup.com
1 bidder.criteo.com cdn.adpushup.com
1 cdn.jsdelivr.net cdn.adpushup.com
1 secure.quantserve.com cdn.adpushup.com
1 d-22584574612209393543.ampproject.net cdn.ampproject.org
1 www.bg3.co
0 ad.atdmt.com Failed eae788224dba35857150c6163776964a.safeframe.googlesyndication.com
637 191

This site contains no links.

Subject Issuer Validity Valid
*.bg3.co
AlphaSSL CA - SHA256 - G2		 2022-05-20 -
2023-06-21		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
cdn.adpushup.com
R3		 2022-09-07 -
2022-12-06		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2022-08-03 -
2023-07-14		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-04-16 -
2023-04-16		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.aralego.com
Sectigo RSA Domain Validation Secure Server CA		 2021-10-21 -
2022-11-20		 a year crt.sh
*.adpushup.com
Sectigo ECC Domain Validation Secure Server CA		 2022-08-02 -
2023-09-02		 a year crt.sh
*.google.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-09 -
2023-09-09		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-10 -
2023-01-03		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-08-27 -
2022-11-22		 3 months crt.sh
*.omnitagjs.com
Amazon		 2022-05-17 -
2023-06-15		 a year crt.sh
*.a-mo.net
R3		 2022-09-05 -
2022-12-04		 3 months crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
teads.tv
R3		 2022-08-17 -
2022-11-15		 3 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-05 -
2023-05-04		 a year crt.sh
*.media.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-06 -
2023-05-04		 a year crt.sh
*.3lift.com
Amazon		 2022-05-13 -
2023-06-11		 a year crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.google.com.au
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.holmesmind.com
Go Daddy Secure Certificate Authority - G2		 2022-05-19 -
2023-06-20		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
qccerttest.com
Amazon		 2022-04-04 -
2023-05-03		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
a248.e.akamai.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-28 -
2023-06-30		 a year crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-09-01 -
2022-11-30		 3 months crt.sh
tr.blismedia.com
GTS CA 1D4		 2022-08-18 -
2022-11-16		 3 months crt.sh
*.doubleverify.com
DigiCert SHA2 Secure Server CA		 2021-12-23 -
2022-12-23		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-12-12 -
2022-12-13		 a year crt.sh
*.servenobid.com
Amazon		 2022-02-06 -
2023-03-07		 a year crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2021-12-10 -
2022-12-09		 a year crt.sh
www.bing.com
Microsoft RSA TLS CA 02		 2022-09-03 -
2023-03-03		 6 months crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2022-02-04 -
2023-02-03		 a year crt.sh
*.emxdgt.com
Amazon		 2022-06-03 -
2023-07-02		 a year crt.sh
*.deployads.com
Amazon		 2022-05-05 -
2023-06-03		 a year crt.sh
*.ezoic.com
Sectigo RSA Domain Validation Secure Server CA		 2022-05-11 -
2023-05-18		 a year crt.sh
pb.vuukle.com
R3		 2022-09-28 -
2022-12-27		 3 months crt.sh
pbs.nextmillmedia.com
Amazon		 2022-07-13 -
2023-08-11		 a year crt.sh
*.gumgum.com
Amazon		 2022-05-06 -
2023-06-04		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-25 -
2023-01-25		 a year crt.sh
s.amazon-adsystem.com
Amazon		 2022-05-09 -
2023-04-21		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-06-14 -
2022-12-07		 6 months crt.sh
*.adroll.com
Amazon		 2021-12-18 -
2023-01-15		 a year crt.sh
servedby.flashtalking.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-01-27 -
2023-02-24		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-20 -
2023-09-20		 a year crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2022 Q1		 2022-02-03 -
2023-03-07		 a year crt.sh
sync-dsp.ad-m.asia
GlobalSign GCC R3 DV TLS CA 2020		 2022-07-21 -
2023-08-22		 a year crt.sh
*.jp.cinarra.com
Sectigo RSA Domain Validation Secure Server CA		 2022-05-14 -
2023-06-13		 a year crt.sh
*.targeting.unrulymedia.com
Sectigo RSA Domain Validation Secure Server CA		 2022-05-09 -
2023-05-09		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-28 -
2022-12-29		 a year crt.sh
*.iprom.net
R3		 2022-09-13 -
2022-12-12		 3 months crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2022-05-02 -
2023-06-03		 a year crt.sh
*.demdex.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-26 -
2023-10-27		 a year crt.sh
ads.servenobid.com
Amazon		 2022-05-29 -
2023-06-27		 a year crt.sh
cdn.flashtalking.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-01-27 -
2023-02-25		 a year crt.sh
*.technoratimedia.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-09-15 -
2023-09-15		 a year crt.sh
*.ad-server.k8s.jp.ggops.com
Amazon		 2022-02-15 -
2023-03-16		 a year crt.sh
tag.device9.com
Go Daddy Secure Certificate Authority - G2		 2022-07-25 -
2023-08-26		 a year crt.sh
*.yieldlift.com
Amazon		 2022-01-14 -
2023-02-11		 a year crt.sh

This page contains 108 frames:

Primary Page: https://www.bg3.co/a/qiang-ni-dai-pu-nan-shen-ji-lao-13sui-ke-neng-yuan-yin-pu-guang.html
Frame ID: EB65F2F88ACFF6AE572D38566FAA6183
Requests: 105 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 80EF714D46A499798A601167EC20727F
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 02828DA67C082F851494B85ACF08CAA6
Requests: 9 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: 99AD7BFBA0D64C61F65DB36945EE976F
Requests: 9 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: 9CCB787E50D47055E68C6D94D6B6A023
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-33512474804079522423&dff=sans-serif&prev_fmts=1600x96%2C1600x250&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=3&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=3179&oid=2&is_amp=5&amp_v=2209142312000&d_imp=1&c=1001285&ga_cid=amp-lfEJphMrir-y-H01hMFB_A&ga_hid=1285&dt=1664623786977&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fqiang-ni-dai-pu-nan-shen-ji-lao-13sui-ke-neng-yuan-yin-pu-guang.html&bdt=2640&dtd=290&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Frame ID: CB255C24FDE92796A0A56142D237865A
Requests: 14 HTTP requests in this frame

Frame: https://adx.holmesmind.com/adx-file/20220802/wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
Frame ID: 478C3459A2A49436D60CBF56378C8B54
Requests: 8 HTTP requests in this frame

Frame: https://adx.holmesmind.com/adx-file/20220802/wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
Frame ID: 71E3FD88D338078377C43D60F56CD04D
Requests: 8 HTTP requests in this frame

Frame: https://4ba42ddf9525c38ddaa3d364ddd556c5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: DD5C7674BE099E3B19A3B73BC7AFDDAD
Requests: 1 HTTP requests in this frame

Frame: https://318a65eb6825e2da5df410395aa8245e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 77FE8227D5CE0BC328B70E96DE20C38F
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 4A6EAF9DB6F0D2BC2CA5884439823C90
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 61D8E653BE08582724102475765308C9
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 0284104C495A038DA30FC01456277A07
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 096FC88860B1BB444DFE77786E227EF7
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664623789109&bpp=12&bdt=241&idt=291&shv=r20220928&mjsv=m202209260101&ptt=5&saldr=sa&correlator=3320968579404&frm=8&ife=1&pv=2&ga_vid=208553748.1664623789&ga_sid=1664623789&ga_hid=278133060&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C42531705%2C44774606&oid=2&pvsid=1158264308673769&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.4v6z4brohjt0&fsb=1&dtd=307
Frame ID: 462AC6BF198304D13C8EAC032003A2A9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664623789129&bpp=12&bdt=254&idt=302&shv=r20220928&mjsv=m202209280101&ptt=5&saldr=sa&correlator=2846240447644&frm=8&ife=1&pv=2&ga_vid=1086681421.1664623789&ga_sid=1664623789&ga_hid=1738764289&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C42531706%2C31070061%2C31069720&oid=2&pvsid=3982342905089135&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.ecsy7qwaozha&fsb=1&dtd=319
Frame ID: 98F8555F5C33575CB24ECE86E56557B1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CvtJprSQ4Y7a-J6G_vcAP9ZyFqAis1_3wZLT2qJPiC8CNtwEQASAAYKWAgICQAYIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3oAGV9ZvfA8gBCagDAaoEuQFP0OlCtlHEJOBcD7CfbSAozDBRMWuOTXcmFt5yyZQRd8--lEBGIzBBZDT_lQv4xyd_grPN0SXImrZK4xivGJU2tfwEK5A-DWJYmsXekEBjtX7vLav7CWXQPsRnjAJ_a2Bqa9PCySpgI6w8c6sCWzu4MY2iIHw970nkYdJEMCOuitIsKA2DU_O5VUALGZD_NcoJ3Dgn3RDhlwyW9x_bqTdgBZZoWDIZOefo1ZpIw_myUGYwvCwtfMnyF4AGw8Xfm8qtzZjpAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBAgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTQ0ODUyMzk0MjU5MjQ3ODcY4swZ&sigh=pbVDBE3LU94&uach_m=[UACH]&cid=CAQSKQCsnQUxnUbHNG9r811jsIlmqy98Sgv24CZQCxA_VAVKeN3hBAjPdrQbGAEgEw
Frame ID: 0E5DF8333C2F315198128A22F77B3682
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=C1AQwrSQ4Y6K2K4mfn88P0NiCwAas1_3wZLT2qJPiC8CNtwEQASAAYKWAgICQAYIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3oAGV9ZvfA8gBCagDAaoE1QFP0JcPz0E8Fl8vYqmg-oXXNEy4JKh3p1frRRfy_OeIN-AryFX1GeTF59oI9e3bBzep-HYSshc12ZiyzZshlTTnBvbh7VAIJDEMGmiJNvY-CnPZDuzyVEIUEBTQV6A_P2JHUV21nikm08CQGxXNJ3zRXYzNfdlWJa-ZG5JAS_8jNeJb8XGK8ZRSg89Q9Ha3x0GtBJJ41XgJyHdcprgZAfNuwESxmNjbGK6QwLbmg0cme9_tAHvHBkW9c9udM05i57t-4HaGRAy_gpR7nQEf-GerceKIQBSABsPF35vKrc2Y6QGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQIAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi00NDg1MjM5NDI1OTI0Nzg3GOLMGQ&sigh=Zt2ufnWC1vs&uach_m=[UACH]&cid=CAQSKQCsnQUxuzMRV9ikyzQK91Btc___MzDwHe_DtnhJtdn8d0SGnyv_0NooGAEgEw
Frame ID: F7A13F517853EDAE6B941B299B221373
Requests: 13 HTTP requests in this frame

Frame: https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: DA3877A09D7F58AE864E745D6BFAE58E
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CU3SX34C&prvid=99%2C77%2C20000%2C2033%2C262%2C241%2C3018%2C246%2C4%2C313%2C359%2C10000%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Frame ID: CEAB557794DD9E2170E927E4DEAB069E
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 41C1F6EBF4A5E277ACF60A53569E1356
Requests: 9 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CU3SX34C&prvid=99%2C77%2C20000%2C2033%2C262%2C241%2C3018%2C246%2C4%2C313%2C359%2C10000%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Frame ID: 0DCF3FBAFD351FD699F8D409452FDB0C
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 20D676AB212DB0887187404C612C3EF6
Requests: 9 HTTP requests in this frame

Frame: data://truncated
Frame ID: ED413DFC3722309CBC51ACCF28D2D69E
Requests: 4 HTTP requests in this frame

Frame: data://truncated
Frame ID: 4D0C4DB330801844222EC933A0674D8D
Requests: 4 HTTP requests in this frame

Frame: https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 3777F8D0529629CFF0D025F9F5304A5A
Requests: 24 HTTP requests in this frame

Frame: https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: EBCF123CCAAB67CE05EFE1147F0E48F2
Requests: 25 HTTP requests in this frame

Frame: https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 87CFBD18A1DC08E445F8CA281FA988A8
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARjn4NpjMAE&v=APEucNXKAPqBNWkUZDRChUhtV8oAx4reGcHfsOr0CTXak-EAAArHcso7DWh7II31ddZDVKsDkkxwV7j58lexjNlEA8weUH8lRQ
Frame ID: 1A46B5884D6625391DDF723B02C626EF
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARj_y9pjMAE&v=APEucNV_bZQLADRy9PCzx2GNNTWkABw6QV7p-kXaIsGYuQ1BBq_-2mDpeWGuHEzhk1_EngXjpCRlQ-uc91G8hJVCVmx2jdXKXQ
Frame ID: DAC2FB6728C7ADB92F184549B55A85D9
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CInSVRCfg1YYu8Do0gEwAQ&v=APEucNV8E4JBj8v3hUhccqjmZA4YUP8VQwSa3uKyEXDfk7AA2LZ6ASUnrOKqpvxqJ3RhxSE1hrScLYS83z55VUmSct0lZ01_Ng
Frame ID: 6C2DCFE84A1DE32671A34DE373B8C471
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 960CAA65048634B7263EAFED3BEC21FB
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 29E5508C51F0303A5B983A230747BE9F
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 07944BC63C10BA492104BC1FC5E0FD9E
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B1781B89F2F1D46E58667195DC8B7600
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: B744926DD0ABD75B4CD2ACD1D5288A14
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B5E3C8427135CB9321C8A79719C6C38C
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: CAEDC4308CF379A3FE771AC726EE7379
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A544CBB32A3F1C7E8F314DDA1E2D217C
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 8FF6F8261AA6228F1C89B669E4F144FE
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 6151ACF61BA39B54943F68327779DBCE
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: ADF946AEA12023586C1D0383411D2AB9
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: DDAF03D885D47289B132DD5C85F8E37B
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/4942068020373019979/index_120x600_google.html
Frame ID: 3EE44CF1836332CB49FFAAA255D1B602
Requests: 7 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 6AF6E2B9189A0A05E1960484EA292E24
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: DF52E81F3E0452D70C5B277945D2BA45
Requests: 10 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 405EC13531D32BC25D56F7DB2B686EAA
Requests: 7 HTTP requests in this frame

Frame: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Frame ID: 53123B29B7061A542ED77B7E895308E4
Requests: 20 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: A48340D5DB8C65B8E28BB8517DEF68E8
Requests: 13 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1664623788228
Frame ID: 5C3BD23CB038839B909E59235376C1E6
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Frame ID: 5E0550F7B0F4C039BDE9BC20A868B192
Requests: 12 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 0FB7796CB2B03A5DCC03EEF07A0B2C3F
Requests: 11 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: B8CDA2B7F8712FA5A6DE761475054DB3
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=medianet
Frame ID: DFF7627A27352C87D09618AD7B0EB25D
Requests: 3 HTTP requests in this frame

Frame: https://contextual.media.net/cksync.html?cs=8&vsid=3076253916830339000V10&type=rkt&refUrl=&vid=46237939413076253916830339000V10&ovsid=1973209965569779391
Frame ID: 0C5C14AF53AAE2AA9E967A59F400C730
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3076253916830339000V10%26type%3Dpba%26refUrl%3D%26vid%3D46237939413076253916830339000V10%26ovsid%3DPM_UID
Frame ID: A1CCF0E3CFB85EC84D4D1C5B7CADDF96
Requests: 20 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 5FC2750921863D6159DE2EFE923538B1
Requests: 10 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26uid%3D
Frame ID: 539104892CC2E364544FDF2EE2D443B7
Requests: 6 HTTP requests in this frame

Frame: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Frame ID: F1E22EFE4576B33095B6B1E5985C22ED
Requests: 16 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Frame ID: F7B5ABA0C630784FB19817A490C22A68
Requests: 1 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Frame ID: F29D9358C850E8D607D9F3354E9BEC67
Requests: 6 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Frame ID: 3D6844E27F0C1ACE1926A62A6A82A87C
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Frame ID: C23B70F2CA6142A8256C7F8399DF659A
Requests: 3 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=8D85E5DC-08FA-4FF0-A24B-85016B0F6E64
Frame ID: B7DD0000C0EBDD4A8FE969FD534317F4
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:76ed6338-24b0-4800-bca5-671c290429af&gdpr=0&gdpr_consent=
Frame ID: C328F9DBF98C137FB38F570A656213BB
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D
Frame ID: AE343432AEE70EDB946767E106B7EBCF
Requests: 1 HTTP requests in this frame

Frame: https://prebid.a-mo.net/setuid?A=73a14bd1-6a49-4cf4-8290-591dcce62202&bidder=pubmatic&uid=8D85E5DC-08FA-4FF0-A24B-85016B0F6E64
Frame ID: 6F7418C810B94B5755395C8C61768317
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Frame ID: 141DB5DDCE636A5210F46B0CC9A050AA
Requests: 1 HTTP requests in this frame

Frame: https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=pubmatic&rd=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw%26piggybackCookie%3D
Frame ID: A000F6AF725682D0030F58B19148DF7A
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: B758744AC9464154DEBE148D06135AEC
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=100209cc1f2c4b7387ee01622b6005ea
Frame ID: F9DBF8563D0CBEE1B9F431835C658810
Requests: 1 HTTP requests in this frame

Frame: https://dps.jp.cinarra.com/pxd?PLATFORM_ID=D&USER_ID=8D85E5DC-08FA-4FF0-A24B-85016B0F6E64
Frame ID: A1B87CBBFE408E5155A131E6A0F3F9F6
Requests: 1 HTTP requests in this frame

Frame: https://sync.targeting.unrulymedia.com/csync/RX-399b6623-35a5-47a7-9e2f-fda9227d4571-004
Frame ID: A8E68BE9F0B2C722669FA4CBD9CA0DF1
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:FYSE5HS21OEAGS5&gdpr=0&gdpr_consent=
Frame ID: C2D8CD2D74A648F7809C019BECA61A34
Requests: 1 HTTP requests in this frame

Frame: https://prebid.a-mo.net/setuid?A=73a14bd1-6a49-4cf4-8290-591dcce62202&bidder=pubmatic&uid=8D85E5DC-08FA-4FF0-A24B-85016B0F6E64
Frame ID: E68BA121280A8237C7BCFC0F13EBCB10
Requests: 1 HTTP requests in this frame

Frame: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=378a9188-a731-45f0-a73e-e5f9f5b7b9bd-tucta31aa33&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Frame ID: 4FDC2C5BF233F8A05A2035A791EE2ACC
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: A370C204A8C7B617E0EA8079EBAD1465
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync
Frame ID: 6BA3A02FBB444A61211B5966F133404B
Requests: 1 HTTP requests in this frame

Frame: https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}&gdpr=0&gdpr_consent=
Frame ID: 4380E45DFE0CE04A28098F3A09B9F08D
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Frame ID: FA31A4A45EF7490CB59CCC4A20BD746F
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/cksync.php?cs=8&vsid=3076253916830339000V10&type=pba&refUrl=&vid=46237939413076253916830339000V10&ovsid=8D85E5DC-08FA-4FF0-A24B-85016B0F6E64
Frame ID: A48F91653DB0DBB7EA015FC7E78875F8
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=mmh&i=76ed6338-24b0-4800-bca5-671c290429af&gdpr=0&gdpr_consent=
Frame ID: 8013ED66E185C082F804611977A6A611
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
Frame ID: 591C970425F00D8AB37FD704D630C000
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=YV83MTViZmU2Ny03MTg2LTRkZWItYTY0MC1iY2Q2NzMyZWQzMWI=&gdpr=0&gdpr_consent=
Frame ID: 2363D6511D80829A311E94791B553F85
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: 4225F77D3590D52A5C2DC620659C7D21
Requests: 2 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=ttd&i=94fe3cf1-3e44-4ca9-b31e-4d20824c3f42
Frame ID: 29235E904A251D1DA199AACFBD74EE9F
Requests: 1 HTTP requests in this frame

Frame: https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID&gdpr=0&gdpr_consent=
Frame ID: 3AAF8FF73D547659F7B605DD6D0DFF93
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=YzgksMCo8X8AAG-4u3UAAAAA
Frame ID: 8D8D585FCC74C7DF9B6549F84305447A
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=iex&i=YzgksIzwkGH2s7rQXrj5agAA%264758
Frame ID: 2F06F5940848C8AF419A2A764BC7E85F
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=pxcF2x64uoLiTLWnoEml&pi=gumgum&tc=1
Frame ID: 6D4C839E8BC311E1F4CA12A942E6AD68
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: 6590E11E56F6FC9B63B55044B3A4D2FA
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=1600x250&w=1600&h=250&ptt=12&adk=2733026255&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-328203967645347522&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=470780615&nhd=0&adx=0&ady=4465&oid=2&is_amp=5&amp_v=2209142312000&d_imp=1&c=1001285&ga_cid=amp-lfEJphMrir-y-H01hMFB_A&ga_hid=1285&dt=1664623786810&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fqiang-ni-dai-pu-nan-shen-ji-lao-13sui-ke-neng-yuan-yin-pu-guang.html&bdt=2473&dtd=457&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Frame ID: 958BC4607BC877044C98ADA2730BA623
Requests: 14 HTTP requests in this frame

Frame: https://cdn.flashtalking.com/155251/3972320/index.html
Frame ID: DA8166634480EA0CCEBA0755D43FAEC1
Requests: 16 HTTP requests in this frame

Frame: https://cdn.flashtalking.com/155251/3972322/index.html
Frame ID: 5C5AB9148591598880F7230BDAD646F4
Requests: 16 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements3094.js
Frame ID: B6292E165CEF0F7C10A99DFA84C52CD9
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 66E8D99243F9C1D284E66D499847F508
Requests: 7 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements3094.js
Frame ID: D699518BDB0606E97A9B79A13D80EE83
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: AB207EE5F2E22CB3146FFC9B3F765D8C
Requests: 7 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements3094.js
Frame ID: 243F120757F5884DE9C08BB139B1D30D
Requests: 6 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements3094.js
Frame ID: 800F35CDBB03345791129E450352C6FA
Requests: 6 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: C9269E6996E29B74460B640AE35E7FAB
Requests: 6 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/-Y38d37a1DmvdXzRnIUkD6jTpQ2urOaWudC6FG_jR1g.js
Frame ID: 0343E962CBC6D20722A020CD94802260
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:97D47A47F6B9400A97521DB78B233043
Frame ID: 0B26BEA732E7B52B586F75A16D5F9E0A
Requests: 1 HTTP requests in this frame

Frame: https://x.yieldlift.com/setuid?bidder=pubmatic&gdpr=0&gdpr_consent=&us_privacy=1YN-&uid=8D85E5DC-08FA-4FF0-A24B-85016B0F6E64
Frame ID: BE0867113F6D39D7852C71C53CBC7925
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=pbm&i=8D85E5DC-08FA-4FF0-A24B-85016B0F6E64
Frame ID: 944ABC93793E1C181ED8BF16638B9C3A
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.bg3.co
Frame ID: 108BEAC4BC6C18ABB336B7731F967F75
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C9844C182D30B647434B9424FC86DAA5
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 6BB4CA6A0662111D62BD42F536389B6A
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

強尼戴普男神「激老13歲」 可能原因曝光! - 天天要聞

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/pagead/show_ads\.js
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • [^a-z]mtc.*\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • https?://an\.yandex\.ru/
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

637
Requests

75 %
HTTPS

0 %
IPv6

121
Domains

191
Subdomains

116
IPs

14
Countries

5152 kB
Transfer

14299 kB
Size

239
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • https://ads.aralego.com/sdk HTTP 301
  • https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
Request Chain 98
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1664623787&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fqiang-ni-dai-pu-nan-shen-ji-lao-13sui-ke-neng-yuan-yin-pu-guang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664623787108&bpp=13&bdt=1526&idt=576&shv=r20220928&mjsv=m202209260101&ptt=5&saldr=sa&correlator=5963006542295&frm=23&ife=1&pv=2&ga_vid=1043648543.1664623788&ga_sid=1664623788&ga_hid=1754043161&ga_fc=0&ga_cid=amp-lfEJphMrir-y-H01hMFB_A&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=3207150296&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761793%2C42531705&oid=2&pvsid=914639876695818&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.k9moar6jzai&fsb=1&dtd=593 HTTP 302
  • https://adx.holmesmind.com/adx-file/20220802/wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
Request Chain 103
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1664623787&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fqiang-ni-dai-pu-nan-shen-ji-lao-13sui-ke-neng-yuan-yin-pu-guang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664623787196&bpp=11&bdt=1600&idt=762&shv=r20220928&mjsv=m202209270101&ptt=5&saldr=sa&correlator=5963006542295&frm=23&ife=1&pv=1&ga_vid=2090490489.1664623788&ga_sid=1664623788&ga_hid=550591865&ga_fc=0&ga_cid=amp-lfEJphMrir-y-H01hMFB_A&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=4151&biw=1600&bih=1200&isw=336&ish=280&ifk=672548109&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767668%2C31069962%2C42531706%2C31070009&oid=2&pvsid=2049278595715717&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.yvq7l5zdgx3h&btvi=1&fsb=1&dtd=782 HTTP 302
  • https://adx.holmesmind.com/adx-file/20220802/wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
Request Chain 132
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 194
  • https://sync.fout.jp/sync?xid=googleadex&g_pixel=&google_gid=CAESELaEF6B2mLOXk8FGjO3oQwU&google_cver=1&google_push=AZmPxg-nwdOSqA-Pv3OrHIBj2SKGNrCKzA7nk--20U2eQAcv8xJKpzwA0GIFDBHdbJdaGSrreT8StbbIpzHfk4nSLKDFDfmRi8G_RKMUW8XIQKW6Pcw1yoIMYVJed_Y8Lbmjfa-11bwoZrdXLborHUma4UY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=AZmPxg-nwdOSqA-Pv3OrHIBj2SKGNrCKzA7nk--20U2eQAcv8xJKpzwA0GIFDBHdbJdaGSrreT8StbbIpzHfk4nSLKDFDfmRi8G_RKMUW8XIQKW6Pcw1yoIMYVJed_Y8Lbmjfa-11bwoZrdXLborHUma4UY&google_hm=QVRwX0RrV1RXdWNCNHRyZWRRdjEtcC1mSEJZ&from_google=pc1
Request Chain 196
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEMkwoeH-vv7h9fqmCigiRfs&google_cver=1&google_push=AZmPxg8yp4xqfnZFlUeiEB0naFoRKnolDJtTJXqSFdlTYYK42k_rb0F77CmcXndc6d5MJHeN0cje_GLDKbTlCFfFXdUDPRlRTWMDTcUyqw4vJJ3x5cW1ughcJFuPBjajH4T6iHTIM8CtKA7U5yIRuIE5Qg HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEMkwoeH-vv7h9fqmCigiRfs&google_cver=1&google_push=AZmPxg8yp4xqfnZFlUeiEB0naFoRKnolDJtTJXqSFdlTYYK42k_rb0F77CmcXndc6d5MJHeN0cje_GLDKbTlCFfFXdUDPRlRTWMDTcUyqw4vJJ3x5cW1ughcJFuPBjajH4T6iHTIM8CtKA7U5yIRuIE5Qg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTQwMTQ2NDIxMjIyNTAxMzQ0MA&google_push=AZmPxg8yp4xqfnZFlUeiEB0naFoRKnolDJtTJXqSFdlTYYK42k_rb0F77CmcXndc6d5MJHeN0cje_GLDKbTlCFfFXdUDPRlRTWMDTcUyqw4vJJ3x5cW1ughcJFuPBjajH4T6iHTIM8CtKA7U5yIRuIE5Qg
Request Chain 197
  • https://sync.dsp.reemo-ad.jp/google_adx?google_gid=CAESECmTADH3wl8OFgQZ883GZXQ&google_cver=1&google_push=AZmPxg9m-NBQbjfkDAUQ5EtMEMuXu_nbTL7M5IwA7zDMqMvn9FTm2wmFbpPU6_YhOyn4wxYFEiR8h9UNSiZg7qhLYEQwKobCUoUQH7pHpxsjccU6cEeYQDahoEbcZiiEPVf5McGZFy6EnhRUotSmSNJDs_8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=gmo_ad_marketing&google_push=AZmPxg9m-NBQbjfkDAUQ5EtMEMuXu_nbTL7M5IwA7zDMqMvn9FTm2wmFbpPU6_YhOyn4wxYFEiR8h9UNSiZg7qhLYEQwKobCUoUQH7pHpxsjccU6cEeYQDahoEbcZiiEPVf5McGZFy6EnhRUotSmSNJDs_8
Request Chain 198
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESELP5paSUnII92O3u2tiH_tE&google_cver=1&google_push=AZmPxg_LgU9mupZba9RHnd23rTnDKjPPIpFj1UyUb3lUBqF0LlzzWdLvsxMBggb6gqLtZIMTC5gosIupT1Pt6mbTSPvpcTHNi1jbETOpRTe5UtwbsaKe8bm_810UlVLXmvlMhypT-hPeBjSR1iH4ErCovGk HTTP 302
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=0&gdpr_consent=&us_privacy=&sync=1&google_push=AZmPxg_LgU9mupZba9RHnd23rTnDKjPPIpFj1UyUb3lUBqF0LlzzWdLvsxMBggb6gqLtZIMTC5gosIupT1Pt6mbTSPvpcTHNi1jbETOpRTe5UtwbsaKe8bm_810UlVLXmvlMhypT-hPeBjSR1iH4ErCovGk&google_gid=CAESELP5paSUnII92O3u2tiH_tE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjkzOTkxMjM4NjIyODM2NDgyNTY2Mw%3D%3D&google_push=AZmPxg_LgU9mupZba9RHnd23rTnDKjPPIpFj1UyUb3lUBqF0LlzzWdLvsxMBggb6gqLtZIMTC5gosIupT1Pt6mbTSPvpcTHNi1jbETOpRTe5UtwbsaKe8bm_810UlVLXmvlMhypT-hPeBjSR1iH4ErCovGk
Request Chain 199
  • https://google.dap.fw-ad.jp/dsp/google/pixel?google_gid=CAESEL6cJi7ybLl6esYJaBo55E4&google_cver=1&google_push=AZmPxg9EzhG04trNfugnawBBurZYAyQr2IYzF-143mLa6oKVhvv-yqPP1QkgSl0DybhFURK7WElT58zzmu_x-EEI5fsi0HI0Z7fCmPBg89qTH947AVUaEpVNOARVGvm62hHzq7HnrdwcCS9pxsC6HvikISY HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=docomo_ads_platform&google_push=AZmPxg9EzhG04trNfugnawBBurZYAyQr2IYzF-143mLa6oKVhvv-yqPP1QkgSl0DybhFURK7WElT58zzmu_x-EEI5fsi0HI0Z7fCmPBg89qTH947AVUaEpVNOARVGvm62hHzq7HnrdwcCS9pxsC6HvikISY&google_hm=ZTg2ZGM0NTQtMjI5OC0zZTQxLTk2ZTUtODI3NmU3NjMwM2Ux
Request Chain 200
  • https://sync.inmobi.com/gob?google_gid=CAESEOT60gaGIbkSfyLVcrDzL7o&google_cver=1&google_push=AZmPxg8ku7vsM5AT7bQiq_Qh_B6zBRp8SewoAMY_OUhFq_an7sQvGE6Jl4bJgLLQ8Xy5vugNlUM53zHw8H5vo3pwIOSmDJJb3XUP200mHbp5PibtPnTi7OAxzp1DK7Art_C2wyQ8bKXo6P1i14z4htelAoVV HTTP 302
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAZmPxg8ku7vsM5AT7bQiq_Qh_B6zBRp8SewoAMY_OUhFq_an7sQvGE6Jl4bJgLLQ8Xy5vugNlUM53zHw8H5vo3pwIOSmDJJb3XUP200mHbp5PibtPnTi7OAxzp1DK7Art_C2wyQ8bKXo6P1i14z4htelAoVV HTTP 302
  • https://id5-sync.com/c/495/0/0/1.gif?gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.inmobi.com/gobRedirectFromId5?id=ID5-ZHMOOr1mdmsHhbRE_L0uf7A7vvpDP1I0aCej4KknhQ&google_push=AZmPxg8ku7vsM5AT7bQiq_Qh_B6zBRp8SewoAMY_OUhFq_an7sQvGE6Jl4bJgLLQ8Xy5vugNlUM53zHw8H5vo3pwIOSmDJJb3XUP200mHbp5PibtPnTi7OAxzp1DK7Art_C2wyQ8bKXo6P1i14z4htelAoVV HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_hm=i8ciPZzEUaVusorpnHmV&google_push=AZmPxg8ku7vsM5AT7bQiq_Qh_B6zBRp8SewoAMY_OUhFq_an7sQvGE6Jl4bJgLLQ8Xy5vugNlUM53zHw8H5vo3pwIOSmDJJb3XUP200mHbp5PibtPnTi7OAxzp1DK7Art_C2wyQ8bKXo6P1i14z4htelAoVV&google_nid=inmobi_new_eb
Request Chain 202
  • https://cm.g.doubleclick.net/pixel?cs=6&google_nid=media&google_cm=1&google_hm=MzA3NjI1MzkxNjgzMDM3MTAwMFYxMA%3D%3D&google_sc=1 HTTP 302
  • https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEDL-Uy_FzE-v01Rls63mTCY&google_cver=1
Request Chain 203
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=94fe3cf1-3e44-4ca9-b31e-4d20824c3f42
Request Chain 206
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESELo0eJgx-AfcQgEpHAZy29U&google_cver=1&google_push=AZmPxg_tFa2amZgC1mfj6PnEuXofod_x0NU7cpL9Q8DwKP6tnKILuLJtyxj7AM-NzyS5B2cJMAGni65QlP5qbfBlamkEOUSV-3PJ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AZmPxg_tFa2amZgC1mfj6PnEuXofod_x0NU7cpL9Q8DwKP6tnKILuLJtyxj7AM-NzyS5B2cJMAGni65QlP5qbfBlamkEOUSV-3PJ
Request Chain 207
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEHrq5JSpkDHfQ-S-9E1EnGM&google_cver=1&google_push=AZmPxg_5e81cvOPWhiBlFuQLcyAQ9mKPzy4Ll3d0W_xgJBCNDWwAwOdW9T2kCARAvseQvW_4At4O-KTjNjkfUiLqQnenPD0rCHyX HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=8&google_gid=CAESEHrq5JSpkDHfQ-S-9E1EnGM&google_cver=1&google_push=AZmPxg_5e81cvOPWhiBlFuQLcyAQ9mKPzy4Ll3d0W_xgJBCNDWwAwOdW9T2kCARAvseQvW_4At4O-KTjNjkfUiLqQnenPD0rCHyX HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=PUmmrNh-SjmzMCvnMf2Ay2M4JLA
Request Chain 208
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEOb_W91qnLdkGkVfLEzR6Bs&google_cver=1&google_push=AZmPxg-C4o9oda4BKFwFNUisiIyrVr3VjMt1RCx77a6guiQzErhzpItii3YrtQpjCdgbfLsbsdzzl_G_sYgPkkMtcoQ5rdXz5Lx6 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEOb_W91qnLdkGkVfLEzR6Bs&google_cver=1&google_push=AZmPxg-C4o9oda4BKFwFNUisiIyrVr3VjMt1RCx77a6guiQzErhzpItii3YrtQpjCdgbfLsbsdzzl_G_sYgPkkMtcoQ5rdXz5Lx6 HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=c517c859-213d-4ae2-834e-1c2a02286ba3&ssp=google&gdpr=&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10524419749888161839&gdpr=&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.visitorid%3D%24%7BTA_DEVICE_ID%7D%26ssp%3Dgoogle%26gdpr_consent%3D%26gdpr%3D HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2910&partner_device_id=10524419749888161839&gdpr=&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.visitorid%3D%24%7BTA_DEVICE_ID%7D%26ssp%3Dgoogle%26gdpr_consent%3D%26gdpr%3D HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=a1b328e9-f147-491b-836f-9bdb746f7b7d&ssp=google&gdpr_consent=&gdpr= HTTP 302
  • https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=10524419749888161839&ssp=google&gdpr=&gdpr_consent= HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_785409&src.visitorId=207510804291002756105&ssp=google&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10524419749888161839&ssp=google&gdpr=&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AZmPxg-C4o9oda4BKFwFNUisiIyrVr3VjMt1RCx77a6guiQzErhzpItii3YrtQpjCdgbfLsbsdzzl_G_sYgPkkMtcoQ5rdXz5Lx6&google_hm=xRfIWSE9SuKDThwqAihrow==
Request Chain 209
  • https://match.360yield.com/match/ebda?google_gid=CAESEFd04-fN8T6Ck0K6TG12vIc&google_cver=1&google_push=AZmPxg9WldekJYT68CUC0f3a2Hc7_P_gspxU-e9CZUPJPo9mDClev6Ukhjc9XFhcFO-0MPoO4XsqjLEJC6GeNmy-jOWTSaleJMc HTTP 302
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEFd04-fN8T6Ck0K6TG12vIc&google_cver=1&google_push=AZmPxg9WldekJYT68CUC0f3a2Hc7_P_gspxU-e9CZUPJPo9mDClev6Ukhjc9XFhcFO-0MPoO4XsqjLEJC6GeNmy-jOWTSaleJMc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=kOM2n5eHSoaEbvCcc-LA1g&google_push=AZmPxg9WldekJYT68CUC0f3a2Hc7_P_gspxU-e9CZUPJPo9mDClev6Ukhjc9XFhcFO-0MPoO4XsqjLEJC6GeNmy-jOWTSaleJMc
Request Chain 210
  • https://tg.socdm.com/rtb/sync_before?proto=google_ebda&google_gid=CAESEKPSs8Ag2znvY8fzTeVxBM8&google_cver=1&google_push=AZmPxg_hYB5Y5bwjwJTdY00B2A_wI61wvyo1P0tOiQ3OcAtVIypi4QMucTvbJc6_XVX_X-JeenBPqPPWtasAG8xNOrRc2Yz29As HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AZmPxg_hYB5Y5bwjwJTdY00B2A_wI61wvyo1P0tOiQ3OcAtVIypi4QMucTvbJc6_XVX_X-JeenBPqPPWtasAG8xNOrRc2Yz29As&google_hm=WXpna3NNQ284WDhBQUctNHUzVUFBQUFB
Request Chain 211
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEOkzRG1wCVzmKYEMMRbQSzU&google_cver=1&google_push=AZmPxg9Y5hgwfcGKfp_-XKQZKCSsOc-ENbTLGdzfGRmq2tleGPXG8OqozG6YSwHUvzUOTLxiBbPewSuatGXdldKjgytqJD4cj-UoSA HTTP 302
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEOkzRG1wCVzmKYEMMRbQSzU&google_push=AZmPxg9Y5hgwfcGKfp_-XKQZKCSsOc-ENbTLGdzfGRmq2tleGPXG8OqozG6YSwHUvzUOTLxiBbPewSuatGXdldKjgytqJD4cj-UoSA&s=2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AZmPxg9Y5hgwfcGKfp_-XKQZKCSsOc-ENbTLGdzfGRmq2tleGPXG8OqozG6YSwHUvzUOTLxiBbPewSuatGXdldKjgytqJD4cj-UoSA&google_hm=Z1U0NGFLb0lZZGNnUkptU3Q2cmk= HTTP 302
  • https://b1sync.zemanta.com/usersync/googleadx/?google_error=5
Request Chain 213
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=94fe3cf1-3e44-4ca9-b31e-4d20824c3f42
Request Chain 214
  • https://cm.g.doubleclick.net/pixel?cs=6&google_nid=media&google_cm=1&google_hm=MzA3NjI1MzkxNjgzMDM4OTAwMFYxMA%3D%3D&google_sc=1 HTTP 302
  • https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEDL-Uy_FzE-v01Rls63mTCY&google_cver=1
Request Chain 255
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHMPl3ESPOvvC9AA1czHJHU&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHMPl3ESPOvvC9AA1czHJHU&google_cver=1&C=1
Request Chain 256
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YzgksIzwkGH2s7rQXrj5agAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHMPl3ESPOvvC9AA1czHJHU&google_cver=1
Request Chain 257
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEGyAyf5Tkgqn-rDQ4tYEVkw&google_cver=1
Request Chain 258
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjA3MjY0ODM2Njc3OTY2ODQyNA%3D%3D
Request Chain 260
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHMPl3ESPOvvC9AA1czHJHU&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHMPl3ESPOvvC9AA1czHJHU&google_cver=1&C=1
Request Chain 261
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YzgksJf-f6GROLXxlAQIfQAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHMPl3ESPOvvC9AA1czHJHU&google_cver=1
Request Chain 262
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEGyAyf5Tkgqn-rDQ4tYEVkw&google_cver=1
Request Chain 263
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjA3MjY0ODM2Njc3OTY2ODQyNA%3D%3D
Request Chain 264
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHMPl3ESPOvvC9AA1czHJHU&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHMPl3ESPOvvC9AA1czHJHU&google_cver=1&C=1
Request Chain 265
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YzgksDGKQvl0d4Ldvmh0JwAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHMPl3ESPOvvC9AA1czHJHU&google_cver=1
Request Chain 266
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEGyAyf5Tkgqn-rDQ4tYEVkw&google_cver=1
Request Chain 267
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjA3MjY0ODM2Njc3OTY2ODQyNA%3D%3D
Request Chain 306
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEExNAypDvUrNiceOZ4NyWsk&google_cver=1&google_push=AZmPxg81s1PYViBOky2K_prGo94U3FRNwIub1Opc3fef3SllZb1hHyI6toQPcWitC2oKmror1fSq64NBOAlCg2yT_Xj_6rSh5OSetpU_wyb9QESZOZEerrq7yKPfEaRkTz1ngiXYj8X0_uiZlbQExgn-pjA HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=B765081F39B1F7&google_push=AZmPxg81s1PYViBOky2K_prGo94U3FRNwIub1Opc3fef3SllZb1hHyI6toQPcWitC2oKmror1fSq64NBOAlCg2yT_Xj_6rSh5OSetpU_wyb9QESZOZEerrq7yKPfEaRkTz1ngiXYj8X0_uiZlbQExgn-pjA&google_hm=bpOdv-eLNpBJ9sjJN1D9dA
Request Chain 307
  • https://ipac.ctnsnet.com/int/cm?exc=1&acc=crimtan_au&google_gid=CAESEES2FtrR1s9AQtG9nC0u9vQ&google_cver=1&google_push=AZmPxg8Q33gNcCJOcMT3PCfBPV3wQ9pRXZUtAZllASWm4O3cRM4MjzG8JU_E1dynFFQhPYfVrw0GzFUU5vzuuww71xJs854SCXHUQW3_5hZ-B2ZeiTYhW85bGruwf_IjFXYBLnvw8J4ZGBtFUAQ_xqwHyOY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AZmPxg8Q33gNcCJOcMT3PCfBPV3wQ9pRXZUtAZllASWm4O3cRM4MjzG8JU_E1dynFFQhPYfVrw0GzFUU5vzuuww71xJs854SCXHUQW3_5hZ-B2ZeiTYhW85bGruwf_IjFXYBLnvw8J4ZGBtFUAQ_xqwHyOY&google_hm=EAIJzB8sS3OH7gFiK2AF6m8
Request Chain 308
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEPPW5WgxpBInZhBmagY9rDo&google_cver=1&google_push=AZmPxg-MgENWLrwe1bpQdF0RxkrrUD6X1VKFWoxHR22WZltIJz8173SygX9RzfiDwf1CRwnfS4s7we7dqCgGrtXaki_7XcCDcfQs3Ntgz6iT49J0y4p7RHogcFGWEUzOBNU2OtI7xmWb7TQJus0sm3FY7Qs HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTQwMTQ2NDIxMjIyNTAxMzQ0MA&google_push=AZmPxg-MgENWLrwe1bpQdF0RxkrrUD6X1VKFWoxHR22WZltIJz8173SygX9RzfiDwf1CRwnfS4s7we7dqCgGrtXaki_7XcCDcfQs3Ntgz6iT49J0y4p7RHogcFGWEUzOBNU2OtI7xmWb7TQJus0sm3FY7Qs
Request Chain 309
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEPq4ZEhTrIewBhEOrzm0VP0&google_cver=1&google_push=AZmPxg9Ya5lTTPwxzDdxS2b_Or5NVH74Stn7aVuuNcNQq0TXnZD6GVX0fbsNPRGWzVHQyWhLRYYslBRaZJ3BKJyRCEYCXQRVl_pihXVIEXRlZ4cmO551JoImn8J6kyvtFhdijr2EApVL5fNceVSCkPPDqOU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AZmPxg9Ya5lTTPwxzDdxS2b_Or5NVH74Stn7aVuuNcNQq0TXnZD6GVX0fbsNPRGWzVHQyWhLRYYslBRaZJ3BKJyRCEYCXQRVl_pihXVIEXRlZ4cmO551JoImn8J6kyvtFhdijr2EApVL5fNceVSCkPPDqOU&google_hm=Z1U0NGFLb0lZZGNnUkptU3Q2cmk=
Request Chain 310
  • https://an.yandex.ru/mapuid/google/CAESEJKca8EJ0_RDS4L-n3Pq6u4?ext-param=AZmPxg8dHi1nQYBjKyKeqxovO9c_pstKKA6bF_9NpkdlbStME5fIjj4VEyJE3nG-hBmb9w0ai8g0CeeL520Q9J1UCcGMZWyNWrDEmmFCW7TtHDUGYUhpyNVKlJKO3eUNgj8tSQLHRX2VjwlkFIflEN701WWE&partner-tag=yandex_ag&google_cver=1 HTTP 302
  • https://an.yandex.ru/mapuid/google/CAESEJKca8EJ0_RDS4L-n3Pq6u4?redir-setuniq=1&ext-param=AZmPxg8dHi1nQYBjKyKeqxovO9c_pstKKA6bF_9NpkdlbStME5fIjj4VEyJE3nG-hBmb9w0ai8g0CeeL520Q9J1UCcGMZWyNWrDEmmFCW7TtHDUGYUhpyNVKlJKO3eUNgj8tSQLHRX2VjwlkFIflEN701WWE&partner-tag=yandex_ag&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEJKca8EJ0_RDS4L-n3Pq6u4&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif HTTP 302
  • https://an.yandex.ru/resource/spacer.gif
Request Chain 334
  • https://adobe.demdex.net/event?d_stuff=1&d_rtbd=json&d_cb=fltk HTTP 302
  • https://adobe.demdex.net/firstevent?d_stuff=1&d_rtbd=json&d_cb=fltk
Request Chain 335
  • https://adobe.demdex.net/event?d_stuff=1&d_rtbd=json&d_cb=fltk HTTP 302
  • https://adobe.demdex.net/firstevent?d_stuff=1&d_rtbd=json&d_cb=fltk
Request Chain 338
  • https://ad.turn.com/r/cs?pid=9&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=9043219101811047819&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 339
  • https://match.adsrvr.org/track/cmf/openx?oxid=6f12351c-6cf2-7cf4-efc0-3187af7ab201&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=94fe3cf1-3e44-4ca9-b31e-4d20824c3f42&ttd_puid=6f12351c-6cf2-7cf4-efc0-3187af7ab201&gdpr=0&gdpr_consent=
Request Chain 340
  • https://tg.socdm.com/rtb/sync_before?proto=openx HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537072335&val=YzgksMCo8X8AAG-4u3UAAAAA
Request Chain 341
  • https://cr-p3.ladsp.com/cookiesender/3 HTTP 302
  • https://cr-p3.ladsp.com/cookiesender/3?cr=true HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537072451&val=ASSSSk06WigZks8ADsWuJsLBaM8AAAGDk09aEw
Request Chain 343
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEONs6oxGsIsxLHLNZCrJ3g8&google_cver=1
Request Chain 344
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3658&xuid=94fe3cf1-3e44-4ca9-b31e-4d20824c3f42&dongle=0cfd
Request Chain 345
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjkzOTkxMjM4NjIyODM2NDgyNTY2Mw%3D%3D HTTP 302
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Request Chain 346
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEF1l9f906jnexPATSM-Z3Ik&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 347
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjkzOTkxMjM4NjIyODM2NDgyNTY2Mw%3D%3D
Request Chain 348
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=2939912386228364825663&dbredirect=true&gdpr=0&consent= HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=2939912386228364825663&dbredirect=true&gdpr=0&consent=&cookiesTest=true HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=08b872fc-32a5-438d-9e82-08ec3ee4e122&_noobservation=1 HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=08b872fc-32a5-438d-9e82-08ec3ee4e122&_noobservation=1&_expected_cookie=0b25cb0ccd6565e8e3c5612e3139cebe
Request Chain 349
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=2939912386228364825663&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=triplelift HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=5401464212225013440&ssp=triplelift HTTP 302
  • https://eb2.3lift.com/xuid?mid=2409&xuid=c517c859-213d-4ae2-834e-1c2a02286ba3&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 350
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/2939912386228364825663?gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-xuoMfetE2oSoX1Ot.7xxmMl.sYlXbn62Gar.UOB.2A--~A&dongle=0883
Request Chain 351
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=2939912386228364825663 HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=2939912386228364825663&dcc=t
Request Chain 353
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent= HTTP 302
  • https://stags.bluekai.com/site/23178?id=gU44aKoIYdcgRJmSt6ri&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5M5KTINDBJNXUSWLEMNTVESTNKN2DM4TJ&gdpr=0 HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5M5KTINDBJNXUSWLEMNTVESTNKN2DM4TJ HTTP 302
  • https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=gU44aKoIYdcgRJmSt6ri
Request Chain 356
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=medianet HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=medianet
Request Chain 357
  • https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3076253916830339000V10%26type%3Drkt%26refUrl%3D%26vid%3D46237939413076253916830339000V10%26ovsid%3D%7Buserid%7D HTTP 302
  • https://contextual.media.net/cksync.html?cs=8&vsid=3076253916830339000V10&type=rkt&refUrl=&vid=46237939413076253916830339000V10&ovsid=1973209965569779391
Request Chain 359
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3076253916830339000V10%26type%3Dapx%26refUrl%3D%26vid%3D46237939413076253916830339000V10%26ovsid%3D%24UID HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3076253916830339000V10&type=apx&refUrl=&vid=46237939413076253916830339000V10&ovsid=2072648366779668424
Request Chain 360
  • https://us-u.openx.net/w/1.0/cm?id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3076253916830339000V10%26type%3Dopx%26refUrl%3D%26vid%3D46237939413076253916830339000V10%26ovsid%3D HTTP 302
  • https://contextual.media.net/cksync.html?cs=8&vsid=3076253916830339000V10&type=opx&refUrl=&vid=46237939413076253916830339000V10&ovsid=a73e5c83-c7f2-4614-8c8f-4fe91d9520dd
Request Chain 361
  • https://sync.mathtag.com/sync/img?mt_exid=64&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3076253916830339000V10%26type%3Dmma%26refUrl%3D%26vid%3D46237939413076253916830339000V10%26ovsid%3D%5BMM_UUID%5D HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3076253916830339000V10&type=mma&refUrl=&vid=46237939413076253916830339000V10&ovsid=76ed6338-24b0-4800-bca5-671c290429af
Request Chain 362
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3076253916830339000V10%26type%3Dr1%26refUrl%3D%26vid%3D46237939413076253916830339000V10%26ovsid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&zcc=1&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3076253916830339000V10%26type%3Dr1%26refUrl%3D%26vid%3D46237939413076253916830339000V10%26ovsid%3D%5BRX_UUID%5D&cb=1664623794441 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1607245332 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/94fe3cf1-3e44-4ca9-b31e-4d20824c3f42 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-399b6623-35a5-47a7-9e2f-fda9227d4571-004?redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3076253916830339000V10%26type%3Dr1%26refUrl%3D%26vid%3D46237939413076253916830339000V10%26ovsid%3DRX-399b6623-35a5-47a7-9e2f-fda9227d4571-004 HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3076253916830339000V10&type=r1&refUrl=&vid=46237939413076253916830339000V10&ovsid=RX-399b6623-35a5-47a7-9e2f-fda9227d4571-004
Request Chain 363
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3076253916830339000V10%26type%3Ddxu%26refUrl%3D%26vid%3D46237939413076253916830339000V10%26ovsid%3D_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3076253916830339000V10%26type%3Ddxu%26refUrl%3D%26vid%3D46237939413076253916830339000V10%26ovsid%3D_wfivefivec_ HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3076253916830339000V10&type=dxu&refUrl=&vid=46237939413076253916830339000V10&ovsid=FYSE5HS21OEAGS5
Request Chain 365
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1 HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Dmedianet%26bsw_param%3Dc517c859-213d-4ae2-834e-1c2a02286ba3&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=80&user_id=76ed6338-24b0-4800-bca5-671c290429af&expires=30&ssp=medianet&bsw_param=c517c859-213d-4ae2-834e-1c2a02286ba3&gdpr=0&gdpr_consent= HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=c517c859-213d-4ae2-834e-1c2a02286ba3&gdpr=0&gdpr_consent=&gdpr_pd=
Request Chain 366
  • https://b1sync.zemanta.com/usersync/medianet/?cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3076253916830339000V10%26type%3Dzem%26refUrl%3D%26vid%3D46237939413076253916830339000V10%26ovsid%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=gU44aKoIYdcgRJmSt6ri&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPLHKU2DIYKLN5EVSZDDM5JEU3KTOQ3HE2JGOJSWMVLSNQ6SM5DZOBST26TFNUTHM2LEHU2DMMRTG44TGOJUGEZTANZWGI2TGOJRGY4DGMBTGM4TAMBQKYYTAJTWONUWIPJTGA3TMMRVGM4TCNRYGMYDGMZZGAYDAVRRGA HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPLHKU2DIYKLN5EVSZDDM5JEU3KTOQ3HE2JGOJSWMVLSNQ6SM5DZOBST26TFNUTHM2LEHU2DMMRTG44TGOJUGEZTANZWGI2TGOJRGY4DGMBTGM4TAMBQKYYTAJTWONUWIPJTGA3TMMRVGM4TCNRYGMYDGMZZGAYDAVRRGA HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&ovsid=gU44aKoIYdcgRJmSt6ri&refUrl=&type=zem&vid=46237939413076253916830339000V10&vsid=3076253916830339000V10
Request Chain 367
  • https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=3076253916830339000V10 HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=medianet&ssp_user_id=3076253916830339000V10 HTTP 302
  • https://contextual.media.net/cksync.php?type=mf&ovsid=0884cce6-0a2a-4aaf-b0b2-bb7e3f84e41e&cs=1
Request Chain 378
  • https://x.bidswitch.net/sync?ssp=adaptmx&user_id=73a14bd1-6a49-4cf4-8290-591dcce62202&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=c517c859-213d-4ae2-834e-1c2a02286ba3&ssp=adaptmx&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10524419749888161839&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.visitorid%3D%24%7BTA_DEVICE_ID%7D%26ssp%3Dadaptmx%26gdpr_consent%3D%26gdpr%3D0 HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=a1b328e9-f147-491b-836f-9bdb746f7b7d&ssp=adaptmx&gdpr_consent=&gdpr=0 HTTP 302
  • https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=10524419749888161839&ssp=adaptmx&gdpr=0&gdpr_consent= HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_785409&src.visitorId=209610804291002756681&ssp=adaptmx&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10524419749888161839&ssp=adaptmx&gdpr=0&gdpr_consent=
Request Chain 379
  • https://ups.analytics.yahoo.com/ups/58570/occ?gdpr=0&gdpr_consent=&uid=73a14bd1-6a49-4cf4-8290-591dcce62202 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58570/occ?gdpr=0&gdpr_consent=&uid=73a14bd1-6a49-4cf4-8290-591dcce62202&verify=true HTTP 302
  • https://prebid.a-mo.net/setuid/yahoo?uid=y-BOn8z3dE2uHr36X3vjWjrskdvV_QUgrrT5j4dGY-~A&gdpr=0&gdpr_consent=
Request Chain 380
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://prebid.a-mo.net/setuid/magnite?uid=L8PU0VI1-22-89WR&gdpr=0
Request Chain 381
  • https://cm.adform.net/cookie?gdpr=0&gdpr_consent=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D73a14bd1-6a49-4cf4-8290-591dcce62202%26bidder%3Dadform%26uid%3D%24UID HTTP 303
  • https://prebid.a-mo.net/setuid?A=73a14bd1-6a49-4cf4-8290-591dcce62202&bidder=adform&uid=5401464212225013440
Request Chain 382
  • https://ssp.disqus.com/redirectuser?partner=adaptmx&gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D73a14bd1-6a49-4cf4-8290-591dcce62202%26bidder%3Dzeta%26uid%3D%24UID HTTP 302
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D6%26r%3DCid1YS00NDA0OGJkNi1kMDM3LTM2MjItYTIzZS1hZWYzN2NlMjZjYjQqfWh0dHBzOi8vcHJlYmlkLmEtbW8ubmV0L3NldHVpZD9BPTczYTE0YmQxLTZhNDktNGNmNC04MjkwLTU5MWRjY2U2MjIwMiZiaWRkZXI9emV0YSZ1aWQ9dWEtNDQwNDhiZDYtZDAzNy0zNjIyLWEyM2UtYWVmMzdjZTI2Y2I0MgIGEjgB%26buyeruid%3D HTTP 302
  • https://cm.adform.net/cookie?gdpr=1&gdpr_consent=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F4390%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26A%3D73a14bd1-6a49-4cf4-8290-591dcce62202%26bidder%3Dadform%26cbx%3DaHR0cHM6Ly9zc3AuZGlzcXVzLmNvbS9tYXRjaD9iaWRkZXI9NiZyPUNpZDFZUzAwTkRBME9HSmtOaTFrTURNM0xUTTJNakl0WVRJelpTMWhaV1l6TjJObE1qWmpZalFxZldoMGRIQnpPaTh2Y0hKbFltbGtMbUV0Ylc4dWJtVjBMM05sZEhWcFpEOUJQVGN6WVRFMFltUXhMVFpoTkRrdE5HTm1OQzA0TWprd0xUVTVNV1JqWTJVMk1qSXdNaVppYVdSa1pYSTllbVYwWVNaMWFXUTlkV0V0TkRRd05EaGlaRFl0WkRBek55MHpOakl5TFdFeU0yVXRZV1ZtTXpkalpUSTJZMkkwTWdJR0VqZ0ImYnV5ZXJ1aWQ9%26uid%3D%24UID HTTP 303
  • https://prebid.a-mo.net/cchain/0/4390?gdpr=0&gdpr_consent=&us_privacy=&A=73a14bd1-6a49-4cf4-8290-591dcce62202&bidder=adform&cbx=aHR0cHM6Ly9zc3AuZGlzcXVzLmNvbS9tYXRjaD9iaWRkZXI9NiZyPUNpZDFZUzAwTkRBME9HSmtOaTFrTURNM0xUTTJNakl0WVRJelpTMWhaV1l6TjJObE1qWmpZalFxZldoMGRIQnpPaTh2Y0hKbFltbGtMbUV0Ylc4dWJtVjBMM05sZEhWcFpEOUJQVGN6WVRFMFltUXhMVFpoTkRrdE5HTm1OQzA0TWprd0xUVTVNV1JqWTJVMk1qSXdNaVppYVdSa1pYSTllbVYwWVNaMWFXUTlkV0V0TkRRd05EaGlaRFl0WkRBek55MHpOakl5TFdFeU0yVXRZV1ZtTXpkalpUSTJZMkkwTWdJR0VqZ0ImYnV5ZXJ1aWQ9&uid=5401464212225013440 HTTP 302
  • https://x.bidswitch.net/sync?ssp=adaptmx&user_id=73a14bd1-6a49-4cf4-8290-591dcce62202&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://dis.criteo.com/dis/usersync.aspx?r=25&p=52&dis=0&gdpr=0&gdpr_consent=&url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D462%26ssp%3Dadaptmx%26user_id%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=462&ssp=adaptmx&user_id=k-Yrzd2TSUeygVec3UzVomFT54PBKxUvW1JuDT7g&gdpr=0&gdpr_consent=
Request Chain 383
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D73a14bd1-6a49-4cf4-8290-591dcce62202%26bidder%3Dsmartadserver%26uid%3D%5Bssb_sync_pid%5D HTTP 302
  • https://prebid.a-mo.net/setuid?A=73a14bd1-6a49-4cf4-8290-591dcce62202&bidder=smartadserver&uid=5912640572057858447
Request Chain 384
  • https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-mo.net%252Fsetuid%253FA%253D73a14bd1-6a49-4cf4-8290-591dcce62202%2526bidder%253Dpubmatic%2526uid%253D%2523PMUID HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-mo.net%252Fsetuid%253FA%253D73a14bd1-6a49-4cf4-8290-591dcce62202%2526bidder%253Dpubmatic%2526uid%253D%2523PMUID&rdf=1 HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?p=158355&pmc=1&pr=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D73a14bd1-6a49-4cf4-8290-591dcce62202%26bidder%3Dpubmatic%26uid%3D8D85E5DC-08FA-4FF0-A24B-85016B0F6E64 HTTP 302
  • https://prebid.a-mo.net/setuid?A=73a14bd1-6a49-4cf4-8290-591dcce62202&bidder=pubmatic&uid=8D85E5DC-08FA-4FF0-A24B-85016B0F6E64
Request Chain 385
  • https://ssum.casalemedia.com/usermatchredir?s=191503&gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D73a14bd1-6a49-4cf4-8290-591dcce62202%26bidder%3Dindex_rtb%26uid%3D HTTP 302
  • https://prebid.a-mo.net/setuid?A=73a14bd1-6a49-4cf4-8290-591dcce62202&bidder=index_rtb&uid=YzgksIzwkGH2s7rQXrj5agAA%264758
Request Chain 386
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D73a14bd1-6a49-4cf4-8290-591dcce62202%26bidder%3Dsovrn%26uid%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D73a14bd1-6a49-4cf4-8290-591dcce62202%26bidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true HTTP 307
  • https://prebid.a-mo.net/setuid?A=73a14bd1-6a49-4cf4-8290-591dcce62202&bidder=sovrn&uid=FaGxDLZHI8kIY0jBSLeFhBZ7
Request Chain 387
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D73a14bd1-6a49-4cf4-8290-591dcce62202%26bidder%3Dappnexus%26uid%3D%24UID HTTP 302
  • https://prebid.a-mo.net/setuid?A=73a14bd1-6a49-4cf4-8290-591dcce62202&bidder=appnexus&uid=2072648366779668424
Request Chain 400
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/hpAEjV6zzg0WyMzyQSVCLcn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=406110106942714353
Request Chain 401
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=Yr6RNLOoTYO7Aaa-xyqIcw&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=Yr6RNLOoTYO7Aaa-xyqIcw
Request Chain 402
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhQVTBWSTEtMjItODlXUg==
Request Chain 403
  • https://match.adsrvr.org/track/cmf/rubicon HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=94fe3cf1-3e44-4ca9-b31e-4d20824c3f42&gdpr=0&gdpr_consent=&expires=30
Request Chain 404
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEKBMkUKTr5bSaTH2b7bebZY&google_cver=1
Request Chain 405
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L8PU0VI1-22-89WR
Request Chain 406
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NDY0Y2YwOWYyNzg5NTE1NWY2ZjI1YTdmMWM3ZTQzNWNmMzQ1NmEwMQ
Request Chain 407
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=cvjpomNeRyywGcF-p3popQ&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=cvjpomNeRyywGcF-p3popQ
Request Chain 413
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Request Chain 414
  • https://pixel.rubiconproject.com/exchange/sync.php?p=13702&gdpr=0&gdpr_consent=&us_privacy=1YN-& HTTP 302
  • https://x.yieldlift.com/setuid?bidder=rubicon&uid=L8PU0VI1-22-89WR&gdpr=0&us_privacy=1YN-
Request Chain 415
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID HTTP 302
  • https://ads.servenobid.com/sync?pid=312&uid=2072648366779668424
Request Chain 416
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D HTTP 302
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=310&uid=FaGxERZH5G4Rz8iZSgm50Jbs
Request Chain 417
  • https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID&sovrn_retry=true HTTP 307
  • https://ads.servenobid.com/sync?pid=310&uid=FaGxDLZHQg2R9Nq9RISCckhn
Request Chain 418
  • https://x.yieldlift.com/getuid?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D314%26uid%3D%24UID HTTP 301
  • https://ads.servenobid.com/sync?pid=314&uid=dd81a6c3-1df1-4e88-a46c-87c04117c7db
Request Chain 419
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-399b6623-35a5-47a7-9e2f-fda9227d4571-004&rndcb=7056126096 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=adconductor&bsw_param=c517c859-213d-4ae2-834e-1c2a02286ba3&google_hm=YzUxN2M4NTktMjEzZC00YWUyLTgzNGUtMWMyYTAyMjg2YmEz HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEFbkZIUM9xrON573cI9WSoA&google_cver=1&ssp=adconductor&bsw_param=c517c859-213d-4ae2-834e-1c2a02286ba3 HTTP 302
  • https://sync.1rx.io/usersync/bidswitch/c517c859-213d-4ae2-834e-1c2a02286ba3?gdpr=&gdpr_consent= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-399b6623-35a5-47a7-9e2f-fda9227d4571-004?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-399b6623-35a5-47a7-9e2f-fda9227d4571-004 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rhy&i=RX-399b6623-35a5-47a7-9e2f-fda9227d4571-004
Request Chain 420
  • https://p.rfihub.com/cm?pub=44007&in=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=324&uid=1973209965569779417
Request Chain 421
  • https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D HTTP 302
  • https://ads.servenobid.com/sync?pid=332&uid=f3206ff4-db54-4473-a11d-cc170a0d2c5f
Request Chain 422
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D HTTP 302
  • https://ssp.disqus.com/redirectuser?partner=adaptmx&gdpr=1&gdpr_consent=&us_privacy=1YN-&r=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F3639%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26A%3D73a14bd1-6a49-4cf4-8290-591dcce62202%26bidder%3Dzeta%26cbx%3DaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%253D%26uid%3D%24UID HTTP 302
  • https://sync.go.sonobi.com/us?gdpr=0&gdpr_consent=&us_privacy=&loc=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D18%26buyeruid%3D%5BUID%5D%26r%3DCid1YS00NDA0OGJkNi1kMDM3LTM2MjItYTIzZS1hZWYzN2NlMjZjYjQq7AFodHRwczovL3ByZWJpZC5hLW1vLm5ldC9jY2hhaW4vMC8zNjM5P2dkcHI9MCZnZHByX2NvbnNlbnQ9JnVzX3ByaXZhY3k9MVlOLSZBPTczYTE0YmQxLTZhNDktNGNmNC04MjkwLTU5MWRjY2U2MjIwMiZiaWRkZXI9emV0YSZjYng9YUhSMGNITTZMeTloWkhNdWMyVnlkbVZ1YjJKcFpDNWpiMjB2YzNsdVl6OXdhV1E5TXpJM0puVnBaRDAlM0QmdWlkPXVhLTQ0MDQ4YmQ2LWQwMzctMzYyMi1hMjNlLWFlZjM3Y2UyNmNiNDICEgY4AQ== HTTP 302
  • https://ssp.disqus.com/match?bidder=18&buyeruid=7ad4dd01-b844-4b04-a803-83a2bda545b5&r=Cid1YS00NDA0OGJkNi1kMDM3LTM2MjItYTIzZS1hZWYzN2NlMjZjYjQq7AFodHRwczovL3ByZWJpZC5hLW1vLm5ldC9jY2hhaW4vMC8zNjM5P2dkcHI9MCZnZHByX2NvbnNlbnQ9JnVzX3ByaXZhY3k9MVlOLSZBPTczYTE0YmQxLTZhNDktNGNmNC04MjkwLTU5MWRjY2U2MjIwMiZiaWRkZXI9emV0YSZjYng9YUhSMGNITTZMeTloWkhNdWMyVnlkbVZ1YjJKcFpDNWpiMjB2YzNsdVl6OXdhV1E5TXpJM0puVnBaRDAlM0QmdWlkPXVhLTQ0MDQ4YmQ2LWQwMzctMzYyMi1hMjNlLWFlZjM3Y2UyNmNiNDICEgY4AQ== HTTP 302
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D6%26r%3DCid1YS00NDA0OGJkNi1kMDM3LTM2MjItYTIzZS1hZWYzN2NlMjZjYjQq7AFodHRwczovL3ByZWJpZC5hLW1vLm5ldC9jY2hhaW4vMC8zNjM5P2dkcHI9MCZnZHByX2NvbnNlbnQ9JnVzX3ByaXZhY3k9MVlOLSZBPTczYTE0YmQxLTZhNDktNGNmNC04MjkwLTU5MWRjY2U2MjIwMiZiaWRkZXI9emV0YSZjYng9YUhSMGNITTZMeTloWkhNdWMyVnlkbVZ1YjJKcFpDNWpiMjB2YzNsdVl6OXdhV1E5TXpJM0puVnBaRDAlM0QmdWlkPXVhLTQ0MDQ4YmQ2LWQwMzctMzYyMi1hMjNlLWFlZjM3Y2UyNmNiNDICEgY4Ag==%26buyeruid%3D HTTP 302
  • https://ssp.disqus.com/match?bidder=6&r=Cid1YS00NDA0OGJkNi1kMDM3LTM2MjItYTIzZS1hZWYzN2NlMjZjYjQq7AFodHRwczovL3ByZWJpZC5hLW1vLm5ldC9jY2hhaW4vMC8zNjM5P2dkcHI9MCZnZHByX2NvbnNlbnQ9JnVzX3ByaXZhY3k9MVlOLSZBPTczYTE0YmQxLTZhNDktNGNmNC04MjkwLTU5MWRjY2U2MjIwMiZiaWRkZXI9emV0YSZjYng9YUhSMGNITTZMeTloWkhNdWMyVnlkbVZ1YjJKcFpDNWpiMjB2YzNsdVl6OXdhV1E5TXpJM0puVnBaRDAlM0QmdWlkPXVhLTQ0MDQ4YmQ2LWQwMzctMzYyMi1hMjNlLWFlZjM3Y2UyNmNiNDICEgY4Ag==&buyeruid=73a14bd1-6a49-4cf4-8290-591dcce62202&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://prebid.a-mo.net/cchain/0/3639?gdpr=0&gdpr_consent=&us_privacy=1YN-&A=73a14bd1-6a49-4cf4-8290-591dcce62202&bidder=zeta&cbx=aHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%3D&uid=ua-44048bd6-d037-3622-a23e-aef37ce26cb4 HTTP 302
  • https://ads.servenobid.com/sync?pid=327&uid=73a14bd1-6a49-4cf4-8290-591dcce62202&gdpr=0&gdpr_consent=&us_privacy=1YN-
Request Chain 423
  • https://ups.analytics.yahoo.com/ups/58559/occ HTTP 302
  • https://ads.servenobid.com/sync?pid=337&uid=y-vdHtIrVE2uFcEGZjJs52xF2hrrLTWrBGTAGwAG4-~A
Request Chain 424
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID HTTP 302
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D6%26r%3DCid1YS00NDA0OGJkNi1kMDM3LTM2MjItYTIzZS1hZWYzN2NlMjZjYjQqU2h0dHBzOi8vYWRzLnNlcnZlbm9iaWQuY29tL3N5bmM_cGlkPTM0NiZ1aWQ9dWEtNDQwNDhiZDYtZDAzNy0zNjIyLWEyM2UtYWVmMzdjZTI2Y2I0MgIGEjgB%26buyeruid%3D HTTP 302
  • https://cm.adform.net/cookie?gdpr=1&gdpr_consent=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F4425%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26A%3D73a14bd1-6a49-4cf4-8290-591dcce62202%26bidder%3Dadform%26cbx%3DaHR0cHM6Ly9zc3AuZGlzcXVzLmNvbS9tYXRjaD9iaWRkZXI9NiZyPUNpZDFZUzAwTkRBME9HSmtOaTFrTURNM0xUTTJNakl0WVRJelpTMWhaV1l6TjJObE1qWmpZalFxVTJoMGRIQnpPaTh2WVdSekxuTmxjblpsYm05aWFXUXVZMjl0TDNONWJtTV9jR2xrUFRNME5pWjFhV1E5ZFdFdE5EUXdORGhpWkRZdFpEQXpOeTB6TmpJeUxXRXlNMlV0WVdWbU16ZGpaVEkyWTJJME1nSUdFamdCJmJ1eWVydWlkPQ%253D%253D%26uid%3D%24UID HTTP 303
  • https://prebid.a-mo.net/cchain/0/4425?gdpr=0&gdpr_consent=&us_privacy=&A=73a14bd1-6a49-4cf4-8290-591dcce62202&bidder=adform&cbx=aHR0cHM6Ly9zc3AuZGlzcXVzLmNvbS9tYXRjaD9iaWRkZXI9NiZyPUNpZDFZUzAwTkRBME9HSmtOaTFrTURNM0xUTTJNakl0WVRJelpTMWhaV1l6TjJObE1qWmpZalFxVTJoMGRIQnpPaTh2WVdSekxuTmxjblpsYm05aWFXUXVZMjl0TDNONWJtTV9jR2xrUFRNME5pWjFhV1E5ZFdFdE5EUXdORGhpWkRZdFpEQXpOeTB6TmpJeUxXRXlNMlV0WVdWbU16ZGpaVEkyWTJJME1nSUdFamdCJmJ1eWVydWlkPQ%3D%3D&uid=5401464212225013440 HTTP 302
  • https://ssp.disqus.com/match?bidder=6&r=Cid1YS00NDA0OGJkNi1kMDM3LTM2MjItYTIzZS1hZWYzN2NlMjZjYjQqU2h0dHBzOi8vYWRzLnNlcnZlbm9iaWQuY29tL3N5bmM_cGlkPTM0NiZ1aWQ9dWEtNDQwNDhiZDYtZDAzNy0zNjIyLWEyM2UtYWVmMzdjZTI2Y2I0MgIGEjgB&buyeruid=73a14bd1-6a49-4cf4-8290-591dcce62202&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.go.sonobi.com/us?gdpr=0&gdpr_consent=&us_privacy=&loc=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D18%26buyeruid%3D%5BUID%5D%26r%3DCid1YS00NDA0OGJkNi1kMDM3LTM2MjItYTIzZS1hZWYzN2NlMjZjYjQqU2h0dHBzOi8vYWRzLnNlcnZlbm9iaWQuY29tL3N5bmM_cGlkPTM0NiZ1aWQ9dWEtNDQwNDhiZDYtZDAzNy0zNjIyLWEyM2UtYWVmMzdjZTI2Y2I0MgIGEjgC HTTP 302
  • https://ssp.disqus.com/match?bidder=18&buyeruid=1f464d14-05ee-40ea-a166-3b91b9662be6&r=Cid1YS00NDA0OGJkNi1kMDM3LTM2MjItYTIzZS1hZWYzN2NlMjZjYjQqU2h0dHBzOi8vYWRzLnNlcnZlbm9iaWQuY29tL3N5bmM_cGlkPTM0NiZ1aWQ9dWEtNDQwNDhiZDYtZDAzNy0zNjIyLWEyM2UtYWVmMzdjZTI2Y2I0MgIGEjgC HTTP 302
  • https://ads.servenobid.com/sync?pid=346&uid=ua-44048bd6-d037-3622-a23e-aef37ce26cb4
Request Chain 425
  • https://ups.analytics.yahoo.com/ups/58632/occ HTTP 302
  • https://ads.servenobid.com/sync?pid=339&uid=y-vdHtIrVE2uFcEGZjJs52xF2hrrLTWrBGTAGwAG4-~A
Request Chain 429
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=94fe3cf1-3e44-4ca9-b31e-4d20824c3f42&expiration=1667215795&gdpr=0&gdpr_consent=
Request Chain 430
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YzgksIzwkGH2s7rQXrj5agAAEpYAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEBEAEWrcdoBl8MnuhyK5S1I&google_cver=1
Request Chain 433
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YzgksIzwkGH2s7rQXrj5agAAEpYAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/YzgksIzwkGH2s7rQXrj5agAAEpYAAAIB
Request Chain 435
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1 HTTP 302
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=07030002_633824b3df0a1&knw=0 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=07030002_633824b3df0a1
Request Chain 436
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=76ed6338-24b0-4800-bca5-671c290429af
Request Chain 443
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:76ed6338-24b0-4800-bca5-671c290429af&gdpr=0&gdpr_consent=
Request Chain 445
  • https://cm.ambientdsp.com/cm/send?vc=pmj HTTP 301
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=x9m1skr4q2s HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?p=158355&pmc=1&pr=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D73a14bd1-6a49-4cf4-8290-591dcce62202%26bidder%3Dpubmatic%26uid%3D8D85E5DC-08FA-4FF0-A24B-85016B0F6E64 HTTP 302
  • https://prebid.a-mo.net/setuid?A=73a14bd1-6a49-4cf4-8290-591dcce62202&bidder=pubmatic&uid=8D85E5DC-08FA-4FF0-A24B-85016B0F6E64
Request Chain 446
  • https://gocm.c.appier.net/pubmatic HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=kxcGQtQEBBSXnUDcsyQ4Yw HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 449
  • https://ipac.ctnsnet.com/int/cm?exc=14&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA%3D%26piggybackCookie%3D%5Buser_id%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=100209cc1f2c4b7387ee01622b6005ea
Request Chain 451
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-399b6623-35a5-47a7-9e2f-fda9227d4571-004&rndcb=1317240197 HTTP 302
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=adconductor HTTP 302
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=adconductor HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=2758cffc-5454-4779-a5c9-09a00ea249e1&ssp=adconductor HTTP 302
  • https://sync.1rx.io/usersync/bidswitch/c517c859-213d-4ae2-834e-1c2a02286ba3?gdpr=&gdpr_consent= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-399b6623-35a5-47a7-9e2f-fda9227d4571-004
Request Chain 452
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:FYSE5HS21OEAGS5&gdpr=0&gdpr_consent=
Request Chain 453
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=5fc2e776-417c-11ed-8ed9-1f1deff20cfe HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?p=158355&pmc=1&pr=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D73a14bd1-6a49-4cf4-8290-591dcce62202%26bidder%3Dpubmatic%26uid%3D8D85E5DC-08FA-4FF0-A24B-85016B0F6E64 HTTP 302
  • https://prebid.a-mo.net/setuid?A=73a14bd1-6a49-4cf4-8290-591dcce62202&bidder=pubmatic&uid=8D85E5DC-08FA-4FF0-A24B-85016B0F6E64
Request Chain 454
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID HTTP 302
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=378a9188-a731-45f0-a73e-e5f9f5b7b9bd-tucta31aa33&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Request Chain 455
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 460
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=jYXl3Aj6T_CiS4UBaw9uZA%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 461
  • https://idsync.rlcdn.com/420486.gif?partner_uid=8D85E5DC-08FA-4FF0-A24B-85016B0F6E64 HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CIbVGRIwCiwIARCMowEaJDhEODVFNURDLTA4RkEtNEZGMC1BMjRCLTg1MDE2QjBGNkU2NBAAGg0Is8ngmQYSBQjoBxAAQgBKAA HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=71230d1174ee7b3cbccd39b09523df4bb88beede8e34d363a5f688161a89d0ad791426b5417dce21&_=2 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlA3MTIzMGQxMTc0ZWU3YjNjYmNjZDM5YjA5NTIzZGY0YmI4OGJlZWRlOGUzNGQzNjNhNWY2ODgxNjFhODlkMGFkNzkxNDI2YjU0MTdkY2UyMRAAGgwItMngmQYSBAgCEABCAEoA HTTP 302
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlA3MTIzMGQxMTc0ZWU3YjNjYmNjZDM5YjA5NTIzZGY0YmI4OGJlZWRlOGUzNGQzNjNhNWY2ODgxNjFhODlkMGFkNzkxNDI2YjU0MTdkY2UyMRAAGgwItMngmQYSBAgCEABCAEoA&google_gid=CAESELIVdzBP4Ke9kqqcwIKnjqM&google_cver=1 HTTP 307
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3= HTTP 303
  • https://idsync.rlcdn.com/458249.gif?partner_uid=e0193312-ab58-4b1d-9c17-87147c76a43f
Request Chain 462
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=76ed6338-24b0-4800-bca5-671c290429af
Request Chain 463
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OEQ4NUU1REMtMDhGQS00RkYwLUEyNEItODUwMTZCMEY2RTY0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 464
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEBozjSKqMhSVECGeGEc5VPY&google_cver=1
Request Chain 465
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:97D47A47F6B9400A97521DB78B233043 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 467
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=94fe3cf1-3e44-4ca9-b31e-4d20824c3f42
Request Chain 468
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=MGQa3jRjSIUrMRuENG4E0DNhGNMrYU3RNTQ2eBxi
Request Chain 469
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2072648366779668424&gdpr=0&gdpr_consent=
Request Chain 470
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic HTTP 302
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=6c560b16-36bc-46be-983e-654602179631&ssp=pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=c517c859-213d-4ae2-834e-1c2a02286ba3&gdpr=&gdpr_consent=&gdpr_pd= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 471
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=8D85E5DC-08FA-4FF0-A24B-85016B0F6E64&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-ZR71t1xE2uXOLhQCOLSnF1GolXtQOrg-~A&gdpr=0&gdpr_consent=
Request Chain 472
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=5401464212225013440 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?p=158355&pmc=1&pr=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D73a14bd1-6a49-4cf4-8290-591dcce62202%26bidder%3Dpubmatic%26uid%3D8D85E5DC-08FA-4FF0-A24B-85016B0F6E64 HTTP 302
  • https://prebid.a-mo.net/setuid?A=73a14bd1-6a49-4cf4-8290-591dcce62202&bidder=pubmatic&uid=8D85E5DC-08FA-4FF0-A24B-85016B0F6E64
Request Chain 473
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=9043219101811047819&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 474
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=2072648366779668424
Request Chain 475
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=8D85E5DC-08FA-4FF0-A24B-85016B0F6E64&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=1798968b8481b22&is_secure=true&networkId=17100&version=1&nuid=8D85E5DC-08FA-4FF0-A24B-85016B0F6E64&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAJo70hm_7_NAMDUFRTAAAAAAA&expiration=1664710196&nuid=8D85E5DC-08FA-4FF0-A24B-85016B0F6E64&is_secure=true&gdpr_consent=&gdpr=0
Request Chain 477
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=2072648366779668424
Request Chain 478
  • https://match.prod.bidr.io/cookie-sync/ie HTTP 303
  • https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1 HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAZXNk7GcEkAAB9PjJRaeA&expiration=1665833396
Request Chain 480
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=9043219101811047819
Request Chain 481
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent= HTTP 302
  • https://stags.bluekai.com/site/23178?id=gU44aKoIYdcgRJmSt6ri&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3SOVWT6Y3NL5SHG4C7NFSD2MJXEZSXQY3IMFXGOZJ5NFXGIZLYEZSXQ5DFOJXGC3C7OVZWK4S7NFSD2Z2VGQ2GCS3PJFMWIY3HKJFG2U3UGZZGS HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3SOVWT6Y3NL5SHG4C7NFSD2MJXEZSXQY3IMFXGOZJ5NFXGIZLYEZSXQ5DFOJXGC3C7OVZWK4S7NFSD2Z2VGQ2GCS3PJFMWIY3HKJFG2U3UGZZGS HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=gU44aKoIYdcgRJmSt6ri
Request Chain 482
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=94fe3cf1-3e44-4ca9-b31e-4d20824c3f42&expiration=1667215795&gdpr=0&gdpr_consent=
Request Chain 484
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=2072648366779668424
Request Chain 486
  • https://pixel.rubiconproject.com/exchange/sync.php?p=medianet&khaos=L8PU0VI1-22-89WR HTTP 302
  • https://contextual.media.net/cksync.php?type=rbcn&ovsid=L8PU0VI1-22-89WR
Request Chain 489
  • https://cs.admanmedia.com/sync/smartadserver?us_privacy=&coppa=&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=130&partneruserid=57d42d5a-3fb3-4787-96a7-4ebf0bd6fe55
Request Chain 491
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=139&partneruserid=0&redirurl=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3D98KUz37ype9D3X2sf9ovgeTt%26source_user_id%3DSMART_USER_ID&gdpr=0&gdpr_consent= HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=98KUz37ype9D3X2sf9ovgeTt&source_user_id=6873485177772978593&gdpr=0&gdpr_consent=
Request Chain 496
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=2072648366779668424
Request Chain 497
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=a_715bfe67-7186-4deb-a640-bcd6732ed31b&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2 HTTP 302
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=6c560b16-36bc-46be-983e-654602179631&ssp=gumgum2 HTTP 302
  • https://usersync.gumgum.com/usersync?b=bsw&i=c517c859-213d-4ae2-834e-1c2a02286ba3
Request Chain 498
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28ksct2HXYPINH6VGfAHaQhdBo8tR6AqLHh7G0fFcf4inAO-wxAEAfYEmKJWT4AZHy%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28ksct2HXYPINH6VGfAHaQhdBo8tR6AqLHh7G0fFcf4inAO-wxAEAfYEmKJWT4AZHy%29 HTTP 302
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=a_715bfe67-7186-4deb-a640-bcd6732ed31b&obuid=ENC(ksct2HXYPINH6VGfAHaQhdBo8tR6AqLHh7G0fFcf4inAO-wxAEAfYEmKJWT4AZHy) HTTP 302
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51 HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=193091&cb=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dindxexcg%26uid%3D%24%7BUSER%7D%26obUid%3Dksct2HXYPINH6VGfAHaQhdBo8tR6AqLHh7G0fFcf4inAO-wxAEAfYEmKJWT4AZHy%26gdpr%3D%24GDPR_APPLIES%26gdpr_consent%3D%24CONSNT_STRING%26us_privacy%3D%24CCPA%0A
Request Chain 499
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=982f916c-44e7-44a2-88bb-216a672ab347
Request Chain 500
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-3faf5242-7290-400b-68fb-4b2ccf8c152f$ip$173.245.209.111
Request Chain 501
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=oth&i=y-xB2.bghE2pcvNboM7lXJeIuKYfbxU8IioDNH~A
Request Chain 502
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=9da30d26-9013-47a7-947b-a84377667183
Request Chain 505
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=a_715bfe67-7186-4deb-a640-bcd6732ed31b&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=gU44aKoIYdcgRJmSt6ri&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2Z2VGQ2GCS3PJFMWIY3HKJFG2U3UGZZGSJTVONPXA4TJOZQWG6J5GEWS2LI&gdpr=0&us_privacy=1--- HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2Z2VGQ2GCS3PJFMWIY3HKJFG2U3UGZZGSJTVONPXA4TJOZQWG6J5GEWS2LI HTTP 302
  • https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=gU44aKoIYdcgRJmSt6ri&us_privacy=1---
Request Chain 506
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=idi&i=90e3369f-9787-4a86-846e-f09c73e2c0d6
Request Chain 507
  • https://sync.1rx.io/usersync2/floor6?gdpr=0&gdpr_consent=&dspret=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D HTTP 302
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-399b6623-35a5-47a7-9e2f-fda9227d4571-004&rndcb=4871731470 HTTP 302
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=adconductor&bsw_custom_parameter=c517c859-213d-4ae2-834e-1c2a02286ba3 HTTP 302
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=adconductor&bsw_custom_parameter=c517c859-213d-4ae2-834e-1c2a02286ba3 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=994fa61a-1762-4b77-8d61-a867ac0d54bc&user_group=1&ssp=adconductor&bsw_param=c517c859-213d-4ae2-834e-1c2a02286ba3 HTTP 302
  • https://sync.1rx.io/usersync/bidswitch/c517c859-213d-4ae2-834e-1c2a02286ba3?gdpr=&gdpr_consent= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-399b6623-35a5-47a7-9e2f-fda9227d4571-004
Request Chain 508
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://usersync.gumgum.com/usersync?b=pln&i=KZDgWR6Ir1kd&ev=1&pid=558355
Request Chain 509
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sad&i=6873485177772978593
Request Chain 511
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
  • https://usersync.gumgum.com/usersync?b=mmh&i=76ed6338-24b0-4800-bca5-671c290429af&gdpr=0&gdpr_consent=
Request Chain 515
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=ttd&i=94fe3cf1-3e44-4ca9-b31e-4d20824c3f42
Request Chain 517
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=YzgksMCo8X8AAG-4u3UAAAAA
Request Chain 518
  • https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=iex&i=YzgksIzwkGH2s7rQXrj5agAA%264758
Request Chain 519
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=pxcF2x64uoLiTLWnoEml&pi=gumgum&tc=1
Request Chain 520
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 521
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=duration_media&khaos=L8PU0VI1-22-89WR HTTP 302
  • https://ads.servenobid.com/sync?pid=323&uid=L8PU0VI1-22-89WR
Request Chain 549
  • https://ipac.ctnsnet.com/int/cm?exc=1&acc=crimtan_au&google_gid=CAESEES2FtrR1s9AQtG9nC0u9vQ&google_cver=1&google_push=AZmPxg_3nwkT6OhfPw0Ahl3jWdPw5h-9o3gDrJbyns6HF_akjC-CqEqnWz5tQjNE_7NWMGwNJ-S_irqfL7QIwr6zkLf9lViL0RsV HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AZmPxg_3nwkT6OhfPw0Ahl3jWdPw5h-9o3gDrJbyns6HF_akjC-CqEqnWz5tQjNE_7NWMGwNJ-S_irqfL7QIwr6zkLf9lViL0RsV&google_hm=EAIJzB8sS3OH7gFiK2AF6m8
Request Chain 550
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEPPW5WgxpBInZhBmagY9rDo&google_cver=1&google_push=AZmPxg8HQAU2ujPxseAECo9c9EoYCx0L1ghkMaqQLWn8jYRn4O7HH9ABlS5pZXQPcRJpnYt2lRCtmC9w5s-0sy2fpJtW-o8jlG40 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTQwMTQ2NDIxMjIyNTAxMzQ0MA&google_push=AZmPxg8HQAU2ujPxseAECo9c9EoYCx0L1ghkMaqQLWn8jYRn4O7HH9ABlS5pZXQPcRJpnYt2lRCtmC9w5s-0sy2fpJtW-o8jlG40
Request Chain 551
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEPq4ZEhTrIewBhEOrzm0VP0&google_cver=1&google_push=AZmPxg9e3yvhavuPyDvpOy3v1_hnVcvW_MRD3hhqKLMo8jxPRwvjrTtAbLIfvqxI-hDeEnCfJUT210IdYvQ-P3s78CXICd30TImU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AZmPxg9e3yvhavuPyDvpOy3v1_hnVcvW_MRD3hhqKLMo8jxPRwvjrTtAbLIfvqxI-hDeEnCfJUT210IdYvQ-P3s78CXICd30TImU&google_hm=Z1U0NGFLb0lZZGNnUkptU3Q2cmk=
Request Chain 552
  • https://an.yandex.ru/mapuid/google/CAESEJKca8EJ0_RDS4L-n3Pq6u4?ext-param=AZmPxg_oQYHLRuYnYrqEaexaKswN1NlTyFlSiqAmkraSz69VwiHaykL9qhvverznLPx-e0a3r6q1igt8-tATyrAChh6n4EalGmke1Q&partner-tag=yandex_ag&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEJKca8EJ0_RDS4L-n3Pq6u4&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif HTTP 302
  • https://an.yandex.ru/resource/spacer.gif
Request Chain 555
  • https://ipac.ctnsnet.com/int/cm?exc=1&acc=crimtan_au&google_gid=CAESEES2FtrR1s9AQtG9nC0u9vQ&google_cver=1&google_push=AZmPxg9P6ZlOHumAD3LFiVk_7y21v2xsNAhw7xDxDy4HXugDWCJYO8bnt1m1GlPcnpR2GwvsqBS8nvkJ1XwbDsxkf8hyNRlNFVSoNTzV4MfHO8m4sgucIgCZJdvfVhO9aHd-v4pOKMjyyhQAJVgORLIzrPw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AZmPxg9P6ZlOHumAD3LFiVk_7y21v2xsNAhw7xDxDy4HXugDWCJYO8bnt1m1GlPcnpR2GwvsqBS8nvkJ1XwbDsxkf8hyNRlNFVSoNTzV4MfHO8m4sgucIgCZJdvfVhO9aHd-v4pOKMjyyhQAJVgORLIzrPw&google_hm=EAIJzB8sS3OH7gFiK2AF6m8
Request Chain 556
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEPPW5WgxpBInZhBmagY9rDo&google_cver=1&google_push=AZmPxg-1T8qt8-z9dkeeIf_d1ZYvgIJXJLksXOpGmBi_WDIVbA1EgTwOW-zUbZ6CsK3aLBagbg3WuSmOWHtD-KM3_xQz5cZx-zhLTxpdCn0yGZ_xWFQZPdqnPL8BOvxI1mUCCTK7et5IVLqiXhmf-l3_3Zc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTQwMTQ2NDIxMjIyNTAxMzQ0MA&google_push=AZmPxg-1T8qt8-z9dkeeIf_d1ZYvgIJXJLksXOpGmBi_WDIVbA1EgTwOW-zUbZ6CsK3aLBagbg3WuSmOWHtD-KM3_xQz5cZx-zhLTxpdCn0yGZ_xWFQZPdqnPL8BOvxI1mUCCTK7et5IVLqiXhmf-l3_3Zc
Request Chain 557
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEPq4ZEhTrIewBhEOrzm0VP0&google_cver=1&google_push=AZmPxg9TlBYtrC6sK95JELZfu6sLpSdspLzr0VMp-e77l0gdp3FwTN6evOD-K2zimswnt_jZx4B5XMj4_87ZMFmXLrRjchFnqmI1T9EQx-GDWxCtUfArh_l1HeUjh4jYIkGjjY08AaHNgBGdOrEBagGY6_4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AZmPxg9TlBYtrC6sK95JELZfu6sLpSdspLzr0VMp-e77l0gdp3FwTN6evOD-K2zimswnt_jZx4B5XMj4_87ZMFmXLrRjchFnqmI1T9EQx-GDWxCtUfArh_l1HeUjh4jYIkGjjY08AaHNgBGdOrEBagGY6_4&google_hm=Z1U0NGFLb0lZZGNnUkptU3Q2cmk=
Request Chain 558
  • https://an.yandex.ru/mapuid/google/CAESEJKca8EJ0_RDS4L-n3Pq6u4?ext-param=AZmPxg_pdqMr_8k7PXWxjRxqUIVzfG2IccSVYuOCo3OkaN5CfzffFKehck3Y360VKDiEVsag3OWgf-aoSxQ6y0auwldVQ73b6YgnDNprWQOsuTecSudTWW-iNhM34jIPIYkTOtRse2ayPs-hPrC2_xERCWtY&partner-tag=yandex_ag&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEJKca8EJ0_RDS4L-n3Pq6u4&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif HTTP 302
  • https://an.yandex.ru/resource/spacer.gif
Request Chain 561
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=L8PU0VI1-22-89WR HTTP 302
  • https://usersync.gumgum.com/usersync?b=mag&i=L8PU0VI1-22-89WR
Request Chain 578
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDr6bKiUhCACBiACDIIJYu_i1lmA0E HTTP 301
  • https://tpc.googlesyndication.com/simgad/562616355818907787
Request Chain 596
  • https://cdn.doubleverify.com/redirect/?host=tpsc-ae1&param=akipv6&impid=d896405c1f7f415c89c4e73703743289&cbust=1664623797294631 HTTP 302
  • https://tpsc-ae1.doubleverify.com/event.png?impid=d896405c1f7f415c89c4e73703743289&akipv6=
Request Chain 597
  • https://rtb.openx.net/sync/dds?google_gid=CAESEFL3t308Hrh542-rTWQhbEk&google_cver=1&google_push=AZmPxg8VV_nsGyRL3aH8WiTSVhtk8bWc4NhcIKuY4_bCSaxt6SPtyizEci9v-mapgQ-uR9f4WJcAEuZTilIUbVut_TqEyLoU1Cwn HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AZmPxg8VV_nsGyRL3aH8WiTSVhtk8bWc4NhcIKuY4_bCSaxt6SPtyizEci9v-mapgQ-uR9f4WJcAEuZTilIUbVut_TqEyLoU1Cwn&google_hm=sES_IMV0xdoJtH0wfGOIuw==
Request Chain 598
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEAirab7OYiZJVpyUL7UfDaQ&google_cver=1&google_push=AZmPxg_7NJqdnqGLmecyd50ZpbRfXBLX7gv6YRdJcx3wR52NAa5lri9YGZvtDa2VUtB8UjzWvC3P-b1i4bB2gP6orMj87pPcAoXd HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=jYXl3Aj6T_CiS4UBaw9uZA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AZmPxg_7NJqdnqGLmecyd50ZpbRfXBLX7gv6YRdJcx3wR52NAa5lri9YGZvtDa2VUtB8UjzWvC3P-b1i4bB2gP6orMj87pPcAoXd
Request Chain 599
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEHfqUJwBLUtihgGNqV1PZio&google_cver=1&google_push=AZmPxg_hlWO5TeDolfs1o33_92mHXxbCVGay01SGWMqrMKjNsysNG5ogMP5CuzW7R3sBXm-oLZk2NPY3OMppN2ekFY6WztxwzfRI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhQVTBWSTEtMjItODlXUg==&google_push=AZmPxg_hlWO5TeDolfs1o33_92mHXxbCVGay01SGWMqrMKjNsysNG5ogMP5CuzW7R3sBXm-oLZk2NPY3OMppN2ekFY6WztxwzfRI
Request Chain 600
  • https://cc.adingo.jp/adx/push/?google_gid=CAESEDbW_f7tfTsl70LA40CVALo&google_cver=1&google_push=AZmPxg93IOijWxMW9vKHRwxUkd3r0-3cjxTujKhEilgGUDTPPUBY6vOZpJJVeF5t9vDZH5j-gd2zZOQzI_rTtzadz_sAt4eEAqX3 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AZmPxg93IOijWxMW9vKHRwxUkd3r0-3cjxTujKhEilgGUDTPPUBY6vOZpJJVeF5t9vDZH5j-gd2zZOQzI_rTtzadz_sAt4eEAqX3&google_hm=47fc71f165d9bbd63afc65765d8453b5
Request Chain 602
  • https://cdn.doubleverify.com/redirect/?host=tpsc-ae1&param=akipv6&impid=b7ae600d63e34eccba0cd5e33dd099ff&cbust=1664623797349320 HTTP 302
  • https://tpsc-ae1.doubleverify.com/event.png?impid=b7ae600d63e34eccba0cd5e33dd099ff&akipv6=
Request Chain 605
  • https://cdn.doubleverify.com/redirect/?host=tpsc-ae1&param=akipv6&impid=a20093f08e8346b6835f5b633657128e&cbust=1664623797399948 HTTP 302
  • https://tpsc-ae1.doubleverify.com/event.png?impid=a20093f08e8346b6835f5b633657128e&akipv6=
Request Chain 606
  • https://cdn.doubleverify.com/redirect/?host=tpsc-ae1&param=akipv6&impid=fdb909194d314fb9b3af326207168762&cbust=1664623797404123 HTTP 302
  • https://tpsc-ae1.doubleverify.com/event.png?impid=fdb909194d314fb9b3af326207168762&akipv6=
Request Chain 623
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:97D47A47F6B9400A97521DB78B233043
Request Chain 625
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=8D85E5DC-08FA-4FF0-A24B-85016B0F6E64&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=8D85E5DC-08FA-4FF0-A24B-85016B0F6E64&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 626
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=8D85E5DC-08FA-4FF0-A24B-85016B0F6E64&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=8D85E5DC-08FA-4FF0-A24B-85016B0F6E64&gdpr=0&gdpr_consent=&ct=y
Request Chain 627
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=8D85E5DC-08FA-4FF0-A24B-85016B0F6E64 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=a1b328e9-f147-491b-836f-9bdb746f7b7d%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=94fe3cf1-3e44-4ca9-b31e-4d20824c3f42&ttd_puid=a1b328e9-f147-491b-836f-9bdb746f7b7d%2C
Request Chain 630
  • https://ad.doubleclick.net/activity;src=1295336;type=cs;cat=Viewa0;u14=115740;u15=18330;u16=%5BDVP_ADID%5D;ord=1?&cbust=1664623799501814 HTTP 302
  • https://ad.doubleclick.net/activity;dc_pre=CNmoovL2vvoCFdSC5godhrQJRA;src=1295336;type=cs;cat=Viewa0;u14=115740;u15=18330;u16=%5BDVP_ADID%5D;ord=1?&cbust=1664623799501814 HTTP 302
  • https://adservice.google.com/ddm/fls/z/dc_pre=CNmoovL2vvoCFdSC5godhrQJRA;src=1295336;type=cs;cat=Viewa0;u14=115740;u15=18330;u16=%5BDVP_ADID%5D;ord=1?&cbust=1664623799501814
Request Chain 631
  • https://ad.doubleclick.net/ddm/activity/src=1295336;type=custom;cat=viewa2;u1=%5BTOTALPAGETIME%5D;u2=%5BBUCKET_0%5D;u3=%5BBUCKET_1_9%5D;u4=%5BBUCKET_10_19%5D;u5=%5BBUCKET_20_29%5D;u6=%5BBUCKET_30_39%5D;u7=%5BBUCKET_40_49%5D;u8=%5BBUCKET_50_59%5D;u9=%5BBUCKET_60_69%5D;u10=%5BBUCKET_70_79%5D;u11=%5BBUCKET_80_89%5D;u12=%5BBUCKET_90_99%5D;u13=%5BBUCKET_100%5D;u14=115740;u15=18330;u16=%5BDVP_ADID%5D;u17=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1?%20&cbust=1664623799501365 HTTP 302
  • https://ad.doubleclick.net/ddm/activity/src=1295336;dc_pre=CKyPovL2vvoCFeig2AUd9c0Bcw;type=custom;cat=viewa2;u1=%5BTOTALPAGETIME%5D;u2=%5BBUCKET_0%5D;u3=%5BBUCKET_1_9%5D;u4=%5BBUCKET_10_19%5D;u5=%5BBUCKET_20_29%5D;u6=%5BBUCKET_30_39%5D;u7=%5BBUCKET_40_49%5D;u8=%5BBUCKET_50_59%5D;u9=%5BBUCKET_60_69%5D;u10=%5BBUCKET_70_79%5D;u11=%5BBUCKET_80_89%5D;u12=%5BBUCKET_90_99%5D;u13=%5BBUCKET_100%5D;u14=115740;u15=18330;u16=%5BDVP_ADID%5D;u17=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1?%20&cbust=1664623799501365 HTTP 302
  • https://adservice.google.com/ddm/fls/z/src=1295336;dc_pre=CKyPovL2vvoCFeig2AUd9c0Bcw;type=custom;cat=viewa2;u1=%5BTOTALPAGETIME%5D;u2=%5BBUCKET_0%5D;u3=%5BBUCKET_1_9%5D;u4=%5BBUCKET_10_19%5D;u5=%5BBUCKET_20_29%5D;u6=%5BBUCKET_30_39%5D;u7=%5BBUCKET_40_49%5D;u8=%5BBUCKET_50_59%5D;u9=%5BBUCKET_60_69%5D;u10=%5BBUCKET_70_79%5D;u11=%5BBUCKET_80_89%5D;u12=%5BBUCKET_90_99%5D;u13=%5BBUCKET_100%5D;u14=115740;u15=18330;u16=%5BDVP_ADID%5D;u17=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1?%20&cbust=1664623799501365
Request Chain 632
  • https://ad.doubleclick.net/activity;src=1295336;type=cs;cat=Viewa0;u14=115740;u15=18330;u16=%5BDVP_ADID%5D;ord=1?&cbust=1664623799506463 HTTP 302
  • https://ad.doubleclick.net/activity;dc_pre=CP6MovL2vvoCFQrXcwEdloQLxQ;src=1295336;type=cs;cat=Viewa0;u14=115740;u15=18330;u16=%5BDVP_ADID%5D;ord=1?&cbust=1664623799506463 HTTP 302
  • https://adservice.google.com/ddm/fls/z/dc_pre=CP6MovL2vvoCFQrXcwEdloQLxQ;src=1295336;type=cs;cat=Viewa0;u14=115740;u15=18330;u16=%5BDVP_ADID%5D;ord=1?&cbust=1664623799506463
Request Chain 633
  • https://ad.doubleclick.net/ddm/activity/src=1295336;type=custom;cat=viewa2;u1=%5BTOTALPAGETIME%5D;u2=%5BBUCKET_0%5D;u3=%5BBUCKET_1_9%5D;u4=%5BBUCKET_10_19%5D;u5=%5BBUCKET_20_29%5D;u6=%5BBUCKET_30_39%5D;u7=%5BBUCKET_40_49%5D;u8=%5BBUCKET_50_59%5D;u9=%5BBUCKET_60_69%5D;u10=%5BBUCKET_70_79%5D;u11=%5BBUCKET_80_89%5D;u12=%5BBUCKET_90_99%5D;u13=%5BBUCKET_100%5D;u14=115740;u15=18330;u16=%5BDVP_ADID%5D;u17=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1?%20&cbust=1664623799506539 HTTP 302
  • https://ad.doubleclick.net/ddm/activity/src=1295336;dc_pre=CKSPovL2vvoCFcHacwEdEYcHAw;type=custom;cat=viewa2;u1=%5BTOTALPAGETIME%5D;u2=%5BBUCKET_0%5D;u3=%5BBUCKET_1_9%5D;u4=%5BBUCKET_10_19%5D;u5=%5BBUCKET_20_29%5D;u6=%5BBUCKET_30_39%5D;u7=%5BBUCKET_40_49%5D;u8=%5BBUCKET_50_59%5D;u9=%5BBUCKET_60_69%5D;u10=%5BBUCKET_70_79%5D;u11=%5BBUCKET_80_89%5D;u12=%5BBUCKET_90_99%5D;u13=%5BBUCKET_100%5D;u14=115740;u15=18330;u16=%5BDVP_ADID%5D;u17=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1?%20&cbust=1664623799506539 HTTP 302
  • https://adservice.google.com/ddm/fls/z/src=1295336;dc_pre=CKSPovL2vvoCFcHacwEdEYcHAw;type=custom;cat=viewa2;u1=%5BTOTALPAGETIME%5D;u2=%5BBUCKET_0%5D;u3=%5BBUCKET_1_9%5D;u4=%5BBUCKET_10_19%5D;u5=%5BBUCKET_20_29%5D;u6=%5BBUCKET_30_39%5D;u7=%5BBUCKET_40_49%5D;u8=%5BBUCKET_50_59%5D;u9=%5BBUCKET_60_69%5D;u10=%5BBUCKET_70_79%5D;u11=%5BBUCKET_80_89%5D;u12=%5BBUCKET_90_99%5D;u13=%5BBUCKET_100%5D;u14=115740;u15=18330;u16=%5BDVP_ADID%5D;u17=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1?%20&cbust=1664623799506539

637 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request qiang-ni-dai-pu-nan-shen-ji-lao-13sui-ke-neng-yuan-yin-pu-guang.html
www.bg3.co/a/ 		55 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.bg3.co/a/qiang-ni-dai-pu-nan-shen-ji-lao-13sui-ke-neng-yuan-yin-pu-guang.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
84.17.37.44 Central, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-84-17-37-44.cdn77.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
27cced65a36d20cb899ce5a31c1177c0da15fbfdac2f875233bcfd34776a1457

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
max-age=3600
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Sat, 01 Oct 2022 11:29:43 GMT
ETag
"dd6f-hszLsWoNODiUBgpm5LE6DBNpJqY"
Expires
Sat, 01 Oct 2022 12:29:43 GMT
Server
nginx/1.18.0 (Ubuntu)
Transfer-Encoding
chunked
Vary
Accept-Encoding
v0.js
cdn.ampproject.org/ 		276 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qiang-ni-dai-pu-nan-shen-ji-lao-13sui-ke-neng-yuan-yin-pu-guang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
5b43780c96623b3a913b0cbfe1284b1c393563fca74ce8676a412b77906d2d2b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Sat, 01 Oct 2022 11:29:44 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
72501
x-xss-protection
0
server
sffe
etag
"b0a9bc3cc165f0cd"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3000, stale-while-revalidate=1206600
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 01 Oct 2022 11:29:44 GMT
amp-sidebar-0.1.js
cdn.ampproject.org/v0/ 		31 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-sidebar-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qiang-ni-dai-pu-nan-shen-ji-lao-13sui-ke-neng-yuan-yin-pu-guang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
1ece948d98c5e739c54ec068ea618b60e9649127a30091b85ad155b63ce934e8
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Sat, 01 Oct 2022 11:29:44 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9664
x-xss-protection
0
server
sffe
etag
"b2cba6000b3c8a65"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 01 Oct 2022 11:29:44 GMT
amp-auto-ads-0.1.js
cdn.ampproject.org/v0/ 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-auto-ads-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qiang-ni-dai-pu-nan-shen-ji-lao-13sui-ke-neng-yuan-yin-pu-guang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
7f0d0bceea71a5f83c45cf3c926b7e9e5b51f9a8c3ac83b3d158c33eaf3a9a51
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Sat, 01 Oct 2022 11:29:44 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7571
x-xss-protection
0
server
sffe
etag
"87d590c66fd5781f"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 01 Oct 2022 11:29:44 GMT
amp-analytics-0.1.js
cdn.ampproject.org/v0/ 		109 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-analytics-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qiang-ni-dai-pu-nan-shen-ji-lao-13sui-ke-neng-yuan-yin-pu-guang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
01a989def5188d77aee84e4ce053666e0c5d2207bb7570c9d4991632afac09c9
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Sat, 01 Oct 2022 11:29:44 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31967
x-xss-protection
0
server
sffe
etag
"dfda97fe2a1b5ffc"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 01 Oct 2022 11:29:44 GMT
sdk
cdn.aralego.net/ucfad/sdk/apac-sg/
Redirect Chain
  • https://ads.aralego.com/sdk
  • https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
43 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qiang-ni-dai-pu-nan-shen-ji-lao-13sui-ke-neng-yuan-yin-pu-guang.html
Protocol
H2
Server
172.67.71.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
28bf646c6e799ca96adb3a5b48fe882639d31e27102cad9ed2979555da55944a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 11:29:45 GMT
cf-cache-status
HIT
last-modified
Thu, 22 Sep 2022 10:10:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"632c348e-aab9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d8VF74KQ%2Fbbp0TcULsctSsNC1K2nEIbB4CMi5Rzg1SAJjNSw%2FfX7Sm8i3jkRWGrBWk%2F3sllBiWdp8KdZQvA%2FCsjWFz5%2FkmxPc9rpOhPlsV7narHkoExts1AO4unUYRcE2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
7534dcc2e8b5a89e-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43705

Redirect headers

Location
https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
Connection
close
Content-length
0
adRecover.js
delivery.adrecover.com/43519/ 		36 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://delivery.adrecover.com/43519/adRecover.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qiang-ni-dai-pu-nan-shen-ji-lao-13sui-ke-neng-yuan-yin-pu-guang.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.144 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-144.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
28dc46ca7136b4d6089128b4a537e94624c990ee5162d869cbd53b4b81faaea5

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AU
date
Sat, 01 Oct 2022 11:29:45 GMT
content-encoding
br
last-modified
Sat, 01 Oct 2022 06:00:44 GMT
server
nginx/1.18.0
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=3
x-cf-geodata
AU
content-length
9571
expires
Sat, 01 Oct 2022 12:29:45 GMT
adpushup.js
cdn.adpushup.com/42753/ 		479 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/adpushup.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qiang-ni-dai-pu-nan-shen-ji-lao-13sui-ke-neng-yuan-yin-pu-guang.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.200 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-200.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
c0eef3f02520787922a61b1cf8b5144068461152c524d4f1a34531df210d3987

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AU
date
Sat, 01 Oct 2022 11:29:45 GMT
content-encoding
br
last-modified
Fri, 30 Sep 2022 18:03:28 GMT
server
nginx/1.18.0
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=18
x-cf-geodata
AU
content-length
105270
expires
Sat, 01 Oct 2022 12:29:45 GMT
jquery-2.2.2.min.js
code.jquery.com/ 		84 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-2.2.2.min.js
Requested by
Host: delivery.adrecover.com
URL: https://delivery.adrecover.com/43519/adRecover.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
tlb.hwcdn.net
Software
nginx /
Resource Hash
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 11:29:45 GMT
content-encoding
gzip
last-modified
Fri, 20 Aug 2021 17:47:53 GMT
server
nginx
etag
W/"611feac9-14e98"
vary
Accept-Encoding
x-hw
1664623785.dop208.sj3.t,1664623785.cds215.sj3.hn,1664623785.cds210.sj3.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
29880
9a42b9ccabeeab6305aadcf81cdbdcbf.jpg
static.bg3.co/imgs/202106/ 		68 KB
69 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/9a42b9ccabeeab6305aadcf81cdbdcbf.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qiang-ni-dai-pu-nan-shen-ji-lao-13sui-ke-neng-yuan-yin-pu-guang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a213b4c50cc8726cf59286f0c62929335cadb63f22eba1336362bcace532d74

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 11:29:46 GMT
cf-cache-status
MISS
last-modified
Wed, 02 Jun 2021 03:41:19 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"9A42B9CCABEEAB6305AADCF81CDBDCBF"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CmOxMFJ1XYjUEpys2Zutb1cQvHgahTswHmtqtvZR39dYO34qxftQz5BoJEVboMtA7ObwAMg%2F0feBQqdQGHl2Oui9cDu2CS%2Fqo3g5V8uFKy3zW8RZWcsbRRST%2FQKzoEg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
7534dcc4cf8aa961-SYD
content-length
69758
expires
Sat, 08 Oct 2022 11:29:46 GMT
385da726ec6b83bc0d52ecae8ccc6088.jpg
static.bg3.co/imgs/202106/ 		123 KB
124 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/385da726ec6b83bc0d52ecae8ccc6088.jpg?w=800&h=577&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qiang-ni-dai-pu-nan-shen-ji-lao-13sui-ke-neng-yuan-yin-pu-guang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7149cdc8f8106ee38eba6bdf744e4e861973d7320ccf789e6844f9564dee375f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 11:29:46 GMT
cf-cache-status
MISS
last-modified
Wed, 02 Jun 2021 00:49:42 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"385DA726EC6B83BC0D52ECAE8CCC6088"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ky2%2BvcIgMP2aqX1%2FNSDf7W2ajLJ3tKmMzTWFNvly10UGLum6Ptkx4fzjIMDJE9mvPnIW9OMAC1xAzpFMeOwDFUvTqwItYdDXGc%2B%2B%2F%2FdRTITwhQdMX%2B5BQkl1y2sv3QI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
7534dcc4cf8ba961-SYD
content-length
126058
expires
Sat, 08 Oct 2022 11:29:46 GMT
083de32aa183b45965cf0883d9229ee4.jpg
static.bg3.co/imgs/202106/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/083de32aa183b45965cf0883d9229ee4.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qiang-ni-dai-pu-nan-shen-ji-lao-13sui-ke-neng-yuan-yin-pu-guang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a43a9f13209c31f8144a0001a7246a7900addbbde94931a8cf226607c172bdf4

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 11:29:46 GMT
cf-cache-status
MISS
last-modified
Wed, 02 Jun 2021 02:59:19 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"083DE32AA183B45965CF0883D9229EE4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=itXBxWtMUQ0o7JFLYhDt0GL%2F%2FeROX1vnGaChinuvXQvfFG3g4zK8M6q6QLMcRY80QkqCe2MuL4SzuXGrHKwGkLLgjDcP5gjrwZoDyAxbgJah63NWNtWevVHZmu7hHiI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
7534dcc4cf8fa961-SYD
content-length
8636
expires
Sat, 08 Oct 2022 11:29:46 GMT
30cad3fe29962d3fb1532b784cb5b81a.jpg
static.bg3.co/imgs/202105/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/30cad3fe29962d3fb1532b784cb5b81a.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qiang-ni-dai-pu-nan-shen-ji-lao-13sui-ke-neng-yuan-yin-pu-guang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2520562822e2185a43e3f762ecaff923a12cbe74e242c9e044edcf45a93b25d1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 11:29:46 GMT
cf-cache-status
MISS
last-modified
Sat, 29 May 2021 20:57:43 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"30CAD3FE29962D3FB1532B784CB5B81A"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PLXtoNzUlf7onuP5pHj%2BirMtsSvhh1CuM8cuDmMLXDUKxpXNePess%2FYpJ%2BKUCskSmzANflETGTVgVYvjXrAHCCuZ393sM%2BDqNokvBTELduYjVZLtZUbw0yeFU0m5cZA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
7534dcc4cf8da961-SYD
content-length
7673
expires
Sat, 08 Oct 2022 11:29:46 GMT
24f4aa8cf8d1ac5dd8af4693c42867a8.jpg
static.bg3.co/imgs/202105/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/24f4aa8cf8d1ac5dd8af4693c42867a8.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qiang-ni-dai-pu-nan-shen-ji-lao-13sui-ke-neng-yuan-yin-pu-guang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d28e123f7f7d07714e7a28414bea9428b46e519167a39e735d445b51c1499d45

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 11:29:46 GMT
cf-cache-status
MISS
last-modified
Sat, 29 May 2021 20:30:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"24F4AA8CF8D1AC5DD8AF4693C42867A8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OZj1YBQaSilvig09ygiABtspBGYgxOSqSwlM8%2B%2B%2Bnqlj6lmDHN3g6WOK5Du8vRwOw3tjvy7H0bTmojoStp%2BBDPnANwaJlW6WCFIBAcM8LhMAx%2Bkc4K921DTuTLWGPQ8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
7534dcc5682da961-SYD
content-length
7106
expires
Sat, 08 Oct 2022 11:29:46 GMT
4c6b51cc11d536bba51c2100400f59d1.jpg
static.bg3.co/imgs/202106/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/4c6b51cc11d536bba51c2100400f59d1.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qiang-ni-dai-pu-nan-shen-ji-lao-13sui-ke-neng-yuan-yin-pu-guang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58ea98b4e76498e7001c9b66d100f0131797cd456bdaff0c8383e5b360a66dc2

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 11:29:46 GMT
cf-cache-status
MISS
last-modified
Wed, 09 Jun 2021 22:43:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"4C6B51CC11D536BBA51C2100400F59D1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V4A3zcUCoV2sb%2F6Uz5NBgIyWIJMDY9mpYIMaxJqW6BWwi1OB2NzAjd25qBbIMuw50RB7LGwew4Sdp4zXqfIVY8jtO3Y4RNFwwXuf9wy%2BM95V1FwTsINv%2FMWx4UHR%2Bvw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
7534dcc5682ba961-SYD
content-length
6910
expires
Sat, 08 Oct 2022 11:29:46 GMT
1de286bf5758004a423c535959102b63.jpg
static.bg3.co/imgs/202205/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202205/1de286bf5758004a423c535959102b63.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qiang-ni-dai-pu-nan-shen-ji-lao-13sui-ke-neng-yuan-yin-pu-guang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f00322f86491d3b13755fd4ca62ad36c5810604350d4f78ab872d68bff003af

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 11:29:46 GMT
cf-cache-status
MISS
last-modified
Sat, 14 May 2022 07:05:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"1DE286BF5758004A423C535959102B63"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4EL3QcRJgb4dVvD5vgzy%2B9K%2FyBCXlvRhv5WC7zwLNWBlc6WeAM5Ap%2B9i8ay1L97%2Bwc9PjtKd3uXJMC%2BRt2zhQ1eeUoSHOmrO%2BiCrBeaftmrcXJ2XccWRqRnd5V9zUpI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
7534dcc4cf87a961-SYD
content-length
4847
expires
Sat, 08 Oct 2022 11:29:46 GMT
9c84e0f169231269df5e43b5f3fab8a6.jpg
static.bg3.co/imgs/202105/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/9c84e0f169231269df5e43b5f3fab8a6.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qiang-ni-dai-pu-nan-shen-ji-lao-13sui-ke-neng-yuan-yin-pu-guang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9abc20494d311ee34ff13a7a4c20fe9511386380de1fbd9de716ac693b193cd1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 11:29:46 GMT
cf-cache-status
MISS
last-modified
Tue, 25 May 2021 22:43:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"9C84E0F169231269DF5E43B5F3FAB8A6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JWWTPdN72Xvgy3jWEDzS4%2B80DPBvavOIDCWy9HlEBN3xVmNr1GiksIab6bE39CMV%2FojG0eZTQ%2BnHwPYvHaZSBXAdxX8FMuZ8a5pr%2F5vuRrvfZBxTPWoM8%2BXB7jWFfoI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
7534dcc4cf85a961-SYD
content-length
10049
expires
Sat, 08 Oct 2022 11:29:46 GMT
9de790323e35e75e045d2ae7153590f6.jpg
static.bg3.co/imgs/202205/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202205/9de790323e35e75e045d2ae7153590f6.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qiang-ni-dai-pu-nan-shen-ji-lao-13sui-ke-neng-yuan-yin-pu-guang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d22c559724a407a86ab63ed23f0bb36d44d617ac68ba0bebae9f77e8b37c37e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 11:29:46 GMT
cf-cache-status
MISS
last-modified
Sun, 29 May 2022 09:41:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"9DE790323E35E75E045D2AE7153590F6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H6l8HkpwOYCw2w9w0VJnoCDWb4kOBNG3%2FaCplY3QQBgRbJDLCNX%2B0MO0vmooaYlsgOyQDa4g%2FbQy6NlEGP4IiY3vKCeuUxo%2F%2FrGY3sDXyOLq3D5N0B8VPxL5J7CV2iY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
7534dcc4cf88a961-SYD
content-length
5423
expires
Sat, 08 Oct 2022 11:29:46 GMT
14987df41ad25afbb1ffb9c9fc3209cb.jpg
static.bg3.co/imgs/202105/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/14987df41ad25afbb1ffb9c9fc3209cb.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qiang-ni-dai-pu-nan-shen-ji-lao-13sui-ke-neng-yuan-yin-pu-guang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b54d37a1b4fc9a81078e43fc2d0a9a7adf95c5a2cb8960716049399b28453b4

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 11:29:46 GMT
cf-cache-status
MISS
last-modified
Fri, 21 May 2021 15:01:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"14987DF41AD25AFBB1FFB9C9FC3209CB"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ataKQCb2VexbK8rjkai%2FaS3V%2B4kknJVSmZB03EvH6pprc%2BrVdnP1TVD9DlxVpaFx3pELIzsvx0clAHNJyrl%2Bmf0cvuZVCwYa8Xi64jEeFfvQ84Mu3kb7bvJF8J42AaU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
7534dcc4cf86a961-SYD
content-length
5569
expires
Sat, 08 Oct 2022 11:29:46 GMT
e535bca1c824b0d274b8ea5dabe8af0e.jpg
static.bg3.co/imgs/202106/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/e535bca1c824b0d274b8ea5dabe8af0e.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qiang-ni-dai-pu-nan-shen-ji-lao-13sui-ke-neng-yuan-yin-pu-guang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a6ece208276d94708f20cbfa92fd3edfa3e425e88352ccfd168a6cc25952c2ed

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 11:29:46 GMT
cf-cache-status
MISS
last-modified
Wed, 02 Jun 2021 00:49:43 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"E535BCA1C824B0D274B8EA5DABE8AF0E"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NSriZ6Qv8j0QrNxXg9T550JbB2RqqR6dFT%2FBZ%2FlCfTh%2F85fhR9Y%2B3R6lSkCuH23DvTJ5N0oriQmUPtXsIgoaNzRPxuR3M0%2FyVlRKU4SeL9mERs5oy2s28OOnv9oZpfc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
7534dcc5682fa961-SYD
content-length
39050
expires
Sat, 08 Oct 2022 11:29:46 GMT
6470d3418ea3ac73ca99529277835537.jpg
static.bg3.co/imgs/202105/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/6470d3418ea3ac73ca99529277835537.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qiang-ni-dai-pu-nan-shen-ji-lao-13sui-ke-neng-yuan-yin-pu-guang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ebb7ee4cc5c564875b3dce6bed1c6e0581089f58d19850152004fc94c6430def

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 11:29:46 GMT
cf-cache-status
MISS
last-modified
Tue, 25 May 2021 16:15:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"6470D3418EA3AC73CA99529277835537"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yaps5UHzrejhWtfl99%2FP4%2FMd6T%2FioBAjoTvQGhyCaOzURMOt4zimajMSZUF%2Fqqw5aUQnVE%2FZPieAdnr%2B1M5e2NVX4j9gKuC0AXdLqd%2FAD70Mhp7P65%2BCOlhghUxVONs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
7534dcc56831a961-SYD
content-length
3083
expires
Sat, 08 Oct 2022 11:29:46 GMT
1da1d32bb4741197e6cc02e2e978c9e2.jpg
static.bg3.co/imgs/202110/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202110/1da1d32bb4741197e6cc02e2e978c9e2.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qiang-ni-dai-pu-nan-shen-ji-lao-13sui-ke-neng-yuan-yin-pu-guang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a61e335ab8e4e993b7fafd831c9f31249d80b8fb5c9cb135e4e08c8233749bb

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 11:29:46 GMT
cf-cache-status
MISS
last-modified
Fri, 15 Oct 2021 17:01:07 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"1DA1D32BB4741197E6CC02E2E978C9E2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PDtZDCqWhaYebmauAaat8UizqKEm7d8HlJtrIUcuy77bdl8kkljFB6qSLJtuVfs5U8TY26gw6R3CCd9TBpsSF5HIR88UFS76i6CKYBuoaqv9DbfpfJMvwIYqiT6Jf8s%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
7534dcc56832a961-SYD
content-length
4752
expires
Sat, 08 Oct 2022 11:29:46 GMT
f358b4daf4b5a649c4c019d8d19c602b.jpg
static.bg3.co/imgs/202204/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202204/f358b4daf4b5a649c4c019d8d19c602b.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qiang-ni-dai-pu-nan-shen-ji-lao-13sui-ke-neng-yuan-yin-pu-guang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a33320ac5c063e9fdb04f901ea7a049315eec40d0b660cac38ed383cfda422df

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 11:29:46 GMT
cf-cache-status
MISS
last-modified
Sat, 30 Apr 2022 09:51:08 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"F358B4DAF4B5A649C4C019D8D19C602B"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vXYtw30iBhQjlrIwA9jV07JAYtuq8gRjH%2BCWXe7B4xfghyqKAwbiSHyTZH9Kh4PI8M%2F%2FBQP4mTWt43OenlS18qfuwwQdnjIJ5Qk7%2BJeP2jdO6GUoQMgZgGXCYuSJ4ho%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
7534dcc56833a961-SYD
content-length
6070
expires
Sat, 08 Oct 2022 11:29:46 GMT
0afe44e672e1007d6a02406c906eb298.jpg
static.bg3.co/imgs/202105/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/0afe44e672e1007d6a02406c906eb298.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qiang-ni-dai-pu-nan-shen-ji-lao-13sui-ke-neng-yuan-yin-pu-guang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d7859177bc7463ff66f115b0139f4397b08c6fd66fc7f7aaa063dd6312414ce

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 11:29:46 GMT
cf-cache-status
MISS
last-modified
Sun, 30 May 2021 13:40:11 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"0AFE44E672E1007D6A02406C906EB298"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zo3rfBhx%2B8i8yAePM4CtnIsYOVQaZ74rwWgF0%2FeAa%2Blz2o9wCONXaHYJT1wM2RjDm99g9SqaZdTMk%2B1q6uAdNJl8nqNPz02f7mUIdaavihhEPbFL9q3t1Tet0SjTFvg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
7534dcc56834a961-SYD
content-length
7078
expires
Sat, 08 Oct 2022 11:29:46 GMT
8d2ebf60095857e3f3dbc3318137d23a.jpg
static.bg3.co/imgs/202105/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/8d2ebf60095857e3f3dbc3318137d23a.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qiang-ni-dai-pu-nan-shen-ji-lao-13sui-ke-neng-yuan-yin-pu-guang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
29ba4097debb6ffd4d50f791287e8293d698a3708ff6ce5b9dd0ef189441a495

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 11:29:46 GMT
cf-cache-status
MISS
last-modified
Wed, 26 May 2021 21:28:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"8D2EBF60095857E3F3DBC3318137D23A"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RrZO71%2Bnhrdp5cmxE9fbMEUiaC8gj0UudBq6yBx6TBLQE2Ztg5FzezJbuI2YqQXuwVSAUidKYsTm6vRB8fS55MBvyXa2I87im2JTTLBfiHnY%2B%2FaHoYLAGMkw22jRh1U%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
7534dcc56835a961-SYD
content-length
6564
expires
Sat, 08 Oct 2022 11:29:46 GMT
46a094c12a398ba5f7ed761290859554.jpg
static.bg3.co/imgs/202105/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/46a094c12a398ba5f7ed761290859554.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qiang-ni-dai-pu-nan-shen-ji-lao-13sui-ke-neng-yuan-yin-pu-guang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22f4941af6306aefae71e8b5312539f2451cfda9ca54aad8b6e77be9e3425c28

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 11:29:46 GMT
cf-cache-status
MISS
last-modified
Thu, 20 May 2021 10:30:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"46A094C12A398BA5F7ED761290859554"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=00CWHwnha0I2L8ZRHvpUoIAsVHZt6G%2Ba98JMSk2y0KwMpWN0pTqogAIMh1mOJX0bkPT36lW8B4%2BKweU59h2Jl4FNbvuom9MMSCOado0IWLJ5cwxQY%2Bljr32rMJCXFWc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
7534dcc56836a961-SYD
content-length
8443
expires
Sat, 08 Oct 2022 11:29:46 GMT
03977bccd57186dd5b7f0bd552623d97.jpg
static.bg3.co/imgs/202105/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/03977bccd57186dd5b7f0bd552623d97.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qiang-ni-dai-pu-nan-shen-ji-lao-13sui-ke-neng-yuan-yin-pu-guang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
88b9dba27157f5c56ac539bad88dac0b11f98bcff4e40bc0c6b24dc5a59ade35

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 11:29:46 GMT
cf-cache-status
MISS
last-modified
Mon, 31 May 2021 03:41:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"03977BCCD57186DD5B7F0BD552623D97"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ckFxlYdAYU7FZFgdTbAzrSNgv7GBZhEErPHjtC0O5LuJpP1xk%2BCpW8DXBYx9dlUJSKYjQENelt7hYlsG5elhYv265O2tdbcOuAr%2BR262pBkSlTNOhUKQUpG6vWggJBQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
7534dcc56838a961-SYD
content-length
8705
expires
Sat, 08 Oct 2022 11:29:46 GMT
32003cd960d0b62e9afbfa63ab6d54e8.jpg
static.bg3.co/imgs/202105/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/32003cd960d0b62e9afbfa63ab6d54e8.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qiang-ni-dai-pu-nan-shen-ji-lao-13sui-ke-neng-yuan-yin-pu-guang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
57693f6e885b217c09e19455abe482cd4d46355ac3c7804f4f3007b75dc6de62

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 11:29:46 GMT
cf-cache-status
MISS
last-modified
Thu, 27 May 2021 19:38:23 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"32003CD960D0B62E9AFBFA63AB6D54E8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RwuxeHdDgFx1odehEG8UTuvfK9XRfmymteMg2cXMpLfB%2FOhxIt0kas7%2FUYqUCLkGSje8os5qB378B45nN1%2BWjh7Feutt3FFAYo4mAV8T9LrOKcwBhvIOptYcSKe8Mfk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
7534dcc56839a961-SYD
content-length
9202
expires
Sat, 08 Oct 2022 11:29:46 GMT
6028d124f5e342a5b7681a75566403ea.jpg
static.bg3.co/imgs/202106/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/6028d124f5e342a5b7681a75566403ea.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qiang-ni-dai-pu-nan-shen-ji-lao-13sui-ke-neng-yuan-yin-pu-guang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1018f938e0fb55712dfaf088b1295c23bfb178fdb7d7f516d8ae85d9cc00be81

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 11:29:46 GMT
cf-cache-status
MISS
last-modified
Wed, 02 Jun 2021 08:25:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"6028D124F5E342A5B7681A75566403EA"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rn5Ma0nCy36wA5PI6NlzM8cgZ%2Ftc1RMxLGoTJb8Ua9ulVfmgpdOpI2pPl%2FcVM0h%2Bcb%2FDtJzizBb%2Fi24DOFiXCfwZhkhUQkw04B%2F6HzrkEDfrUSJilZYLz0w88JHBH8c%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
7534dcc5683aa961-SYD
content-length
35728
expires
Sat, 08 Oct 2022 11:29:46 GMT
a82c2180dd93d2498c73186fa8423da5.jpg
static.bg3.co/imgs/202106/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/a82c2180dd93d2498c73186fa8423da5.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qiang-ni-dai-pu-nan-shen-ji-lao-13sui-ke-neng-yuan-yin-pu-guang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c1c88379825dfb7f382dd516b19d289336c7bde5dc0531baf7d3b85049a39f1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 11:29:46 GMT
cf-cache-status
MISS
last-modified
Thu, 03 Jun 2021 14:20:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"A82C2180DD93D2498C73186FA8423DA5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=saz1G6N5wnY6nxKLina06mrN9wFCjfEYTPv1ZAAIIODNHBAV6IbWjocVdu5iYyk6cArcOgcsrq2%2BSpwcAKSHpqe3ztKk3KCTYG5xfEhdmfjdCFOW5lEowxTO2qqLwBA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
7534dcc5683ba961-SYD
content-length
7039
expires
Sat, 08 Oct 2022 11:29:46 GMT
2510154c978ec2f61209558583f26311.jpg
static.bg3.co/imgs/202106/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/2510154c978ec2f61209558583f26311.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qiang-ni-dai-pu-nan-shen-ji-lao-13sui-ke-neng-yuan-yin-pu-guang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6132ba6965ed044c97dd0d0a99da4f3174cc6fa8ffc693bf420cf16e655415b0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 11:29:46 GMT
cf-cache-status
MISS
last-modified
Thu, 10 Jun 2021 02:44:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"2510154C978EC2F61209558583F26311"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sATJBfIT1eNQf6VygMx7jXGq33zw4n2MyIKPej36VeEGhmJ3Ilbw3GQTxspFNB8VW0cf3OI64Cu4ZvR2F0ccEvw5WCeYx0FlNtPV6o5MZMQE88CHyLJEMAUbw%2FXqmg4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
7534dcc5683ca961-SYD
content-length
4554
expires
Sat, 08 Oct 2022 11:29:46 GMT
779b692f2d36a52a8a1d47215e65890e.jpg
static.bg3.co/imgs/202105/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/779b692f2d36a52a8a1d47215e65890e.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qiang-ni-dai-pu-nan-shen-ji-lao-13sui-ke-neng-yuan-yin-pu-guang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7dda865117dfc8f7ed06feab6dfccc844b98a6cf8a7d889cadc444072a93b57

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 11:29:46 GMT
cf-cache-status
MISS
last-modified
Sat, 22 May 2021 15:02:59 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"779B692F2D36A52A8A1D47215E65890E"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DIZvTjHpWjv1ywA0k3cf9YI4ahsUmMr%2BfUSkH8JEbr0XuS%2BVyvOnP2t7IAXVMr6DK7k4sXcn3rgMdr%2FI0ZB8Tv0%2B4crXXS7xrOnvmjjt5Y1FXsHjYpk2wcT%2FKV9Sh1w%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
7534dcc5683fa961-SYD
content-length
11739
expires
Sat, 08 Oct 2022 11:29:46 GMT
amp-auto-lightbox-0.1.js
cdn.ampproject.org/rtv/012209142312000/v0/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012209142312000/v0/amp-auto-lightbox-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
b2846f489aec534c06de31b1be7cc5f7f9b231cc6b468859383229bf0b41cb28
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 30 Sep 2022 23:16:41 GMT
age
43984
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2980
x-xss-protection
0
server
sffe
etag
"ac16e77745c88a40"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 30 Sep 2023 23:16:41 GMT
amp-ad-0.1.js
cdn.ampproject.org/rtv/012209142312000/v0/ 		81 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012209142312000/v0/amp-ad-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
6e64a4894f14fab865296b82dd97d4d3ea3bcec78b5378d9b9ef57f5515948d8
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 30 Sep 2022 02:18:12 GMT
age
119493
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23032
x-xss-protection
0
server
sffe
etag
"17406dee48d4bcdb"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 30 Sep 2023 02:18:12 GMT
ama
pagead2.googlesyndication.com/getconfig/ 		3 KB
976 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/ama?client=ca-pub-3216231935713038&plah=www.bg3.co&ama_t=amp&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fqiang-ni-dai-pu-nan-shen-ji-lao-13sui-ke-neng-yuan-yin-pu-guang.html&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
bd268d75b1713c916d922c2b680c1abc348afeb111991f07817c635c3e48bda6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 11:29:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
527
x-xss-protection
0
amp-loader-0.1.js
cdn.ampproject.org/rtv/012209142312000/v0/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012209142312000/v0/amp-loader-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
0a2369a751f3053ccb3ded318d323026bdff42c1e269153dc54a585ddd8d7c36
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 30 Sep 2022 23:17:20 GMT
age
43945
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3844
x-xss-protection
0
server
sffe
etag
"02cbbdb857ad171c"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 30 Sep 2023 23:17:20 GMT
ucfad-formats.css
cdn.aralego.net/css/dev/ 		975 B
621 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.71.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 11:29:45 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6287
cf-polished
origSize=1191
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 16 Mar 2018 07:19:46 GMT
server
cloudflare
etag
W/"5aab7012-4a7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SfGX7U%2BCapqkeV%2FeB380%2Bt3U92BDU9oF4%2FqAssMCpA2CVuuJnD8BJkWWAqqStkGdQUX2Y5EWqNHnWB9BLlrXgrGRvSHiFXHyl%2F9sV51Ew%2BikFWkozej3nxhO0wzkpT0ufA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
7534dcc429d6a89e-SYD
idRequest
sync.aralego.com/ 		46 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.120.88.131 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software
/
Resource Hash
1d83c22da20bdaa17b94ab5767226765854735d420b79bae95c6b8ae8fd2ded3

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 01 Oct 2022 11:29:46 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Allow-Credentials
true
Connection
close
Content-Length
46
idRequest
sync.aralego.com/ 		46 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.120.88.131 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software
/
Resource Hash
1d83c22da20bdaa17b94ab5767226765854735d420b79bae95c6b8ae8fd2ded3

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 01 Oct 2022 11:29:46 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Allow-Credentials
true
Connection
close
Content-Length
46
ad_request
ads.aralego.com/ 		508 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Fqiang-ni-dai-pu-nan-shen-ji-lao-13sui-ke-neng-yuan-yin-pu-guang.html&adid=ad-627443DBE4283AB9F7A46EA83243447&w=336&h=280&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.8468327141626857&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
209.58.171.197 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
e813a8d8d41c0dbdc33020ad6ef27d16afd2b590ceeb998e267409c8f666b829

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 01 Oct 2022 11:29:46 GMT
X-Width
336
X-Height
280
X-AdStyle
banner
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Expose-Headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Vary
Accept-Encoding
Access-Control-Allow-Credentials
true
X-AdSource
PSA
X-Adtype
html
Connection
close
Content-Length
508
ad_request
ads.aralego.com/ 		508 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Fqiang-ni-dai-pu-nan-shen-ji-lao-13sui-ke-neng-yuan-yin-pu-guang.html&adid=ad-627443DBE4283AB9F7A46EA83243447&w=336&h=280&ver=UCX_WEB-20200113&pos=1&seq=1&cb=0.7088817817436626&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
209.58.171.197 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
e813a8d8d41c0dbdc33020ad6ef27d16afd2b590ceeb998e267409c8f666b829

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 01 Oct 2022 11:29:46 GMT
X-Width
336
X-Height
280
X-AdStyle
banner
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Expose-Headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Vary
Accept-Encoding
Access-Control-Allow-Credentials
true
X-AdSource
PSA
X-Adtype
html
Connection
close
Content-Length
508
jquery-3.6.0.min.js
code.jquery.com/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.6.0.min.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
tlb.hwcdn.net
Software
nginx /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 11:29:45 GMT
content-encoding
gzip
last-modified
Fri, 20 Aug 2021 17:47:53 GMT
server
nginx
etag
W/"611feac9-15d9d"
vary
Accept-Encoding
x-hw
1664623785.dop208.sj3.t,1664623785.cds215.sj3.hn,1664623785.cds046.sj3.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30875
amp-sticky-ad-1.0.js
cdn.ampproject.org/rtv/012209142312000/v0/ 		39 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012209142312000/v0/amp-sticky-ad-1.0.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
a96ad4768f32ec875b5e6d4ff9e5107eb19401974d337d1ff79e8da9f435f446
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 30 Sep 2022 02:18:12 GMT
age
119494
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10253
x-xss-protection
0
server
sffe
etag
"76108468fe259c2d"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 30 Sep 2023 02:18:12 GMT
amp-ad-network-adsense-impl-0.1.js
cdn.ampproject.org/rtv/012209142312000/v0/ 		214 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012209142312000/v0/amp-ad-network-adsense-impl-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
c4b064035d7575f4bec0fd5729fa76ed3aa06324415dffb767812d0b815e0b34
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 30 Sep 2022 23:22:44 GMT
age
43622
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
57872
x-xss-protection
0
server
sffe
etag
"9dc55ff1bd63fdb7"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 30 Sep 2023 23:22:44 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 80EF 		96 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
91f65381a2e3931a336f89ff44478d5ecf92e49d1e8d4f5c12f95bf47037a88b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 11:29:46 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33944
x-xss-protection
0
server
cafe
etag
15594458426247764377
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 01 Oct 2022 11:29:46 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 0282 		112 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
1b34bac0826242e279bb70b2fc252994383f2f21bfb390b547316e8db4d12b3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 11:29:46 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38079
x-xss-protection
0
server
cafe
etag
10719386961759404920
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 01 Oct 2022 11:29:46 GMT
block.jpg
delivery.adrecover.com/ 		631 B
915 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://delivery.adrecover.com/block.jpg?ts=1664623786345
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qiang-ni-dai-pu-nan-shen-ji-lao-13sui-ke-neng-yuan-yin-pu-guang.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.144 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-144.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AU
date
Sat, 01 Oct 2022 11:29:46 GMT
last-modified
Wed, 23 Jun 2021 06:37:54 GMT
server
nginx/1.18.0
etag
"60d2d6c2-277"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=2
accept-ranges
bytes
content-length
631
expires
Sat, 01 Oct 2022 12:29:46 GMT
gtag.json
cdn.ampproject.org/rtv/012209142312000/v0/analytics-vendors/ 		2 KB
931 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012209142312000/v0/analytics-vendors/gtag.json
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
a8993772c9eb591474f38d257bebc8c4286703e1af72d04c8c294be5fff7b649
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 30 Sep 2022 23:16:23 GMT
age
44003
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
901
x-xss-protection
0
server
sffe
etag
"4d194710e2f2f90c"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 30 Sep 2023 23:16:23 GMT
pb.42753.1663912421366.js
cdn.adpushup.com/prebid/ 		342 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.200 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-200.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
1c479d0abecadc8d5fde30eeb515508b6148fa3d92dd617b427788d6c792b0a8

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AU
date
Sat, 01 Oct 2022 11:29:47 GMT
content-encoding
br
last-modified
Fri, 23 Sep 2022 05:54:31 GMT
server
nginx/1.18.0
etag
W/"632d4a17-5578b"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=31536000
server-timing
cdn-cache; desc=HIT, edge; dur=5
content-length
94168
expires
Sun, 01 Oct 2023 11:29:47 GMT
quantcast.js
cdn.adpushup.com/pbuseridscripts/ 		450 B
618 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.200 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-200.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AU
date
Sat, 01 Oct 2022 11:29:47 GMT
content-encoding
gzip
last-modified
Mon, 28 Jun 2021 04:15:23 GMT
server
nginx/1.18.0
etag
"60d94cdb-1c2"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=31536000
server-timing
cdn-cache; desc=HIT, edge; dur=3
accept-ranges
bytes
content-length
317
expires
Sun, 01 Oct 2023 11:29:47 GMT
linkPreview.js
cdn.adpushup.com/42753/ 		72 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/linkPreview.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qiang-ni-dai-pu-nan-shen-ji-lao-13sui-ke-neng-yuan-yin-pu-guang.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.200 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-200.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
968012b3a49390a10d31c6d36b2aab796ec167a83378b5f9787756ee7cb035c5

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AU
date
Sat, 01 Oct 2022 11:29:47 GMT
content-encoding
br
last-modified
Thu, 14 Jul 2022 19:44:27 GMT
server
nginx/1.18.0
etag
W/"62d0721b-11ed1"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=3
content-length
17440
expires
Sat, 01 Oct 2022 12:29:47 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		80 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
sffe /
Resource Hash
88455c9e51c8fdd216db8cfa62f5179eaac2c25076b277ca98fc5a18f59493c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 11:29:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27689
x-xss-protection
0
server
sffe
etag
"1350 / 196 of 1000 / last-modified: 1664575501"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 01 Oct 2022 11:29:47 GMT
sync
e3.adpushup.com/AdPushupFeedbackWebService/user/ 		70 B
538 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/user/sync
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qiang-ni-dai-pu-nan-shen-ji-lao-13sui-ke-neng-yuan-yin-pu-guang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 11:30:09 GMT
server
nginx/1.10.3 (Ubuntu)
ap-cookie-status
cookies ap_uid and ap_usid are set
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
cookieSyncIframe.html
cdn.aralego.net/ucfad/cookie/ Frame 99AD 		714 B
791 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.71.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

access-control-allow-credentials
true
age
6847
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
7534dccaff2da835-SYD
content-encoding
br
content-type
text/html
date
Sat, 01 Oct 2022 11:29:46 GMT
last-modified
Wed, 09 Feb 2022 05:59:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lSFh6td0qpDxyXLtbytBYjCGBWI09PLu46XzrrIS5768kfOlwuqkfURJle0CfoCPV9nuexWeZjcu6UlyAlzOQ9eHiq4KE28pYygopUqJkp0eOb9KDVq7QDvxet2mPceniQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
idsync
sync.aralego.com/ 		35 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aralego.com/idsync?gdpr=1&euconsent-v2=${GDPR_CONSENT_607}&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qiang-ni-dai-pu-nan-shen-ji-lao-13sui-ke-neng-yuan-yin-pu-guang.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.120.88.131 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 01 Oct 2022 11:29:46 GMT
Connection
close
Content-Length
35
Content-Type
image/gif
integrator.json
adservice.google.com/adsid/ 		86 B
572 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.json?domain=www.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
cafe /
Resource Hash
14cfb5058acaf3af2f07088f1582f29941d7a4cc74fd1cea5050cecad862d154
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 11:29:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
83
x-xss-protection
0
nameframe.html
d-22584574612209393543.ampproject.net/2209142312000/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://d-22584574612209393543.ampproject.net/2209142312000/nameframe.html
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f94.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2NjQ2MjM3ODY2ODQsInBhY2tldElkIjoiMDAwMEE3MDEtNTc5NDFmNTctZmI3Ni00OGI5LTg0ZTEtYmY3NDFlZDBkMDNiIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3FpYW5nLW5pLWRhaS1wdS1uYW4tc2hlbi1qaS1sYW8tMTNzdWkta2UtbmVuZy15dWFuLXlpbi1wdS1ndWFuZy5odG1sIiwibW9kZSI6NCwiZXJyb3JDb2RlIjowLCJyZWZlcnJlciI6IiIsInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOm51bGx9&c_b=3948.0999999046326
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qiang-ni-dai-pu-nan-shen-ji-lao-13sui-ke-neng-yuan-yin-pu-guang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 11:29:49 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2NjQ2MjM3ODY2ODQsInBhY2tldElkIjoiMDAwMEE3MDEtNTc5NDFmNTctZmI3Ni00OGI5LTg0ZTEtYmY3NDFlZDBkMDNiIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3FpYW5nLW5pLWRhaS1wdS1uYW4tc2hlbi1qaS1sYW8tMTNzdWkta2UtbmVuZy15dWFuLXlpbi1wdS1ndWFuZy5odG1sIiwibW9kZSI6NSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOm51bGx9&c_b=3948.7999999523163
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qiang-ni-dai-pu-nan-shen-ji-lao-13sui-ke-neng-yuan-yin-pu-guang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 11:29:49 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2NjQ2MjM3ODY2ODQsInBhY2tldElkIjoiMDAwMEE3MDEtNTc5NDFmNTctZmI3Ni00OGI5LTg0ZTEtYmY3NDFlZDBkMDNiIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3FpYW5nLW5pLWRhaS1wdS1uYW4tc2hlbi1qaS1sYW8tMTNzdWkta2UtbmVuZy15dWFuLXlpbi1wdS1ndWFuZy5odG1sIiwibW9kZSI6MSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6Ijc3YTljMjJmLWFjMDItNDVkZC05NmJjLWIwODk2YThhN2Q1YSIsInNlY3Rpb25OYW1lIjoiQVBfTF9EX0FSVElDTEVfNzI4WDI1MF83N2E5YyIsInN0YXR1cyI6MSwibmV0d29yayI6ImFkcFRhZ3MiLCJuZXR3b3JrQWRVbml0SWQiOiJBRFBfNDI3NTNfNzI4WDI1MF83N2E5YzIyZi1hYzAyLTQ1ZGQtOTZiYy1iMDg5NmE4YTdkNWEiLCJzZXJ2aWNlcyI6WzEsM10sImFkVW5pdFR5cGUiOjF9XX0%3D&c_b=3949.1999999284744
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qiang-ni-dai-pu-nan-shen-ji-lao-13sui-ke-neng-yuan-yin-pu-guang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 11:30:09 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2NjQ2MjM3ODY2OTQsInBhY2tldElkIjoiMDAwMEE3MDEtNTc5NDFmNTctZmI3Ni00OGI5LTg0ZTEtYmY3NDFlZDBkMDNiIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3FpYW5nLW5pLWRhaS1wdS1uYW4tc2hlbi1qaS1sYW8tMTNzdWkta2UtbmVuZy15dWFuLXlpbi1wdS1ndWFuZy5odG1sIiwibW9kZSI6MSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6ImQxYzEwYTcyLTI3YjQtNDkzMS04Y2U3LTk5YTE4ZWJiZGJhZSIsInNlY3Rpb25OYW1lIjoiQVBfSV9EX0FSVElDTEVfNzI4WDkwX2QxYzEwIiwic3RhdHVzIjoxLCJuZXR3b3JrIjoiYWRwVGFncyIsIm5ldHdvcmtBZFVuaXRJZCI6IlNUSUNLWV9BRFBfNDI3NTNfNzI4WDkwX2QxYzEwYTcyLTI3YjQtNDkzMS04Y2U3LTk5YTE4ZWJiZGJhZSIsInNlcnZpY2VzIjpbNSwzXSwiYWRVbml0VHlwZSI6M31dfQ%3D%3D&c_b=3958.1999999284744
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qiang-ni-dai-pu-nan-shen-ji-lao-13sui-ke-neng-yuan-yin-pu-guang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 11:29:49 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2NjQ2MjM3ODY2OTYsInBhY2tldElkIjoiMDAwMEE3MDEtNTc5NDFmNTctZmI3Ni00OGI5LTg0ZTEtYmY3NDFlZDBkMDNiIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3FpYW5nLW5pLWRhaS1wdS1uYW4tc2hlbi1qaS1sYW8tMTNzdWkta2UtbmVuZy15dWFuLXlpbi1wdS1ndWFuZy5odG1sIiwibW9kZSI6MSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6IjEwNGIyODJhLWJkMTEtNGQ4ZC1hZDY0LTA0OTIwNjNiNmNiYSIsInNlY3Rpb25OYW1lIjoiQVBfSV9EX0FSVElDTEVfMTIwWDYwMF8xMDRiMiIsInN0YXR1cyI6MSwibmV0d29yayI6ImFkcFRhZ3MiLCJuZXR3b3JrQWRVbml0SWQiOiJTVElDS1lfQURQXzQyNzUzXzEyMFg2MDBfMTA0YjI4MmEtYmQxMS00ZDhkLWFkNjQtMDQ5MjA2M2I2Y2JhIiwic2VydmljZXMiOls1LDNdLCJhZFVuaXRUeXBlIjozfV19&c_b=3960.5999999046326
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qiang-ni-dai-pu-nan-shen-ji-lao-13sui-ke-neng-yuan-yin-pu-guang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 11:30:09 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
amp
www.googletagmanager.com/gtag/ 		610 B
808 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/amp?__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
8492f3fc13f89700f09e8a96308911979a6289be084af2c497ea54dbd7dd7f5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=utf-8

Response headers

date
Sat, 01 Oct 2022 11:29:47 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="amp.json"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
258
x-xss-protection
0
pragma
no-cache
amp-access-control-allow-source-origin
https://www.bg3.co
server
Google Tag Manager
vary
*
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookieSyncIframe.html
cdn.aralego.net/ucfad/cookie/ Frame 9CCB 		714 B
764 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.71.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

access-control-allow-credentials
true
age
6847
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
7534dccb5fbfa835-SYD
content-encoding
br
content-type
text/html
date
Sat, 01 Oct 2022 11:29:46 GMT
last-modified
Wed, 09 Feb 2022 05:59:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=of4%2BZuRideJ1f8ka1Z%2BhtYcVjC1JT1c6Eg%2F7QZ7iOtNcWAvOzXsT38Ucdz%2BUgmAohA88BzlC0hm7ZTATh6Vr1ErRnv6n59PQaO%2F9xAgOH3En4Yn1%2BZEMBu4wvpycun%2FVpw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 99AD 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
sffe /
Resource Hash
bd88e1a1cd41009382185ba0f0ae4665b76babc366721247d240c6319813edcb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 11:29:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27695
x-xss-protection
0
server
sffe
etag
"1350 / 529 of 1000 / last-modified: 1664575578"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 01 Oct 2022 11:29:47 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 9CCB 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
sffe /
Resource Hash
88455c9e51c8fdd216db8cfa62f5179eaac2c25076b277ca98fc5a18f59493c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 11:29:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27689
x-xss-protection
0
server
sffe
etag
"1350 / 133 of 1000 / last-modified: 1664575501"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 01 Oct 2022 11:29:47 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209260101/ Frame 80EF 		348 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209260101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
fac37ff48ab0104b1ba7f65c02788c4228f1a7c59a20ac51288aee22fdb54787
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 11:29:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
125661
x-xss-protection
0
server
cafe
etag
18185080988914878211
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sat, 01 Oct 2022 11:29:47 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209270101/ Frame 0282 		349 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209270101/show_ads_impl_fy2021.js?bust=31070009
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
7f4e74aed850dea303e67ee0acdd4227477000d36391736273d4bb5db9acd251
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 11:29:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
125814
x-xss-protection
0
server
cafe
etag
15095926011471111078
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sat, 01 Oct 2022 11:29:47 GMT
collect
www.google-analytics.com/r/ 		35 B
396 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=a1&ds=AMP&aip&_s=1&dt=%E5%BC%B7%E5%B0%BC%E6%88%B4%E6%99%AE%E7%94%B7%E7%A5%9E%E3%80%8C%E6%BF%80%E8%80%8113%E6%AD%B2%E3%80%8D%E3%80%80%E5%8F%AF%E8%83%BD%E5%8E%9F%E5%9B%A0%E6%9B%9D%E5%85%89%EF%BC%81%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&sr=1600x1200&cid=amp-lfEJphMrir-y-H01hMFB_A&tid=UA-172083736-2&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fqiang-ni-dai-pu-nan-shen-ji-lao-13sui-ke-neng-yuan-yin-pu-guang.html&dr=&sd=24&ul=en-us&de=UTF-8&t=pageview&jid=0.2946116057332129&gjid=0.9350850371789823&_r=1&a=1285&z=0.9414952197395772&gtm=2pu000
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qiang-ni-dai-pu-nan-shen-ji-lao-13sui-ke-neng-yuan-yin-pu-guang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f102.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 11:29:47 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame CB25 		38 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-33512474804079522423&dff=sans-serif&prev_fmts=1600x96%2C1600x250&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=3&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=3179&oid=2&is_amp=5&amp_v=2209142312000&d_imp=1&c=1001285&ga_cid=amp-lfEJphMrir-y-H01hMFB_A&ga_hid=1285&dt=1664623786977&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fqiang-ni-dai-pu-nan-shen-ji-lao-13sui-ke-neng-yuan-yin-pu-guang.html&bdt=2640&dtd=290&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012209142312000/v0/amp-ad-0.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
cafe /
Resource Hash
4ddad28860124e8c7f53ec0a14b1b67f9e9fd9fa8c7e083ba457d180409b45cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
9979
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 01 Oct 2022 11:29:48 GMT
expires
Sat, 01 Oct 2022 11:29:48 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
pubads_impl_2022092701.js
securepubads.g.doubleclick.net/gpt/ 		378 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092701.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
sffe /
Resource Hash
34c9ee51c2dd7fafb4df5f5e0bbb0a2a3508db0692f97b90b44ab89a50a545ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:41:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
348478
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131011
x-xss-protection
0
last-modified
Tue, 27 Sep 2022 08:38:39 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 27 Sep 2023 10:41:49 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		109 B
445 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.bg3.co
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
57ba9c79273602051bd0fa9f6dcd52a3f199dc59f134308efeeaad35424b8311
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 11:29:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
93
x-xss-protection
0
expires
Sat, 01 Oct 2022 11:29:47 GMT
pubads_impl_2022092701.js
securepubads.g.doubleclick.net/gpt/ Frame 9CCB 		378 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092701.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
sffe /
Resource Hash
34c9ee51c2dd7fafb4df5f5e0bbb0a2a3508db0692f97b90b44ab89a50a545ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:41:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
348478
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131011
x-xss-protection
0
last-modified
Tue, 27 Sep 2022 08:38:39 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 27 Sep 2023 10:41:49 GMT
pubads_impl_2022092801.js
securepubads.g.doubleclick.net/gpt/ Frame 99AD 		377 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092801.js?cb=31070024
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
sffe /
Resource Hash
d74aacbaed4132cc593f2f2ab77bfc980733ad393dee2a722757d29d0eec941f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 11:39:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
258633
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
130694
x-xss-protection
0
last-modified
Wed, 28 Sep 2022 08:38:16 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 28 Sep 2023 11:39:14 GMT
quant.js
secure.quantserve.com/ 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.229.10.211 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
b719a446401c59e2784e7979101371a8a12f04139b37c8632682ea60a5720b21

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 11:29:48 GMT
content-encoding
gzip
etag
"+b0B6ncQDCugPb96DWf2QA=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Sat, 08 Oct 2022 11:29:48 GMT
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20221001
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.88.20 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3bca3139bc826b63a52c2f28b1650324d5ec1d09b38e90570c74f94ae87de9a5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 01 Oct 2022 11:29:47 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
30519
x-jsd-version
1.0.1479
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19153-FRA, cache-yyz4541-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"66b-Do8HjAt3pxrrXCdwF7oD/629uEM"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nxdb6v03oGdtpwy52p8S9n582Jri%2F%2BHEeAZCTfBgF0a1pE%2F0BKqgJJRMwMCM0SFIpPNyFQPthUPN%2F7VAEgJ1aVuodQPjwKblsPlZSC9HPosoiHAh5x8mWNv18mqjak0tyC4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
7534dcd24e1ba8be-SYD
prebid
ib.adnxs.com/ut/v3/ 		49 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.151.36 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
897.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
835ef3e017fafb96a3e030ddf85ddd00483d3096922bc0334a36ecba61e2c53e
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 01 Oct 2022 11:29:48 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
173.245.209.111; 173.245.209.111; 897.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
c4b39bd8-cb42-4015-b181-7c02b9cd7d6c
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid-request
onetag-sys.com/ 		15 B
407 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.79.234.101 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-51-79-234.net
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://www.bg3.co
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cdb
bidder.criteo.com/ 		0
212 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.19.0&cb=89084852193
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.145 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 01 Oct 2022 11:29:47 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
adreq
ads.servenobid.com/ 		0
0
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		3 B
517 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fqiang-ni-dai-pu-nan-shen-ji-lao-13sui-ke-neng-yuan-yin-pu-guang.html&CanonicalUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fqiang-ni-dai-pu-nan-shen-ji-lao-13sui-ke-neng-yuan-yin-pu-guang.html&PublisherDomain=https%3A%2F%2Fbg3.co%2F
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.223.235.65 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-223-235-65.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 01 Oct 2022 11:29:48 GMT
via
kong/2.8.1
x-content-type-options
nosniff
x-kong-proxy-latency
0
p3p
CP="CAO PSA OUR"
x-kong-upstream-latency
8
content-length
3
pragma
no-cache
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
expires
0
c
prebid.a-mo.net/a/ 		486 B
821 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.88.5 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
0524b5a3077167374dab3f78edfcef847c640882135ed6676147871d132d08c5

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 01 Oct 2022 11:29:48 GMT
content-encoding
gzip
server
envoy
vary
origin, accept-encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
235
content-length
261
arj
adpushup-d.openx.net/w/1.0/ 		174 B
383 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Fqiang-ni-dai-pu-nan-shen-ji-lao-13sui-ke-neng-yuan-yin-pu-guang.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=890d62d2-c6a6-4d80-a3e1-ac8c24627c91%2C899564b9-337e-423e-b5a2-fb166b1fd506%2Ca079dde5-c840-4852-8f2b-b3c49dfa9313&nocache=1664623787649&pubcid=bcbe0a45-c575-4303-b516-f96fcb5d81fc&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&aus=728x250%2C728x90%2C690x90%2C690x250%2C675x90%2C675x250%2C670x90%2C670x250%2C650x90%2C650x250%2C650x150%2C630x90%2C630x250%2C602x100%2C600x90%2C600x250%2C580x90%2C570x90%2C550x150%2C468x60%2C320x50%2C320x100%2C300x50%2C300x100%2C300x75%2C300x250%2C250x250%2C200x200%7C728x90%2C690x90%2C675x90%2C670x90%2C650x90%2C630x90%2C600x90%2C580x90%2C570x90%2C468x60%2C320x50%2C300x50%2C300x75%7C120x600&divids=ADP_42753_728X250_77a9c22f-ac02-45dd-96bc-b0896a8a7d5a%2CSTICKY_ADP_42753_728X90_d1c10a72-27b4-4931-8ce7-99a18ebbdbae%2CSTICKY_ADP_42753_120X600_104b282a-bd11-4d8d-ad64-0492063b6cba&aucs=%2C%2C&auid=545618347%2C545618347%2C545618347
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
00168dcc69e00fc1df0371bbb8114642cfa24e45813524b20da3f8cac9a7b040

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 11:29:48 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
164
expires
Mon, 26 Jul 1997 05:00:00 GMT
avjp
adpushup-d.openx.net/v/1.0/ 		106 B
297 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Fqiang-ni-dai-pu-nan-shen-ji-lao-13sui-ke-neng-yuan-yin-pu-guang.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=bfa6643b-dd4b-4276-893d-a82f74270a0f&nocache=1664623787649&pubcid=bcbe0a45-c575-4303-b516-f96fcb5d81fc&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A120%2C%22h%22%3A600%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22api%22%3A%5B2%5D%2C%22playbackmethod%22%3A6%2C%22linearity%22%3A1%7D%7D%5D%7D&auid=545618481&vwd=120&vht=600&vos=101&vmimes=video%2Fmp4%2Cvideo%2Fwebm
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 11:29:47 GMT
via
1.1 google
server
OXGW/0.0.0
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
avjp
adpushup-d.openx.net/v/1.0/ 		106 B
505 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Fqiang-ni-dai-pu-nan-shen-ji-lao-13sui-ke-neng-yuan-yin-pu-guang.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=cb444ba1-66e0-4251-9444-11231de4962c&nocache=1664623787650&pubcid=bcbe0a45-c575-4303-b516-f96fcb5d81fc&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22api%22%3A%5B2%5D%2C%22playbackmethod%22%3A6%2C%22linearity%22%3A1%7D%7D%5D%7D&auid=545618481&vwd=728&vht=90&vos=101&vmimes=video%2Fmp4%2Cvideo%2Fwebm
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 11:29:47 GMT
via
1.1 google
server
OXGW/0.0.0
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
avjp
adpushup-d.openx.net/v/1.0/ 		106 B
297 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Fqiang-ni-dai-pu-nan-shen-ji-lao-13sui-ke-neng-yuan-yin-pu-guang.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=5fdffcb9-a6e0-4ab2-9e73-249808255d1d&nocache=1664623787650&pubcid=bcbe0a45-c575-4303-b516-f96fcb5d81fc&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A400%2C%22h%22%3A225%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22api%22%3A%5B2%5D%2C%22playbackmethod%22%3A6%2C%22linearity%22%3A1%7D%7D%5D%7D&auid=545618481&vwd=400&vht=225&vos=101&vmimes=video%2Fmp4%2Cvideo%2Fwebm
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 11:29:48 GMT
via
1.1 google
server
OXGW/0.0.0
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
cygnus
htlb.casalemedia.com/ 		37 B
318 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=693656&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22343e85711902347%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fqiang-ni-dai-pu-nan-shen-ji-lao-13sui-ke-neng-yuan-yin-pu-guang.html%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A7%2C%22msi%22%3A7%2C%22mfu%22%3A3%2C%22bu%22%3A3%2C%22iu%22%3A0%2C%22nu%22%3A3%2C%22ou%22%3A3%2C%22allu%22%3A3%2C%22ren%22%3Atrue%2C%22version%22%3A%226.19.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2241b8b9b85eec4f1%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A320%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22320x50%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22300x50%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A250%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22250x250%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%2244c6e984df76097%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A320%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22320x50%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22300x50%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%2245092e304d3106c%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A120%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22120x600%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpushup.com%22%2C%22sid%22%3A%22062d9a21f747ddee7c25d4297776e0aa%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22bcbe0a45-c575-4303-b516-f96fcb5d81fc%22%7D%5D%7D%5D%7D%7D
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be7b95cc48a195f83a9400096043ea50a9e655d706701a9fd76ec58bdf06eb75

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 11:29:48 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=atRDZzChxCZ34NwqT%2FjyqxRRYONMh6z4liIGyt7M86P%2FGpKQYTG3%2FRfGi1tVjnbTJGtqtIAcrV%2F75V%2BeY%2B3O%2BK%2FU8A6RQq4RYOnvoCwkvhaSHPxI4omobsy8XTwZlwqFpJoEEObr"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7534dcd27be3aaff-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
cygnus
htlb.casalemedia.com/ 		37 B
559 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=693656&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%22343e85711902347%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fqiang-ni-dai-pu-nan-shen-ji-lao-13sui-ke-neng-yuan-yin-pu-guang.html%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A3%2C%22bu%22%3A3%2C%22iu%22%3A0%2C%22nu%22%3A3%2C%22ou%22%3A3%2C%22allu%22%3A3%2C%22ren%22%3Atrue%2C%22version%22%3A%226.19.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2244c6e984df76097%22%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22728x90%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B728%2C90%5D%5D%2C%22api%22%3A%5B2%5D%2C%22linearity%22%3A1%2C%22placement%22%3A4%2C%22w%22%3A728%2C%22h%22%3A90%7D%7D%2C%7B%22id%22%3A%2245092e304d3106c%22%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22120x600%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B120%2C600%5D%5D%2C%22api%22%3A%5B2%5D%2C%22linearity%22%3A1%2C%22placement%22%3A4%2C%22w%22%3A120%2C%22h%22%3A600%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpushup.com%22%2C%22sid%22%3A%22062d9a21f747ddee7c25d4297776e0aa%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22bcbe0a45-c575-4303-b516-f96fcb5d81fc%22%7D%5D%7D%5D%7D%7D
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be7b95cc48a195f83a9400096043ea50a9e655d706701a9fd76ec58bdf06eb75

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 11:29:48 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FpPbuItGEaENEmKEje6ODENQgw%2F9Y5e9HDtnsv2RPwzLW0GtsP76fwGAgcFA6eJ6YvA5P12MQei31HiH2Xcx9Fx5EhcD02RUcT4HNO6ruzrnTbApOScklfZk7tDO1ZpoihQDkTQf"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7534dcd27be5aaff-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		186 B
407 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.112.222.132 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-112-222-132.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
7910995fe66bbbc80af099fa2dd67f65d522840829671238ea2786346c05d84c

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 11:29:48 GMT
content-encoding
gzip
x-prebid
pbs-java/1.100.0
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
175
expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		185 B
408 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.112.222.132 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-112-222-132.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
c2248f95c537cd8360d5e9788a9df7b4cb74f79ffc4a1e840034acfca461dc58

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 11:29:48 GMT
content-encoding
gzip
x-prebid
pbs-java/1.100.0
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
175
expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		185 B
405 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.112.222.132 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-112-222-132.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
cea81b8648d319c75d62661bfef39912a4c7fc891045b5d1426bdbf94c99c9ba

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 11:29:48 GMT
content-encoding
gzip
x-prebid
pbs-java/1.100.0
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
173
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		472 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20616&site_id=395958&zone_id=2209398&size_id=15%3B2%3B8&alt_size_ids=2%2C1%2C13%2C14%2C19%2C43%2C44%2C117%3B1%2C43%2C44%3B&rp_schain=1.0,1!adpushup.com,062d9a21f747ddee7c25d4297776e0aa,1,,,&eid_pubcid.org=bcbe0a45-c575-4303-b516-f96fcb5d81fc%5E1&rf=https%3A%2F%2Fwww.bg3.co%2Fa%2Fqiang-ni-dai-pu-nan-shen-ji-lao-13sui-ke-neng-yuan-yin-pu-guang.html&tk_flint=pbjs_lite_v6.19.0&x_source.tid=0b2dbf1b-9ab8-4e6b-8511-fff6f4a3dab7%3B30cb09fd-a580-45ef-8034-6c7e24651da2%3B9cddfccd-2ca8-4ce8-bc9c-6eb6e9f4fed3&l_pb_bid_id=47bf4df46f002d9%3B48f518b5976d905%3B49e5cfd75f35676&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=3&rand=0.23829650149297588
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
d4e3c54c5ac26bef3bda87a9571e08ff3d7e32f0499ad698e61b9f85fe262605

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 01 Oct 2022 11:29:48 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
Content-Type
application/json
Access-Control-Allow-Origin
https://www.bg3.co
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=5
Content-Length
472
Expires
Wed, 17 Sep 1975 21:32:10 GMT
bid-request
a.teads.tv/hb/ 		16 B
360 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.25.221.62 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-221-62.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 11:29:48 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Sat, 01 Oct 2022 11:29:48 GMT
hbjson
grid.bidswitch.net/ 		24 B
361 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.213.111.127 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
127.111.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
b6e85d7e4185e55b31c1b1e8fdbd03d7eefbc2a71efb773a4f19692baf91de00

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 01 Oct 2022 11:29:48 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
49
prebid
prebid.media.net/rtb/ 		1 KB
924 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUPEPKI9
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
af9589c20e3f1b1175d81be3245a0615b694ab8d0e45ef15a2872f8379600db1

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 11:29:48 GMT
content-encoding
gzip
via
1.1 google
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
513
alt-svc
clear
auction
tlx.3lift.com/header/ 		19 B
504 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=6.19.0&referrer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fqiang-ni-dai-pu-nan-shen-ji-lao-13sui-ke-neng-yuan-yin-pu-guang.html&tmax=3000
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.74.101.6 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-74-101-6.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 11:29:48 GMT
accept-ch
sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width,sec-ch-ua-platform,sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua,sec-ch-ua-bitness,sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect,user-agent,sec-ch-downlink
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
cookie.js
partner.googleadservices.com/gampad/ Frame 80EF 		379 B
693 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209260101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f156.1e100.net
Software
cafe /
Resource Hash
7e2ef08179686d02e267a482231d04074dd2df1d11abbb22b085a5a9a9973efe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 11:29:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
248
x-xss-protection
0
integrator.js
adservice.google.com.au/adsid/ Frame 80EF 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209260101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 11:29:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 80EF 		107 B
196 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209260101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 11:29:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
adx.holmesmind.com/adx-file/20220802/ Frame 478C
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1664623787&url=...
  • https://adx.holmesmind.com/adx-file/20220802/wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
673 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://adx.holmesmind.com/adx-file/20220802/wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209260101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-38.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
21902e4026c2f774fbd13f64845d6fd3a823c1ea64ee93e76a9fe06a49a74711

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
713
content-length
673
content-type
text/html
date
Sat, 01 Oct 2022 11:17:56 GMT
etag
"48eae0cda160246f65db69ea3a0e8b6a"
last-modified
Tue, 02 Aug 2022 04:45:52 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 32b95ef5feec0715f987a398c50c07d0.cloudfront.net (CloudFront)
x-amz-cf-id
Dz8SbNR0W4IddTF8RQ5AJJVcdwE5q_4iFMdQx5EGz8yLRSI_KZx2tg==
x-amz-cf-pop
SIN2-P1
x-amz-version-id
AXCXhborHznj.8nLhhiA1470QYBmIoZE
x-cache
Hit from cloudfront

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 01 Oct 2022 11:29:48 GMT
location
https://adx.holmesmind.com/adx-file/20220802/wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0282 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=afc_etu&etus=4&sig=2&tms=200&eid=44759876%2C44759927%2C44759837%2C44767668%2C31069962%2C42531706%2C31070009
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qiang-ni-dai-pu-nan-shen-ji-lao-13sui-ke-neng-yuan-yin-pu-guang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 11:29:48 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie.js
partner.googleadservices.com/gampad/ Frame 0282 		379 B
315 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209270101/show_ads_impl_fy2021.js?bust=31070009
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f156.1e100.net
Software
cafe /
Resource Hash
ccbae705aa2242b513627bb80ab6c5932caad5482e38a056cf633311eb9b2069
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 11:29:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
246
x-xss-protection
0
integrator.js
adservice.google.com.au/adsid/ Frame 0282 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209270101/show_ads_impl_fy2021.js?bust=31070009
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 11:29:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 0282 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209270101/show_ads_impl_fy2021.js?bust=31070009
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 11:29:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
adx.holmesmind.com/adx-file/20220802/ Frame 71E3
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1664623787&url=...
  • https://adx.holmesmind.com/adx-file/20220802/wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
673 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://adx.holmesmind.com/adx-file/20220802/wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209270101/show_ads_impl_fy2021.js?bust=31070009
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-38.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
21902e4026c2f774fbd13f64845d6fd3a823c1ea64ee93e76a9fe06a49a74711

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
713
content-length
673
content-type
text/html
date
Sat, 01 Oct 2022 11:17:56 GMT
etag
"48eae0cda160246f65db69ea3a0e8b6a"
last-modified
Tue, 02 Aug 2022 04:45:52 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 32b95ef5feec0715f987a398c50c07d0.cloudfront.net (CloudFront)
x-amz-cf-id
2uTZ_qt5xUVP83ACfzJVgslkkZGHmCx-2fyEOVjifGAz_jxSBhMq-A==
x-amz-cf-pop
SIN2-P1
x-amz-version-id
AXCXhborHznj.8nLhhiA1470QYBmIoZE
x-cache
Hit from cloudfront

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 01 Oct 2022 11:29:48 GMT
location
https://adx.holmesmind.com/adx-file/20220802/wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
integrator.js
adservice.google.com.au/adsid/ Frame 9CCB 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 11:29:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 9CCB 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 11:29:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 9CCB 		499 B
276 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3970019963835365&correlator=1621802631894801&eid=31068921&output=ldjh&gdfp_req=1&vrg=2022092701&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=64515409&sfv=1-0-38&fsapi=false&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1664623788043&lmt=1644386353&dlt=1664623786837&idt=1187&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=szw64qfmjesp&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&frm=24&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=1481240943.1664623788&ga_sid=1664623788&ga_hid=1468122026&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
a6c58614e73d738dba666a259861dbba24249fd22951ef20a746e7ff1fec61be
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 11:29:48 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
246
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cdn.aralego.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
4ba42ddf9525c38ddaa3d364ddd556c5.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame DD5C 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://4ba42ddf9525c38ddaa3d364ddd556c5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 01 Oct 2022 11:29:48 GMT
expires
Sun, 01 Oct 2023 11:29:48 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
integrator.js
adservice.google.com.au/adsid/ Frame 99AD 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092801.js?cb=31070024
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 11:29:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 99AD 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092801.js?cb=31070024
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 11:29:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 99AD 		492 B
264 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1477091843568708&correlator=1663391000725292&eid=31068500%2C31070024%2C31070083&output=ldjh&gdfp_req=1&vrg=2022092801&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=64515409&sfv=1-0-38&fsapi=false&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1664623788081&lmt=1644386353&dlt=1664623786772&idt=1286&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=p1tm76es6row&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&frm=24&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=960628179.1664623788&ga_sid=1664623788&ga_hid=397379571&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092801.js?cb=31070024
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
470a967605af93705852871bcaca3190beb24b40dc6f3ef9e50357435cd5d81c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 11:29:48 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
234
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cdn.aralego.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
318a65eb6825e2da5df410395aa8245e.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 77FE 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://318a65eb6825e2da5df410395aa8245e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092801.js?cb=31070024
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 01 Oct 2022 11:29:48 GMT
expires
Sun, 01 Oct 2023 11:29:48 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
rules-p-54Nt-1NAaEEe0.js
rules.quantcount.com/ 		209 B
681 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-54Nt-1NAaEEe0.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-43.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
aa446b1f105b20f07c49f55c8ea00ef9bc42d7f0c5f747319823f00a480ff7f6

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 11:00:14 GMT
via
1.1 242a08df1383db0d18e5cf8b76b259ce.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P1
age
1775
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
209
last-modified
Fri, 26 Aug 2022 18:04:08 GMT
server
AmazonS3
etag
"f6459e80de21135a46e02ad9e79f6802"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
XVbvbTE65VQ5lDYqRRX0wXL_9rdYgi3LH_EsDkykjfK9kMrm6ILFVg==
amp4ads-v0.js
cdn.ampproject.org/ Frame CB25 		261 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/amp4ads-v0.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-33512474804079522423&dff=sans-serif&prev_fmts=1600x96%2C1600x250&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=3&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=3179&oid=2&is_amp=5&amp_v=2209142312000&d_imp=1&c=1001285&ga_cid=amp-lfEJphMrir-y-H01hMFB_A&ga_hid=1285&dt=1664623786977&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fqiang-ni-dai-pu-nan-shen-ji-lao-13sui-ke-neng-yuan-yin-pu-guang.html&bdt=2640&dtd=290&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
e1cf5dde896e99f9fed685c4bedbeb9ef7263b2152cfebcb401a60c0e27ea9de
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Sat, 01 Oct 2022 11:29:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
69322
x-xss-protection
0
server
sffe
etag
"3f5c4d91016ed76a"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3000, stale-while-revalidate=1206600
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 01 Oct 2022 11:29:48 GMT
css
fonts.googleapis.com/ Frame CB25 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open%20Sans%3A400%2C700%7COpen%20Sans%3A300%2C400
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-33512474804079522423&dff=sans-serif&prev_fmts=1600x96%2C1600x250&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=3&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=3179&oid=2&is_amp=5&amp_v=2209142312000&d_imp=1&c=1001285&ga_cid=amp-lfEJphMrir-y-H01hMFB_A&ga_hid=1285&dt=1664623786977&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fqiang-ni-dai-pu-nan-shen-ji-lao-13sui-ke-neng-yuan-yin-pu-guang.html&bdt=2640&dtd=290&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f95.1e100.net
Software
ESF /
Resource Hash
7a695d75ed5265fb2f07d7f73e41ffe4acea9b5c5f6573294038d5ef560a0086
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 01 Oct 2022 11:29:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 01 Oct 2022 11:21:06 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 01 Oct 2022 11:29:48 GMT
amp-ad-exit-0.1.js
cdn.ampproject.org/v0/ Frame CB25 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-ad-exit-0.1.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-33512474804079522423&dff=sans-serif&prev_fmts=1600x96%2C1600x250&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=3&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=3179&oid=2&is_amp=5&amp_v=2209142312000&d_imp=1&c=1001285&ga_cid=amp-lfEJphMrir-y-H01hMFB_A&ga_hid=1285&dt=1664623786977&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fqiang-ni-dai-pu-nan-shen-ji-lao-13sui-ke-neng-yuan-yin-pu-guang.html&bdt=2640&dtd=290&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
fad6ef782cd3a0830d5705844a62753cad43e938dfc153f12264587de37686f0
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Sat, 01 Oct 2022 11:29:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6621
x-xss-protection
0
server
sffe
etag
"c0c3311f76902f53"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 01 Oct 2022 11:29:48 GMT
amp-analytics-0.1.js
cdn.ampproject.org/v0/ Frame CB25 		109 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-analytics-0.1.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-33512474804079522423&dff=sans-serif&prev_fmts=1600x96%2C1600x250&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=3&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=3179&oid=2&is_amp=5&amp_v=2209142312000&d_imp=1&c=1001285&ga_cid=amp-lfEJphMrir-y-H01hMFB_A&ga_hid=1285&dt=1664623786977&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fqiang-ni-dai-pu-nan-shen-ji-lao-13sui-ke-neng-yuan-yin-pu-guang.html&bdt=2640&dtd=290&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
01a989def5188d77aee84e4ce053666e0c5d2207bb7570c9d4991632afac09c9
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Sat, 01 Oct 2022 11:29:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31967
x-xss-protection
0
server
sffe
etag
"dfda97fe2a1b5ffc"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 01 Oct 2022 11:29:48 GMT
amp-form-0.1.js
cdn.ampproject.org/v0/ Frame CB25 		49 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-form-0.1.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-33512474804079522423&dff=sans-serif&prev_fmts=1600x96%2C1600x250&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=3&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=3179&oid=2&is_amp=5&amp_v=2209142312000&d_imp=1&c=1001285&ga_cid=amp-lfEJphMrir-y-H01hMFB_A&ga_hid=1285&dt=1664623786977&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fqiang-ni-dai-pu-nan-shen-ji-lao-13sui-ke-neng-yuan-yin-pu-guang.html&bdt=2640&dtd=290&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
b626e525becd9c321151bee2d4e9e70fcf7873f4418c3fcf92359fddf0cf51fc
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Sat, 01 Oct 2022 11:29:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14973
x-xss-protection
0
server
sffe
etag
"0c6fa01c90d735ce"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 01 Oct 2022 11:29:48 GMT
amp-fit-text-0.1.js
cdn.ampproject.org/v0/ Frame CB25 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-fit-text-0.1.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-33512474804079522423&dff=sans-serif&prev_fmts=1600x96%2C1600x250&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=3&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=3179&oid=2&is_amp=5&amp_v=2209142312000&d_imp=1&c=1001285&ga_cid=amp-lfEJphMrir-y-H01hMFB_A&ga_hid=1285&dt=1664623786977&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fqiang-ni-dai-pu-nan-shen-ji-lao-13sui-ke-neng-yuan-yin-pu-guang.html&bdt=2640&dtd=290&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
3c4cdd0ae679d1389631a6dcb08d6d5535a760c0307a51dee25b34bf06680607
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Sat, 01 Oct 2022 11:29:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2519
x-xss-protection
0
server
sffe
etag
"803ac2f605edc426"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 01 Oct 2022 11:29:48 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 9CCB 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022092701&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
41d70e3564216fc00ecdf7764e6eb5d71c2c22ed86a912a77ee91c0930e38c88
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 11:29:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11185
x-xss-protection
0
log
aplogger.adpushup.com/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://aplogger.adpushup.com/log?event=glimpse_pageView&data=eyJzZXNzaW9uSWQiOiI2MDE5NTBfMTY2NDYyMzc4ODY3NyIsInVzZXJJZCI6Ijg1NzAzMF8xNjY0NjIzNzg4Njc3Iiwic2l0ZUlkIjo0Mjc1MywicGxhdGZvcm0iOiJERVNLVE9QIiwicGFnZUlkIjoiNjc2MjcyXzE2NjQ2MjM3ODg2NzciLCJwYWdlUGF0aCI6IiUyRmElMkZxaWFuZy1uaS1kYWktcHUtbmFuLXNoZW4tamktbGFvLTEzc3VpLWtlLW5lbmcteXVhbi15aW4tcHUtZ3VhbmcuaHRtbCIsImhvc3RuYW1lIjoid3d3LmJnMy5jbyIsInVybCI6Imh0dHBzJTNBJTJGJTJGd3d3LmJnMy5jbyUyRmElMkZxaWFuZy1uaS1kYWktcHUtbmFuLXNoZW4tamktbGFvLTEzc3VpLWtlLW5lbmcteXVhbi15aW4tcHUtZ3VhbmcuaHRtbCIsInBoYXNlIjowLCJ1c2VyVHlwZSI6Ik5FVyIsInByZXZpZXdWYXJpYXRpb24iOiJub1ByZXZpZXdQYWdlIiwiZXhwZXJpbWVudFBhZ2UiOmZhbHNlLCJ0aW1lc3RhbXAiOjE2NjQ2MjM3ODg2Nzd9
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.211.156.162 Mumbai, India, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 11:29:49 GMT
server
nginx/1.14.0 (Ubuntu)
L2EvcWlhbmctbmktZGFpLXB1LW5hbi1zaGVuLWppLWxhby0xM3N1aS1rZS1uZW5nLXl1YW4teWluLXB1LWd1YW5nLmh0bWw=.json
cdn.adpushup.com/42753/ 		555 B
818 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/L2EvcWlhbmctbmktZGFpLXB1LW5hbi1zaGVuLWppLWxhby0xM3N1aS1rZS1uZW5nLXl1YW4teWluLXB1LWd1YW5nLmh0bWw=.json
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.200 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-200.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AU
date
Sat, 01 Oct 2022 11:29:49 GMT
server
nginx/1.18.0
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
server-timing
cdn-cache; desc=MISS, edge; dur=27, origin; dur=217
content-length
555
expires
Sat, 01 Oct 2022 12:29:49 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 99AD 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022092801&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092801.js?cb=31070024
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
eec9eeb81e84c0a674b5ffe7169608730f273b4575744066c382ecfeb242ca87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 11:29:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11286
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 9CCB 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 11:29:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 01 Oct 2022 11:29:49 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 71E3 		112 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20220802/wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
4bcb5c7672cd5053446fc242301e36a23898d0d5769f8d0798a04f92e71775bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 11:29:48 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38072
x-xss-protection
0
server
cafe
etag
6418396260039476631
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 01 Oct 2022 11:29:48 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 478C 		112 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20220802/wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
80c1ec4610c6aa9a75f0d1b695d02f8c6df3fa4408f22650f00631840e4ed4a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 11:29:48 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38073
x-xss-protection
0
server
cafe
etag
4571146621490330303
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 01 Oct 2022 11:29:48 GMT
pixel
pxl.qccerttest.com/ 		35 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pxl.qccerttest.com/pixel?r=1232589800;fpan=1;fpa=P0-345706084-1664623788885;pbc=bcbe0a45-c575-4303-b516-f96fcb5d81fc;ns=0;ce=1;qjs=1;qv=39016d63-20220929161725;ref=;cm=;gdpr=0;d=bg3.co;dst=0;et=1664623788884;tzo=0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fqiang-ni-dai-pu-nan-shen-ji-lao-13sui-ke-neng-yuan-yin-pu-guang.html;ogl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qiang-ni-dai-pu-nan-shen-ji-lao-13sui-ke-neng-yuan-yin-pu-guang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-86.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 10:38:02 GMT
via
1.1 32b95ef5feec0715f987a398c50c07d0.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
SIN2-P1
age
3108
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
35
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 04 Aug 2022 16:01:04 GMT
server
AmazonS3
etag
"55d25e9dc950d5db4d53a3b195c046c6"
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
image/gif
accept-ranges
bytes
x-amz-cf-id
yXi14uRs255vHwErA3L4fxsRC3bt3PG6ffHRKs_RXbapXTnGwwyw2w==
pixel;r=1605386244;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fqiang-ni-dai-pu-nan-shen-ji-lao-13sui-ke-neng-yuan-yin-pu-guang.html;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb0920...
pixel.quantserve.com/ 		35 B
372 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=1605386244;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fqiang-ni-dai-pu-nan-shen-ji-lao-13sui-ke-neng-yuan-yin-pu-guang.html;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=0;fpa=P0-345706084-1664623788885;pbc=bcbe0a45-c575-4303-b516-f96fcb5d81fc;ns=0;ce=1;qjs=1;qv=39016d63-20220929161725;cm=;gdpr=0;ref=;d=bg3.co;dst=0;et=1664623788887;tzo=0;ogl=;ses=5d1756e4-500d-4db8-a2ff-5d84e5c469ec
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qiang-ni-dai-pu-nan-shen-ji-lao-13sui-ke-neng-yuan-yin-pu-guang.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.229.10.211 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 11:29:48 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 99AD 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092801.js?cb=31070024
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 11:29:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 01 Oct 2022 11:29:49 GMT
truncated
/ Frame CB25 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aaaf0b2c3bd11afe20e1902624db617c2131b3272fabebd1160cb2f53dfb3750

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame CB25 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b019fcc39df5749553d1a50d8a582587cd5a9d8885729de26e56d296308c9509

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ Frame CB25 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans%3A400%2C700%7COpen%20Sans%3A300%2C400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f94.1e100.net
Software
sffe /
Resource Hash
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 05:13:47 GMT
x-content-type-options
nosniff
age
195362
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44856
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:20:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 29 Sep 2023 05:13:47 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame CB25
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-33512474804079522423&dff=sans-serif&prev_fmts=1600x96%2C1600x250&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=3&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=3179&oid=2&is_amp=5&amp_v=2209142312000&d_imp=1&c=1001285&ga_cid=amp-lfEJphMrir-y-H01hMFB_A&ga_hid=1285&dt=1664623786977&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fqiang-ni-dai-pu-nan-shen-ji-lao-13sui-ke-neng-yuan-yin-pu-guang.html&bdt=2640&dtd=290&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Protocol
H3
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 11:29:49 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sat, 01 Oct 2022 11:29:49 GMT

Redirect headers

date
Sat, 01 Oct 2022 11:29:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209260101/ Frame 71E3 		348 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209260101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
05ffca47ecfa965ea69ff5b6b123560d8be63da162be40310b6199c26a6ea3d0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 11:29:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
125655
x-xss-protection
0
server
cafe
etag
9109672573331505559
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sat, 01 Oct 2022 11:29:49 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame CB25 		0
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CmWFPqyQ4Y_nAN-SNpt8P7P-WsA6nsv6fa7PCqumqEOL83qe3GxABIM_m1XtgpYCAgJABoAG63Y32AsgBAagDAaoErgJP0JsMrufm_9B-sqL0P_X8q2UqV9mdVIvtbLfCBIoWsMpHCfPUEjSO4hXizyyYbP6o9iqex7XIAUo_LlCR2CQTT8etzz1biCLIdzUMaB67t9KkFYAWScKESmONgkiUs4LU3ZoOsVABemojoNbycZTLFKJN1s260NqpchrVXBOWmefc5eyVWch3KKKjhsEnnVgnl1T4YRrPDUTGxp4HsiL8gS1HVoL9qT3QcFlolxKPcqIPGyz2jImhu0fiqAlrmm93smYaUiVJX1YaV7nMqjR7JZtdGFjjDr4nNIZr5Gev0m5ptGVhLg1evfu4QvOuzXJof7XDWiNnf--JNNAlMM85WTSiAcODwOEkbK1ykXQr63Wo2ndi3_Hnr0ir7C8r0akoQHigpQYm4lODajivIsAE4duYjIsEgAeuovKJAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcDEJA10ggPCIBhEAEYHzICigI6AoBAgAoByAsB2BMD0BUBmBYBgBcBshccChoIABIUcHViLTMyMTYyMzE5MzU3MTMwMzgYAA&sigh=bhy0VJ2iPF8&uach_m=[]&template_id=5028
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-33512474804079522423&dff=sans-serif&prev_fmts=1600x96%2C1600x250&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=3&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=3179&oid=2&is_amp=5&amp_v=2209142312000&d_imp=1&c=1001285&ga_cid=amp-lfEJphMrir-y-H01hMFB_A&ga_hid=1285&dt=1664623786977&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fqiang-ni-dai-pu-nan-shen-ji-lao-13sui-ke-neng-yuan-yin-pu-guang.html&bdt=2640&dtd=290&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-33512474804079522423&dff=sans-serif&prev_fmts=1600x96%2C1600x250&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=3&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=3179&oid=2&is_amp=5&amp_v=2209142312000&d_imp=1&c=1001285&ga_cid=amp-lfEJphMrir-y-H01hMFB_A&ga_hid=1285&dt=1664623786977&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fqiang-ni-dai-pu-nan-shen-ji-lao-13sui-ke-neng-yuan-yin-pu-guang.html&bdt=2640&dtd=290&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sat, 01 Oct 2022 11:29:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sat, 01 Oct 2022 11:29:49 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209280101/ Frame 478C 		349 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209280101/show_ads_impl_fy2021.js?bust=31070061
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
07e0995e5ff39e3618d020d81059c953d9f0e2713b46cf53e945bbb936cb8879
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 11:29:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
125814
x-xss-protection
0
server
cafe
etag
8000393324708363401
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sat, 01 Oct 2022 11:29:49 GMT
zh_tw_bl.png
tpc.googlesyndication.com/pagead/images/abg/ Frame CB25 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/zh_tw_bl.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-33512474804079522423&dff=sans-serif&prev_fmts=1600x96%2C1600x250&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=3&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=3179&oid=2&is_amp=5&amp_v=2209142312000&d_imp=1&c=1001285&ga_cid=amp-lfEJphMrir-y-H01hMFB_A&ga_hid=1285&dt=1664623786977&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fqiang-ni-dai-pu-nan-shen-ji-lao-13sui-ke-neng-yuan-yin-pu-guang.html&bdt=2640&dtd=290&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
cafe /
Resource Hash
3734c01100f54eb39e2612827645a197465b209f0b058efd22d2aa04f34fb66c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 03:14:31 GMT
x-content-type-options
nosniff
server
cafe
age
29718
etag
4870481765684750750
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3412
x-xss-protection
0
expires
Sun, 02 Oct 2022 03:14:31 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame CB25 		344 B
449 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-33512474804079522423&dff=sans-serif&prev_fmts=1600x96%2C1600x250&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=3&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=3179&oid=2&is_amp=5&amp_v=2209142312000&d_imp=1&c=1001285&ga_cid=amp-lfEJphMrir-y-H01hMFB_A&ga_hid=1285&dt=1664623786977&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fqiang-ni-dai-pu-nan-shen-ji-lao-13sui-ke-neng-yuan-yin-pu-guang.html&bdt=2640&dtd=290&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 06:16:51 GMT
x-content-type-options
nosniff
server
cafe
age
18778
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Sun, 02 Oct 2022 06:16:51 GMT
js
www.googletagmanager.com/gtag/ 		211 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
51bafcfe72351c0af2fe51cfc7bee6b3ae0e8f1219d73f9be0a706a76c94c494
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 11:29:49 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
75320
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sat, 01 Oct 2022 11:29:49 GMT
log
aplogger.adpushup.com/ 		0
53 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://aplogger.adpushup.com/log?event=linkPreview_failed_JSONRequest&data=eyJzaXRlSWQiOjQyNzUzLCJ1cmwiOiIvYS9xaWFuZy1uaS1kYWktcHUtbmFuLXNoZW4tamktbGFvLTEzc3VpLWtlLW5lbmcteXVhbi15aW4tcHUtZ3VhbmcuaHRtbCIsInRpbWUiOjE2NjQ2MjM3ODkxNDV9
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.211.156.162 Mumbai, India, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 11:29:49 GMT
server
nginx/1.14.0 (Ubuntu)
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4A6E 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
278135
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 28 Sep 2022 06:14:14 GMT
expires
Thu, 28 Sep 2023 06:14:14 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 61D8 		783 B
745 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f105.1e100.net
Software
GSE /
Resource Hash
54bcf47939a0c3c99b6e1c2ffb850422ef83f6f95f3b74bcad3b280851eb40c2
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-XSZRFQ6AxWsVZw5TCJPn7A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
515
content-security-policy
script-src 'report-sample' 'nonce-XSZRFQ6AxWsVZw5TCJPn7A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 01 Oct 2022 11:29:49 GMT
expires
Sat, 01 Oct 2022 11:29:49 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 0284 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
278135
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 28 Sep 2022 06:14:14 GMT
expires
Thu, 28 Sep 2023 06:14:14 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 096F 		783 B
1001 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f105.1e100.net
Software
GSE /
Resource Hash
f76ea38e84200d83685c8379ccdfea6a34b8ea9e55ac5ca58e34fd42b03be825
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-GtBZdWrcJ5SpEh2EOCV8Lw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-GtBZdWrcJ5SpEh2EOCV8Lw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 01 Oct 2022 11:29:49 GMT
expires
Sat, 01 Oct 2022 11:29:49 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
integrator.js
adservice.google.com.au/adsid/ Frame 71E3 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=adx.holmesmind.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209260101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 11:29:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 71E3 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=adx.holmesmind.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209260101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 11:29:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 462A 		40 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664623789109&bpp=12&bdt=241&idt=291&shv=r20220928&mjsv=m202209260101&ptt=5&saldr=sa&correlator=3320968579404&frm=8&ife=1&pv=2&ga_vid=208553748.1664623789&ga_sid=1664623789&ga_hid=278133060&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C42531705%2C44774606&oid=2&pvsid=1158264308673769&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.4v6z4brohjt0&fsb=1&dtd=307
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209260101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
cafe /
Resource Hash
8df86175b747d53516e49ecbbfac5409c4bd4e14dc3333bbfc5149ef755dfe4e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
15833
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 01 Oct 2022 11:29:50 GMT
expires
Sat, 01 Oct 2022 11:29:50 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
integrator.js
adservice.google.com.au/adsid/ Frame 478C 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=adx.holmesmind.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209280101/show_ads_impl_fy2021.js?bust=31070061
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 11:29:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 478C 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=adx.holmesmind.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209280101/show_ads_impl_fy2021.js?bust=31070061
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 11:29:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 98F8 		40 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664623789129&bpp=12&bdt=254&idt=302&shv=r20220928&mjsv=m202209280101&ptt=5&saldr=sa&correlator=2846240447644&frm=8&ife=1&pv=2&ga_vid=1086681421.1664623789&ga_sid=1664623789&ga_hid=1738764289&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C42531706%2C31070061%2C31069720&oid=2&pvsid=3982342905089135&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.ecsy7qwaozha&fsb=1&dtd=319
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209280101/show_ads_impl_fy2021.js?bust=31070061
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
cafe /
Resource Hash
4d335a4f3b8eef7ea04141f851f67284af42c7b44cc22e250ee42aac9920b819
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
16099
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 01 Oct 2022 11:29:49 GMT
expires
Sat, 01 Oct 2022 11:29:49 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
-Y38d37a1DmvdXzRnIUkD6jTpQ2urOaWudC6FG_jR1g.js
pagead2.googlesyndication.com/bg/ Frame 4A6E 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/-Y38d37a1DmvdXzRnIUkD6jTpQ2urOaWudC6FG_jR1g.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
sffe /
Resource Hash
f98dfc777edad439af757cd19c85240fa8d3a50daeace696b9d0ba146fe34758
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 19:36:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
230025
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15918
x-xss-protection
0
last-modified
Tue, 27 Sep 2022 16:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 28 Sep 2023 19:36:04 GMT
-Y38d37a1DmvdXzRnIUkD6jTpQ2urOaWudC6FG_jR1g.js
pagead2.googlesyndication.com/bg/ Frame 0284 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/-Y38d37a1DmvdXzRnIUkD6jTpQ2urOaWudC6FG_jR1g.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
sffe /
Resource Hash
f98dfc777edad439af757cd19c85240fa8d3a50daeace696b9d0ba146fe34758
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 19:36:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
230025
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15918
x-xss-protection
0
last-modified
Tue, 27 Sep 2022 16:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 28 Sep 2023 19:36:04 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 096F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022092801&jk=1477091843568708&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qiang-ni-dai-pu-nan-shen-ji-lao-13sui-ke-neng-yuan-yin-pu-guang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 61D8 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022092701&jk=3970019963835365&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qiang-ni-dai-pu-nan-shen-ji-lao-13sui-ke-neng-yuan-yin-pu-guang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 4A6E 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?snb9fQ
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qiang-ni-dai-pu-nan-shen-ji-lao-13sui-ke-neng-yuan-yin-pu-guang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 11:29:50 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
generate_204
tpc.googlesyndication.com/ Frame 0284 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?28uJ_Q
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qiang-ni-dai-pu-nan-shen-ji-lao-13sui-ke-neng-yuan-yin-pu-guang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 11:29:50 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
collect
www.google-analytics.com/g/ 		0
97 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=2oe9s0&_p=1285&cid=2018508922.1664623790&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_z=ccd.v9B&_s=1&sid=1664623790&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fqiang-ni-dai-pu-nan-shen-ji-lao-13sui-ke-neng-yuan-yin-pu-guang.html&dt=%E5%BC%B7%E5%B0%BC%E6%88%B4%E6%99%AE%E7%94%B7%E7%A5%9E%E3%80%8C%E6%BF%80%E8%80%8113%E6%AD%B2%E3%80%8D%E3%80%80%E5%8F%AF%E8%83%BD%E5%8E%9F%E5%9B%A0%E6%9B%9D%E5%85%89%EF%BC%81%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_fv=1&_nsi=1&_ss=1&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_success
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f102.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 11:29:50 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 0E5D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CvtJprSQ4Y7a-J6G_vcAP9ZyFqAis1_3wZLT2qJPiC8CNtwEQASAAYKWAgICQAYIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3oAGV9ZvfA8gBCagDAaoEuQFP0OlCtlHEJOBcD7CfbSAozDBRMWuOTXcmFt5yyZQRd8--lEBGIzBBZDT_lQv4xyd_grPN0SXImrZK4xivGJU2tfwEK5A-DWJYmsXekEBjtX7vLav7CWXQPsRnjAJ_a2Bqa9PCySpgI6w8c6sCWzu4MY2iIHw970nkYdJEMCOuitIsKA2DU_O5VUALGZD_NcoJ3Dgn3RDhlwyW9x_bqTdgBZZoWDIZOefo1ZpIw_myUGYwvCwtfMnyF4AGw8Xfm8qtzZjpAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBAgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTQ0ODUyMzk0MjU5MjQ3ODcY4swZ&sigh=pbVDBE3LU94&uach_m=[UACH]&cid=CAQSKQCsnQUxnUbHNG9r811jsIlmqy98Sgv24CZQCxA_VAVKeN3hBAjPdrQbGAEgEw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qiang-ni-dai-pu-nan-shen-ji-lao-13sui-ke-neng-yuan-yin-pu-guang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664623789129&bpp=12&bdt=254&idt=302&shv=r20220928&mjsv=m202209280101&ptt=5&saldr=sa&correlator=2846240447644&frm=8&ife=1&pv=2&ga_vid=1086681421.1664623789&ga_sid=1664623789&ga_hid=1738764289&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C42531706%2C31070061%2C31069720&oid=2&pvsid=3982342905089135&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.ecsy7qwaozha&fsb=1&dtd=319
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sat, 01 Oct 2022 11:29:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
log
hblg.media.net/ Frame 0E5D 		35 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hblg.media.net/log?logid=kfk&evtid=l1log&app=0&cc=AU&ctr=3.344339E-4&viewability=-1&device_id=4&cbdp=0.014&slotVisibility=2&dn=bg3.co&acid=8275cafd38a14c8c8137c10726d6ebc8&ugd=4&size=250x250&pvid=4&csip=rtb-common-istio-9f7d664b7-9g2gj.SG&ogbdp=0.02&prvReqId=39679432053656_416911690_52982010441&itype=ADX&requrl=https%3A%2F%2Fwww.bg3.co&scrid=1700080812610100250025000000500&mang=1&bidrestime=1664623789758&cid=8CU3SX34C&rme=nurl
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qiang-ni-dai-pu-nan-shen-ji-lao-13sui-ke-neng-yuan-yin-pu-guang.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.25.248.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-248-23.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 11:29:50 GMT
strict-transport-security
max-age=86400 ; includeSubDomains
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Sat, 01 Oct 2022 11:29:50 GMT
log
qsearch-a.akamaihd.net/ Frame 0E5D 		35 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://qsearch-a.akamaihd.net/log?logid=kfk&evtid=dmmra&ckfl=0&lper=&app_type=adx_test&bdr_typ=1&ss_d1=0&ogerpm=0.0100&ss_d2=0&stid=&other_prv=4&jar_err=&current_day=6.0&adtyp=0&req_id=YzgkrQAKsfwCD09DNgYfAA&bd_m3=0.0000&bidfp=0.0100&bd_m2=0.0000&pvag_id=&bd_m1=0.0000&ugd=4&dim10=false&predicted_wr=72.2653&exp=&fdbk_id=&second_bidder=*&search_res=41&floor_bucket=0.00&gpid_format=&seat=BID_API&size=250x250&f_seg=&prdp=0.0136&ogcbdp=0.0200&dfpbd=0.0136&server=1&ogerpm_wd_bkt=0-1&model_version=202210010024_generic_adx_1-cid_1&viewability=-0.0100&dmm_r=0.0000&cut=32&dmm_l=0.0000&as_cache=1&tcyerpm=&sc=AU-NSW&send_erpm=true&dmm_m9=0.0000&sd=1&hb_exp=&seg=&dmm_m4=1.1500&erpm_bucket=0.00&ugd_ver=&requrl=bg3.co%2F&bidrestime=1664623789758&cc=AU&strg=harmony&ss=&current_hour=11&time_stamp=2022-10-01+11%3A29%3A49&model_key=generic_adx_1-cid_1&rvshhon=&mul_ratio=0.0000&bdp=0.0200&ct=beaconsfield&akey=&mnckfl=0&bdp_bucket=0.00&algo=default&dc=apac_sg&splid=&dim4=ogerpm_multiplier_used&dn=bg3.co&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F89.0.4389.72+Safari%2F537.36&buyer_id=&bdp_wider_bucket=1&acid=8275cafd38a14c8c8137c10726d6ebc8&infl=&o_ver=NT+10.0&br_ver=89.0.4389.72&bdmm_m6=0.0000&bdmm_m7=0.0000&bdmm_m5=0.0000&ver=8.14.1&totalTimeBucket=3&visibility=2&totalTime=3499130&dmm_m1=2022-10-01+11%3A29%3A49.759874919&e_rpm=0.0000&dmm_m22=0.0100&gdpr=&vsid=&log_less=false&gpid_sent=false&ogerpm_used=false&bdmm_m12=0.0000&cid=8CU3SX34C&bcrid=1700080812610100250025000000500&rawbid=0.0200&seat_id=BID_API&sub_bidder=186&pst=EMS&pbshr=100.0000&dmm_d10=&o_id=101&clisp=rtb-common-istio-9f7d664b7-9g2gj.SG&dfp_bucket=0.0&adblk=3314916115&itype=adx&pvid_seat=4_BID_API&cliIP=2918568192&advurl=topics.businessfocus.online%2F&level_base=0&crid=529820104&sat=1&br_id=265&cut_bkt=1&gpid=&iwb=1&second_bid=0.000000&sc_pvid=4&capd=0&other_bids=0.02
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qiang-ni-dai-pu-nan-shen-ji-lao-13sui-ke-neng-yuan-yin-pu-guang.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
42.99.140.216 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-216.pacnet.net
Software
/
Resource Hash

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 01 Oct 2022 11:29:50 GMT
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Sat, 01 Oct 2022 11:29:50 GMT
nmedianet.js
contextual.media.net/ Frame 0E5D 		162 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/nmedianet.js?cid=8CUABW64L
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664623789129&bpp=12&bdt=254&idt=302&shv=r20220928&mjsv=m202209280101&ptt=5&saldr=sa&correlator=2846240447644&frm=8&ife=1&pv=2&ga_vid=1086681421.1664623789&ga_sid=1664623789&ga_hid=1738764289&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C42531706%2C31070061%2C31069720&oid=2&pvsid=3982342905089135&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.ecsy7qwaozha&fsb=1&dtd=319
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.25.220.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-220-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
265aa332f8386c4309e4e57fa53f6339e7a281249a2f14d5986b04b2b62eb35e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-mnt-h
22-hhg9
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Sat, 01 Oct 2022 11:29:50 GMT
server
Apache
etag
"6317222b936ea1d6419d80ca4deac11f"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
max-age=300
x-mnt-w
8-32
timing-allow-origin
*
expires
Sat, 01 Oct 2022 11:34:50 GMT
adperformance.js
warp.media.net/rtb/resource/ Frame 0E5D 		61 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://warp.media.net/rtb/resource/adperformance.js?v=35e90bcdc8
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664623789129&bpp=12&bdt=254&idt=302&shv=r20220928&mjsv=m202209280101&ptt=5&saldr=sa&correlator=2846240447644&frm=8&ife=1&pv=2&ga_vid=1086681421.1664623789&ga_sid=1664623789&ga_hid=1738764289&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C42531706%2C31070061%2C31069720&oid=2&pvsid=3982342905089135&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.ecsy7qwaozha&fsb=1&dtd=319
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.25.248.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-248-23.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
3378135f525fc551ce49d2c117e9967735794757a4c71910d8c1b8fa38bf3f2c
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=604800
date
Sat, 01 Oct 2022 11:29:50 GMT
server
nginx
content-type
application/javascript;charset=ISO-8859-1
cache-control
max-age=16782
access-control-allow-credentials
true
content-length
62892
expires
Sat, 01 Oct 2022 16:09:32 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/ Frame 0E5D 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664623789129&bpp=12&bdt=254&idt=302&shv=r20220928&mjsv=m202209280101&ptt=5&saldr=sa&correlator=2846240447644&frm=8&ife=1&pv=2&ga_vid=1086681421.1664623789&ga_sid=1664623789&ga_hid=1738764289&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C42531706%2C31070061%2C31069720&oid=2&pvsid=3982342905089135&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.ecsy7qwaozha&fsb=1&dtd=319
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 10:26:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3801
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 15 Oct 2022 10:26:29 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/ Frame 0E5D 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664623789129&bpp=12&bdt=254&idt=302&shv=r20220928&mjsv=m202209280101&ptt=5&saldr=sa&correlator=2846240447644&frm=8&ife=1&pv=2&ga_vid=1086681421.1664623789&ga_sid=1664623789&ga_hid=1738764289&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C42531706%2C31070061%2C31069720&oid=2&pvsid=3982342905089135&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.ecsy7qwaozha&fsb=1&dtd=319
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
cafe /
Resource Hash
86d8e892ceacd8c8a7e7125c68dd0e1b311f8399871b6d64b8b6795f0235c1d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 10:46:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2600
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7559
x-xss-protection
0
server
cafe
etag
15289875785628835784
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 15 Oct 2022 10:46:30 GMT
l
www.google.com/ads/measurement/ Frame 0E5D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQZqvepxkyQtAk6i0eG3Fck_AKJ1YWg4nCO515CHXmfiUh-EPF8wbjWK4aEXLDnGOAyV1qH05_bBycpk3FugmdfHxK3Dg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664623789129&bpp=12&bdt=254&idt=302&shv=r20220928&mjsv=m202209280101&ptt=5&saldr=sa&correlator=2846240447644&frm=8&ife=1&pv=2&ga_vid=1086681421.1664623789&ga_sid=1664623789&ga_hid=1738764289&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C42531706%2C31070061%2C31069720&oid=2&pvsid=3982342905089135&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.ecsy7qwaozha&fsb=1&dtd=319
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f105.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0E5D 		140 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664623789129&bpp=12&bdt=254&idt=302&shv=r20220928&mjsv=m202209280101&ptt=5&saldr=sa&correlator=2846240447644&frm=8&ife=1&pv=2&ga_vid=1086681421.1664623789&ga_sid=1664623789&ga_hid=1738764289&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C42531706%2C31070061%2C31069720&oid=2&pvsid=3982342905089135&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.ecsy7qwaozha&fsb=1&dtd=319
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
sffe /
Resource Hash
da8438b81e390283f6eb8cc9cf49ccde3d00c954b4fbccdf6372c162c4b58ab2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 11:29:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44530
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1664365478704152"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 01 Oct 2022 11:29:50 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame F7A1 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C1AQwrSQ4Y6K2K4mfn88P0NiCwAas1_3wZLT2qJPiC8CNtwEQASAAYKWAgICQAYIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3oAGV9ZvfA8gBCagDAaoE1QFP0JcPz0E8Fl8vYqmg-oXXNEy4JKh3p1frRRfy_OeIN-AryFX1GeTF59oI9e3bBzep-HYSshc12ZiyzZshlTTnBvbh7VAIJDEMGmiJNvY-CnPZDuzyVEIUEBTQV6A_P2JHUV21nikm08CQGxXNJ3zRXYzNfdlWJa-ZG5JAS_8jNeJb8XGK8ZRSg89Q9Ha3x0GtBJJ41XgJyHdcprgZAfNuwESxmNjbGK6QwLbmg0cme9_tAHvHBkW9c9udM05i57t-4HaGRAy_gpR7nQEf-GerceKIQBSABsPF35vKrc2Y6QGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQIAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi00NDg1MjM5NDI1OTI0Nzg3GOLMGQ&sigh=Zt2ufnWC1vs&uach_m=[UACH]&cid=CAQSKQCsnQUxuzMRV9ikyzQK91Btc___MzDwHe_DtnhJtdn8d0SGnyv_0NooGAEgEw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qiang-ni-dai-pu-nan-shen-ji-lao-13sui-ke-neng-yuan-yin-pu-guang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664623789109&bpp=12&bdt=241&idt=291&shv=r20220928&mjsv=m202209260101&ptt=5&saldr=sa&correlator=3320968579404&frm=8&ife=1&pv=2&ga_vid=208553748.1664623789&ga_sid=1664623789&ga_hid=278133060&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C42531705%2C44774606&oid=2&pvsid=1158264308673769&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.4v6z4brohjt0&fsb=1&dtd=307
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sat, 01 Oct 2022 11:29:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
log
hblg.media.net/ Frame F7A1 		35 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hblg.media.net/log?logid=kfk&evtid=l1log&app=0&cc=AU&ctr=3.344339E-4&viewability=-1&device_id=4&cbdp=0.014&slotVisibility=2&dn=bg3.co&acid=7051a0456e3b4be9ade00f1d49cf7e2b&ugd=4&size=250x250&pvid=313&csip=rtb-common-istio-9f7d664b7-g8ns9.SG&ogbdp=0.02&prvReqId=38825707890236_2025266781_52982010413131&itype=ADX&requrl=https%3A%2F%2Fwww.bg3.co&scrid=1700080812610100250025000000500&mang=1&bidrestime=1664623789866&cid=8CU3SX34C&rme=nurl
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qiang-ni-dai-pu-nan-shen-ji-lao-13sui-ke-neng-yuan-yin-pu-guang.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.25.248.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-248-23.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 11:29:50 GMT
strict-transport-security
max-age=86400 ; includeSubDomains
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Sat, 01 Oct 2022 11:29:50 GMT
log
qsearch-a.akamaihd.net/ Frame F7A1 		35 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://qsearch-a.akamaihd.net/log?logid=kfk&evtid=dmmra&ckfl=0&lper=&app_type=adx_test&bdr_typ=1&ss_d1=0&ogerpm=0.0100&ss_d2=0&stid=&other_prv=313&jar_err=&current_day=6.0&adtyp=0&req_id=YzgkrQALmWkD5_99LQO4ZA&bd_m3=0.0000&bidfp=0.0100&bd_m2=0.0000&pvag_id=&bd_m1=0.0000&ugd=4&dim10=false&predicted_wr=68.9298&exp=&fdbk_id=&second_bidder=*&search_res=40&floor_bucket=0.00&gpid_format=&seat=BID_API&size=250x250&f_seg=&prdp=0.0138&ogcbdp=0.0200&dfpbd=0.0138&server=1&ogerpm_wd_bkt=0-1&model_version=202210010024_generic_adx_1-cid_1&viewability=-0.0100&dmm_r=0.0000&cut=31&dmm_l=0.0000&as_cache=1&tcyerpm=&sc=AU-NSW&send_erpm=true&dmm_m9=0.0000&sd=1&hb_exp=&seg=&dmm_m4=1.1500&erpm_bucket=0.00&ugd_ver=&requrl=bg3.co%2F&bidrestime=1664623789866&cc=AU&strg=harmony&ss=&current_hour=11&time_stamp=2022-10-01+11%3A29%3A49&model_key=generic_adx_1-cid_1&rvshhon=&mul_ratio=0.0000&bdp=0.0200&ct=beaconsfield&akey=&mnckfl=0&bdp_bucket=0.00&algo=unison11&dc=apac_sg&splid=&dim4=ogerpm_multiplier_used&dn=bg3.co&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F89.0.4389.72+Safari%2F537.36&buyer_id=&bdp_wider_bucket=1&acid=7051a0456e3b4be9ade00f1d49cf7e2b&infl=&o_ver=NT+10.0&br_ver=89.0.4389.72&bdmm_m6=0.0000&bdmm_m7=0.0000&bdmm_m5=0.0000&ver=8.14.1&totalTimeBucket=2&visibility=2&totalTime=2903149&dmm_m1=2022-10-01+11%3A29%3A49.868108182&e_rpm=0.0000&dmm_m22=0.0100&gdpr=&vsid=&log_less=false&gpid_sent=false&ogerpm_used=false&bdmm_m12=0.0000&cid=8CU3SX34C&bcrid=1700080812610100250025000000500&rawbid=0.0200&seat_id=BID_API&sub_bidder=186&pst=EMS&pbshr=100.0000&dmm_d10=&o_id=101&clisp=rtb-common-istio-9f7d664b7-g8ns9.SG&dfp_bucket=0.0&adblk=3314916115&itype=adx&pvid_seat=313_BID_API&cliIP=2918568192&advurl=topics.businessfocus.online%2F&level_base=0&crid=529820104&sat=1&br_id=265&cut_bkt=1&gpid=&iwb=1&second_bid=0.000000&sc_pvid=313&capd=0&other_bids=0.02
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qiang-ni-dai-pu-nan-shen-ji-lao-13sui-ke-neng-yuan-yin-pu-guang.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
42.99.140.216 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-216.pacnet.net
Software
/
Resource Hash

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 01 Oct 2022 11:29:50 GMT
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Sat, 01 Oct 2022 11:29:50 GMT
nmedianet.js
contextual.media.net/ Frame F7A1 		162 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/nmedianet.js?cid=8CUABW64L
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664623789109&bpp=12&bdt=241&idt=291&shv=r20220928&mjsv=m202209260101&ptt=5&saldr=sa&correlator=3320968579404&frm=8&ife=1&pv=2&ga_vid=208553748.1664623789&ga_sid=1664623789&ga_hid=278133060&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C42531705%2C44774606&oid=2&pvsid=1158264308673769&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.4v6z4brohjt0&fsb=1&dtd=307
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.25.220.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-220-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8972d0c800648a8dea7abcc52b7f5761067765b08bf1bc940246f7b279d737dc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-mnt-h
22-hhg9
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Sat, 01 Oct 2022 11:29:50 GMT
server
Apache
etag
"6317222b936ea1d6419d80ca4deac11f"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
max-age=300
x-mnt-w
8-32
timing-allow-origin
*
expires
Sat, 01 Oct 2022 11:34:50 GMT
adperformance.js
warp.media.net/rtb/resource/ Frame F7A1 		61 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://warp.media.net/rtb/resource/adperformance.js?v=35e90bcdc8
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664623789109&bpp=12&bdt=241&idt=291&shv=r20220928&mjsv=m202209260101&ptt=5&saldr=sa&correlator=3320968579404&frm=8&ife=1&pv=2&ga_vid=208553748.1664623789&ga_sid=1664623789&ga_hid=278133060&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C42531705%2C44774606&oid=2&pvsid=1158264308673769&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.4v6z4brohjt0&fsb=1&dtd=307
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.25.248.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-248-23.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
3378135f525fc551ce49d2c117e9967735794757a4c71910d8c1b8fa38bf3f2c
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=604800
date
Sat, 01 Oct 2022 11:29:50 GMT
server
nginx
content-type
application/javascript;charset=ISO-8859-1
cache-control
max-age=16782
access-control-allow-credentials
true
content-length
62892
expires
Sat, 01 Oct 2022 16:09:32 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/ Frame F7A1 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664623789109&bpp=12&bdt=241&idt=291&shv=r20220928&mjsv=m202209260101&ptt=5&saldr=sa&correlator=3320968579404&frm=8&ife=1&pv=2&ga_vid=208553748.1664623789&ga_sid=1664623789&ga_hid=278133060&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C42531705%2C44774606&oid=2&pvsid=1158264308673769&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.4v6z4brohjt0&fsb=1&dtd=307
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 10:26:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3801
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 15 Oct 2022 10:26:29 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/ Frame F7A1 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664623789109&bpp=12&bdt=241&idt=291&shv=r20220928&mjsv=m202209260101&ptt=5&saldr=sa&correlator=3320968579404&frm=8&ife=1&pv=2&ga_vid=208553748.1664623789&ga_sid=1664623789&ga_hid=278133060&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C42531705%2C44774606&oid=2&pvsid=1158264308673769&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.4v6z4brohjt0&fsb=1&dtd=307
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
cafe /
Resource Hash
86d8e892ceacd8c8a7e7125c68dd0e1b311f8399871b6d64b8b6795f0235c1d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 10:46:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2600
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7559
x-xss-protection
0
server
cafe
etag
15289875785628835784
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 15 Oct 2022 10:46:30 GMT
l
www.google.com/ads/measurement/ Frame F7A1 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSRxEckclBURIR4xGWrjC1pMpNtRyA0mSPNJnB13AbGeI1MgLtmWTEGUU4DtxNQOIJUZ-MHi4LGwzhNq5R56DVxMLb21A
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664623789109&bpp=12&bdt=241&idt=291&shv=r20220928&mjsv=m202209260101&ptt=5&saldr=sa&correlator=3320968579404&frm=8&ife=1&pv=2&ga_vid=208553748.1664623789&ga_sid=1664623789&ga_hid=278133060&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C42531705%2C44774606&oid=2&pvsid=1158264308673769&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.4v6z4brohjt0&fsb=1&dtd=307
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f105.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F7A1 		140 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664623789109&bpp=12&bdt=241&idt=291&shv=r20220928&mjsv=m202209260101&ptt=5&saldr=sa&correlator=3320968579404&frm=8&ife=1&pv=2&ga_vid=208553748.1664623789&ga_sid=1664623789&ga_hid=278133060&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C42531705%2C44774606&oid=2&pvsid=1158264308673769&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.4v6z4brohjt0&fsb=1&dtd=307
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
sffe /
Resource Hash
da8438b81e390283f6eb8cc9cf49ccde3d00c954b4fbccdf6372c162c4b58ab2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 11:29:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44530
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1664365478704152"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 01 Oct 2022 11:29:50 GMT
integrator.js
adservice.google.com.au/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 11:29:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 11:29:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		65 KB
21 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1824631024451244&correlator=441007884642688&output=ldjh&gdfp_req=1&vrg=2022092701&ptt=17&impl=fifs&iu_parts=103512698%3A22574853003%2C22477626096%2C22479095528%2C22579309510&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3&prev_iu_szs=320x50%7C728x250%7C728x90%7C690x90%7C690x250%7C675x90%7C675x250%7C670x90%7C670x250%7C650x90%7C650x250%7C650x150%7C630x90%7C630x250%7C602x100%7C600x90%7C600x250%7C580x90%7C570x90%7C550x150%7C468x60%7C320x50%7C320x100%7C300x50%7C300x100%7C300x75%7C300x250%7C250x250%7C200x200%2C320x50%7C728x90%7C690x90%7C675x90%7C670x90%7C650x90%7C630x90%7C600x90%7C580x90%7C570x90%7C468x60%7C320x50%7C300x50%7C300x75%2C320x50%7C120x600&fluid=height%2Cheight%2Cheight&ifi=1&adks=1420297610%2C2857874404%2C4082231052&sfv=1-0-38&fsapi=false&prev_scp=adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26refreshcount%3D0%26refreshrate%3D30%26hb_ap_format%3Dbanner%26hb_ap_pb%3D0.00%26hb_ap_adid%3D743a3f7622980de%26hb_ap_bidder%3Dappnexus%7Cadpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26refreshcount%3D0%26refreshrate%3D30%26hb_ap_format%3Dbanner%26hb_ap_pb%3D0.00%26hb_ap_adid%3D75ea7d3e372ff33%26hb_ap_bidder%3Dappnexus%7Cadpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26refreshcount%3D0%26refreshrate%3D30%26hb_ap_format%3Dbanner%26hb_ap_pb%3D0.00%26hb_ap_adid%3D76463c7b2cfcb64%26hb_ap_bidder%3Dappnexus&eri=1&cust_params=da%3Dadx%26outbrain%3Dtrue&sc=1&cookie=ID%3D6f4c87a071f79544-223c3ecad2d600f3%3AT%3D1664623788%3ART%3D1664623788%3AS%3DALNI_Mbv19KpLQnVd0bdDO8Szkgn3oUjXQ&gpic=UID%3D00000a153b26165b%3AT%3D1664623788%3ART%3D1664623788%3AS%3DALNI_MbHODgTsRph-bxORIxFznCnayypgQ&arp=1&abxe=1&dt=1664623790653&lmt=1664623790&dlt=1664623784337&idt=3658&adxs=236%2C436%2C5&adys=60%2C1110%2C300&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0&ucis=1%7C2%7C3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fqiang-ni-dai-pu-nan-shen-ji-lao-13sui-ke-neng-yuan-yin-pu-guang.html&frm=20&vis=1&psz=728x-1%7C728x-1%7C120x-1&msz=728x-1%7C728x-1%7C120x-1&fws=4%2C516%2C516&ohw=728%2C1600%2C1600&ga_vid=2018508922.1664623790&ga_sid=1664623791&ga_hid=1285&ga_fc=true&ga_cid=amp-lfEJphMrir-y-H01hMFB_A
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
5f95b5ab38cf5c6b6ac98665021e6bc6a48b3959e37094b613a4a911246a27a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 11:29:51 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21954
x-xss-protection
0
google-lineitem-id
-1,-1,-1
pragma
no-cache
server
cafe
google-creative-id
-1,-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame DA38 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 01 Oct 2022 11:29:50 GMT
expires
Sun, 01 Oct 2023 11:29:50 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
publishertag.prebid.117.js
static.criteo.net/js/ld/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 11:29:51 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 29 Dec 2021 12:30:46 GMT
server
nginx
etag
W/"61cc54f6-15c19"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 02 Oct 2022 11:29:51 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 9CCB 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022092701&jk=3970019963835365&bg=!wMOlw4fNAAYQgTJdMIE7ACkAdvg8WttfKx978cvApUUdcDl7f4wrjtn2eZ9DKPBf44g39GVfwRhYOwIAAAD7UgAAAAJoAQcKALOeJFB3sMmS90jOy31678pQLhgQIeoxWYAfF8hTVfJmB81sm9u4Wk-FYbpzAaOTRAW6uzuL4GhobdzedsrBH4VC36B_Mhcw9kNIJRGdVvuCHkEcMPJ8KFvuGTzv8QubhCNgtiRtrwESqtikP2gbbS9fS5_eHhOt9qnw_IVkFsnH6-HfGqFQLWcNFeUVIFSR2250VwmhV5fKQC6h3AnUFYVzl1WcZQHoZw8_uyE6NNaAY7xyFZkCtegvQ7aY1JLEIhssgGdNoRFCEt_TUqWdEMeznJZR3ohoy3ts2pstcVmOxpKOK2OSoxuh6o6Ro78KccAVfVvYr47A0w-KUYJKhGKqKP8MIaOOcdy5KmV8gXs2T-Sv0HdKIaGLXvW7tFqtLWVSlXhuI87hzBYdZOc4tqWu2loyQ3-zb5IhoFtmkBDIJs7bMr4-M95YxygI4hjrhkNjO81gXm6uyY_9JMR8jBEdQNoBsbcj6UmyJNdjfvuzlSGm9UEiGeY_UyVcLZ1nFJwSGOiZ6FvWgpFVPjxIEsWjAr1Nh6Esm5DrYdPAj-EyyCSrhe090TvxKH3jxqPiz0yr6qykvhRM_BDww0YSBIEfrX5DjdGoi_aJKsHiSygYG8JNe3V5H-RWm574fBPTySUUEdr__xuLomBgwE2fl40iOT0QEvkDFVEtRAcWa8wA6kxSBRs16X_QWXEi0khb3IMlYBq7QLhFhdoiwkR_g1Zpq58vI6dv1q7gG0XSWsfWBskS96YoUcTUFBVmkg6hMzq3BaqXz_rciBCvqRTvOg2XPH8YHgLXtu8lk7tC0YB9pgtXANgCWbcndquGg5-G9lSfeZGPBftG8iFwM59P-AQ4kIE2hXRRrmTLQY0Kr-lDj0TeaemuT8x5IzjllQtRUlT-dM_HPtJdLAxq5C_584HgVUQpqUOsbDF3Hfj4C0HMa7mLBLzHDM3QMY9WJVj7s1xwYPlMpsfatCbNA2CsytkG9K7lPs02YtNnpccY75PRGkbR8Fo7MQq-QFtkkwIxsaxV5ikTbaaIbSuKhltSTohV7JijRUpsyzwgA51xRftUL6BmhmwOD-TB6X7kjNsCpR6iraTEoSsSFnawCebWNhjwZf-I8WpaRDOpxrLT-I5Qn1BWxuwX-HQKuzENycxUPLPzuBv8Dsv7aukVaQ
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qiang-ni-dai-pu-nan-shen-ji-lao-13sui-ke-neng-yuan-yin-pu-guang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 99AD 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022092801&jk=1477091843568708&bg=!BQalBkLNAAYQgTJdMIE7ACkAdvg8WjuV7EPSbX5v6-Yyn9t_a7eTtGpLuTAhNk2b9LCruD_aPnIJDAIAAAECUgAAAANoAQeZArZBamf2ccM2Gr5Fk_Qob5rv3dS0ECJzFluEZwkKbUMk3scaOP0WiETWaj8f_tH72fLpj0T5jcY3BUGk69JExZ6gBhtiCaEy1vKc02demURebIDb4fDAe-P-eI-QNjZCXfh-7w-sjNqkuaxndFjrbxl9NEjKx5UsIseIvVcXRO3B6ne0HMS2F7w6Jd9k5ekVdHghmdubh1H2gxSAJkPnHOhMPkcfrul4PUJKgT2WaZ0koTWGYvA34HNHCgrYxBZFJdtv44jKGz7GXkWB7jwzBJOfVgUEF230WorsnjBzb0bxrLrY7cTQmJ2TJw43QBQa8uTiBghn7rFk6r1EUYqW36VNUNQZLUu7bmjkZuPtiyQGmLc_WZUqDQ4tCrXyl0md7U7JPuVXqo_hlsVIx0KjnGagpG2wHoLMZQv-ixPJfjlUg2fuRmOVYElFhWvYDalI9TEM9YIOQ7n8JU27-CWMkDsEhh616ZOnj_CxB9jjPe139NXkYTiLoG8SHjfuugAiTWeKj1TTqRajBdPFj73RLPGZ5MjInMQffBvkNBCV77QIMMVKRsymhKXNzqvIMQO8zTUhHpg2kdc-QLtmSDF8WqMI2uM-Awl4SRmhSp59MAQQ33svLlsrj8alvhIE5GocMSNHuYV0h2boE26gJzbg6b022LGTZ5zfh34b1yEIRTM3YVuPgC8BQUP9u0aaip8tiYj0RQ5pT-jEkJHDt2Qel0YRxvVSBMuOrY_b4j0QERcxvqH-yU1dULB6qfpyH279Xn8yT5KF01yxbQ_XeLEPTSmY9Lb1oXY9wGvfz-Z370OpsLG3AWmNOSmgfsyqevRep9XySl611yJgTloi4XtxZBOFxLVwB-15HTSOoweyHuu4LebBkxbtXV0m1PMCwjzKofL9d6FHJTZuI7W2jNlK7hlubzhC5sUD
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qiang-ni-dai-pu-nan-shen-ji-lao-13sui-ke-neng-yuan-yin-pu-guang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
smtr
contextual.media.net/ Frame 0E5D 		90 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/smtr?cb=window._mNDetails.initAd&&gdpr=0&cid=8CUABW64L&cpcd=ZNUXWKgjxAVr8bMpeLkZyA%3D%3D&crid=357234536&size=250x250&cc=AU&chnm=HARMONY&pid=8PO15GP54&tpid=TT2CP55&https=1&vif=2&requrl=https%3A%2F%2Fwww.bg3.co&nse=5&vi=1664623790352318519&lw=1&ugd=4&adt1=8CU3SX34C&adt2=529820104&bae=B44N4gN/qa&bcpf=B44N8fOnRrolnfOur84gN%2Fqa&bdrId=4&ntv=0&matchstring=hr%3D0%7Cbcat%3D11%2C47%2Ch%2Cgo%2Ci2%7Ccsh%3D1&katpre=1&katbid=-103&pgid=p0393336782t202210011129&goent=1&nb=1&cadomain=tzR-hLcl-L81q0bo4F7GnA3mMwDIDjC2d77KxBXphR_fTCDUsmLZYQ%3D%3D&allsc=NSW
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/nmedianet.js?cid=8CUABW64L
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.25.220.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-220-23.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
1b69eb69fa598c6231a4ae3544ecf1122238e5cdb8713cc8fc3558709ced3289
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-sc-w
22-00md
pragma
no-cache
date
Sat, 01 Oct 2022 11:29:51 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=0, no-cache, no-store
x-sc-h
22-fjkm
timing-allow-origin
*
content-length
33443
expires
Sat, 01 Oct 2022 11:29:51 GMT
bping.php
lg3.media.net/ Frame 0E5D 		15 B
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lg3.media.net/bping.php?vgd_len=518&&vgd_cdv=806&gdpr=0&prid=8PRVCXX19&cid=8CUABW64L&crid=357234536&vi=1664623790352318519&ugd=4&lf=6&cc=AU&sc=NSW&lper=100&wsip=2886995206&r=1664623791169&requrl=https%3A%2F%2Fwww.bg3.co&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=54203&vgd_rakh=1664623790194266398&vgd_l1rhst=contextual.media.net&vgd_rpth=%2Fnmedianet.js&vgd_hb_audit_1=8CU3SX34C&vgd_hb_audit_2=529820104&vgd_pgid=p0393336782t202210011129&vgd_pgids=1&vgd_uspa=0&hvsid=00001664623791166029185683033610&gdpr=0&vgd_l2type=sca&vgd_end=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664623789129&bpp=12&bdt=254&idt=302&shv=r20220928&mjsv=m202209280101&ptt=5&saldr=sa&correlator=2846240447644&frm=8&ife=1&pv=2&ga_vid=1086681421.1664623789&ga_sid=1664623789&ga_hid=1738764289&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C42531706%2C31070061%2C31069720&oid=2&pvsid=3982342905089135&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.ecsy7qwaozha&fsb=1&dtd=319
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.25.248.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-248-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=21600
date
Sat, 01 Oct 2022 11:29:51 GMT
server
Apache
ntcoent-length
15
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
max-age=22948
content-length
15
checksync.php
contextual.media.net/ Frame CEAB 		26 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CU3SX34C&prvid=99%2C77%2C20000%2C2033%2C262%2C241%2C3018%2C246%2C4%2C313%2C359%2C10000%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664623789129&bpp=12&bdt=254&idt=302&shv=r20220928&mjsv=m202209280101&ptt=5&saldr=sa&correlator=2846240447644&frm=8&ife=1&pv=2&ga_vid=1086681421.1664623789&ga_sid=1664623789&ga_hid=1738764289&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C42531706%2C31070061%2C31069720&oid=2&pvsid=3982342905089135&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.ecsy7qwaozha&fsb=1&dtd=319
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.25.220.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-220-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
53b2d93227aed1e39ad5c0baf449453d05567d303cd2b62af280f056a9d04fd3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
9411
content-type
text/html; charset=UTF-8
date
Sat, 01 Oct 2022 11:29:51 GMT
expires
Mon, 03 Oct 2022 11:29:51 GMT
p3p
CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
clog
hblg.media.net/ Frame 0E5D 		35 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/clog?logid=awlog&pixel_len_bucket=4510&lmt_enf=true&req_mtype%3C%3E=0&mx_bsProfileRa=0&mx_nsz=3&spSource=0&ifst=0&vid=YzgkrQAKsfwCD09DNgYfAA&s_city=taipei&ugd=4&bcat%3C%3E=1000031%23%231000030%23%2310130%23%231000024%23%231000037%23%231000036%23%231000004&exp=ssProfile%3D0%7Csfl%3Dfalse%7CssBucket%3D0%7Cbfl%3D-100%7Csch%3D1%7Cclt%3D3%7Cfl_rl%3D1%7Cdbr%3D1%7Ctpi%3D1&app=0&ctr=3.344339E-4&mx_TAF=3&device_id=4&ae=false&mx_UCC=1&prspt=headerBid&mx_bss_algos%3C%3E=0&usp_status=0&seat=BID_API&og_cbdp=0.020&size=250x250&mx_TAS=1&mx_gpid_sent=false&xtmax=290&commit_id=b180e62b&scrid=1700080812610100250025000000500&itypeid=17&mx_SPRIG=0&viewability=-1&renderer=1&be=0&rtime=13.0&adj0=0.0&tmax=300&s_ip=172.217.42.12&adj2=0.0&adj1=0.0&feedback_id=YzgkrQAKsfwCD09DNgYfAA&adtypes=0&mx_aabpc=0&reqid=YzgkrQAKsfwCD09DNgYfAA&sc=AU-NSW&sd=1&mowxReqId=8275cafd38a14c8c8137c10726d6ebc8_1&ifdp=0&requrl=https%3A%2F%2Fwww.bg3.co&bidrestime=1664623789758&pv_adtype=0&cc=AU&strg=HARMONY&pcrid=8CUABW64L-357234536-40-3&coppa_enf=true&bdp=0.020&ct=beaconsfield&spIsReq=3&s=1&abs=0%7C0%7Cxtmax%3D290%7CHARMONY%7Cbrr%3D0&mx_epbc=8CUABW64L&dnt_enf=false&mx_ssBucket=0&vls=0&asn=54203&mang=1&fleet=common-istio&mx_isLossNtf=false&advUrl=https%3A%2F%2Ftopics.businessfocus.online&dn=bg3.co&dt=O&acid=8275cafd38a14c8c8137c10726d6ebc8&actltime=20&act=headerBid&iframingState=0&mx_lr_seg_deal=0&exclattr=32%7C34%7C70%7C13%7C14%7C15%7C16%7C48%7C17%7C18%7C114%7C19%7C20%7C22%7C25%7C26%7C27%7C30%7C95&dfpBd=0.014&sckfl=1&dmm_erpm=true&mx_lr=0&mview=1&smbrid=adx-1&bfs=103&rfc=-1&prvApiId=8CUABW64L&epcexp=false&pubid=pub-ADX-101418826937&mx_bsProfile=0&cid=8CU3SX34C&bcrid=1700080812610100250025000000500&omul=1.0&res_mtype=0&suid=CAESENACMCdjL807bnhgHzc87uk&chnl=HARMONY&pst=0&reqsize=250x250&adpos=3&itype=ADX&mx_g_one_uid_sent=None&spCst=0&mx_sid=8CUABW64L&tgtval=pub-ADX-101418826937&__expireat=1664624390013&lmt_status=N&reftype=0&prvAccId=357234536&ckfl=0&lper=1&mx_tgs=250x250%7C300x250%7C336x280&dummy_vsid=false&cbdp=0.014&pvdTmax=254&ltime=20.0&epc=357234536&ctr_vendor=EXCHANGE&prvReqId=39679432053656_416911690_52982010441&zip=2015&exid=31&spFst=0&mx_GCID=0&cliIPType=v4&pexid=ADX-pub-4485239425924787&ybnca_erpm=0.01&brsrclk=0&sbdrid=186&mx_bsBucketRa=0&rtttime=26&apTags%3C%3E=75&mx_PC=1&wsip=mowx-istio-764866d65d-gfzjc&currsrc_date=2022-09-30+00%3A00%3A00&psrc=fail&geoll=false&omid=0&debug_ts=2022-10-01+11%3A29%3A49&policy_enf=2&mx_ssProfile=0&mx_SC=0&reftime=0&pbidflr=0.010&spbf=0&currsrc=API&fpusp=false&lmt_applied=N&mnrfc=-1&pub_blk_enf=1&amptype=1&moau=true&ocurr=USD&snm=SUCCESS&mx_IAB2=0&usp_enf=1&bidflr=0.010&incentive_type=0&pid=8PR113JGC&spTo=3&pvid=4&schain_cmpl=1&is_ortb=false&mx_aurl_hc=0&ucrid_ver=2&mx_maq_call=false&mx_uid_sent=0&mx_sbp=-10.0&mnrf=0&slotVisibility=2&dbf=1&gdpr=0&gqid=AMVB_Pl3GGCK7uP4O_frVP_5i-kP_VYjzqie0MZ8fY-gLcLAmlF5M434sYyK9AQggjFxsBDg&dmm_ogerpm=false&csip=rtb-common-istio-9f7d664b7-9g2gj.SG&mx_bsBucket=0&mx_aurt=0&spIvt=3&ptype=23&media=0&acsn=1&dtc=apac_sg&cat=IAB-3&mx_aqcpl_crid=4&ogbdp=0.02&tpbTkn=false&adblk=3314916115&fpuReq=1&vcmplrt=-1.0&crid=529820104&geo_source=2&sat=1&mnet_ckfl=0&opbidflr=0.010&impId=1&rme=adm&bdata=sd2%3Dnull~iurl_l%3D50~ogerpm%3D0.01~vis_sd%3D30~dc2%3D1~scd%3Dnsw~v_asn%3D54203~vl2r_sd%3D2022093021~iurl_b%3D78616.35~url_tkc%3D0~std%3D~last%3D~vis_url_b%3D0.11~ip%3D3bw0Uw~fbb%3D0~vis_url_l%3D40~riipua%3D101%2C102~et%3D9~rc%3D1~risuid%3D0%2C0~rps_sd%3D2022100107~vis_b%3D130.31~url_b%3D0.01~url_tvi%3D1307~url_l%3D50~gcat%3D-1~bb%3D186~vv%3D0~l2r_b%3D1000~erpm%3D0.01~MFB%3DZW~bm%3D0.99~sid%3D530814538d73e7b3f2af2a8e26eb3fc5~sd%3D1~uid%3DgYpB61XwW6UnHgaLA2~btd%3D248904454597467090651812309051811162458017523719768629008489594256123559451020653559812~d2p_l%3D70~3pcf%3D2.02~uim%3D0~og_msh%3D0.01~dmm_strg%3Dharmony~d2p_b%3D0.66~ogd2p_b%3D0.61~vurl_b%3D0.07~ss%3DNA~uiw%3D-1~ce%3D0~rps_b%3D16.52~vurl_l%3D50~CI%3D2745~nts%3D3~tb%3D-1~ct%3Dbeaconsfield~basis2%3D196~basis1%3D196~isRef%3D0~ivurl_b%3D13.94~isif%3D0~lc%3D3~bid%3D0.02~dc%3D8~vl2r_b%3D0.89~ivurl_l%3D50~supply_tag_id%3D%7Eamp%3D1%7Ecbdp%3D0.014%7Edmm%3Dharmony%7Esuid%3DCAESENACMCdjL807bnhgHzc87uk%7Esd%3D1%7Edtc%3Dapac_sg%7Exid%3DADX-pub-4485239425924787%7Edalg%3Ddefault%7Ehtml%3D1%7Eadblk%3D3314916115%7Esobp%3D%7Ectr%3D3.344339E-4%7Ebdpcapd%3D0%7Edmm_erpm%3Dtrue%7Ebflr%3D0.010%7Eogbid%3D0.020%7Eac_type%3D1%7Eitype_id%3D17%7Eseller_tag_id%3D%7Edetected_tag_id%3D%7Edcut%3D1%7Edogb%3D0-1~ibc%3D1~ddt%3D-1~nsz%3D3~tgs%3D250x250%7C300x250%7C336x280~bsb%3D0~bsp%3D0~tmx%3D254&utime=1409&sf=0&cpr=0.19778760067757029
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664623789129&bpp=12&bdt=254&idt=302&shv=r20220928&mjsv=m202209280101&ptt=5&saldr=sa&correlator=2846240447644&frm=8&ife=1&pv=2&ga_vid=1086681421.1664623789&ga_sid=1664623789&ga_hid=1738764289&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C42531706%2C31070061%2C31069720&oid=2&pvsid=3982342905089135&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.ecsy7qwaozha&fsb=1&dtd=319
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.25.248.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-248-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
max-age=3600
date
Sat, 01 Oct 2022 11:29:51 GMT
strict-transport-security
max-age=86400 ; includeSubDomains
server
Apache
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=21600
content-length
35
expires
Sat, 01 Oct 2022 17:29:51 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 41C1 		1 KB
755 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664623789129&bpp=12&bdt=254&idt=302&shv=r20220928&mjsv=m202209280101&ptt=5&saldr=sa&correlator=2846240447644&frm=8&ife=1&pv=2&ga_vid=1086681421.1664623789&ga_sid=1664623789&ga_hid=1738764289&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C42531706%2C31070061%2C31069720&oid=2&pvsid=3982342905089135&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.ecsy7qwaozha&fsb=1&dtd=319
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
60650
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 30 Sep 2022 18:39:01 GMT
etag
48472445140208031
expires
Sat, 01 Oct 2022 18:39:01 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 0E5D 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
630d602b744d1fbdd2dd125e51b2581743ba230c89578c0c566ba7a27b2b5764

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
smtr
contextual.media.net/ Frame F7A1 		90 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/smtr?cb=window._mNDetails.initAd&&gdpr=0&cid=8CUABW64L&cpcd=ZNUXWKgjxAVr8bMpeLkZyA%3D%3D&crid=357234536&size=250x250&cc=AU&chnm=HARMONY&pid=8PO15GP54&tpid=TT2CP55&https=1&vif=2&requrl=https%3A%2F%2Fwww.bg3.co&nse=5&vi=1664623790184782149&lw=1&ugd=4&adt1=8CU3SX34C&adt2=529820104&bae=B44N4gN/qa&bcpf=B8fOnRrolnfOur844N4gN%2Fqa&bdrId=313&ntv=0&matchstring=hr%3D0%7Cbcat%3D11%2Ca%2C13%2C47%2C14h%2C3y%2Ck2%2Cov%2Ch%2Cgo%2Ci%2Cj3%2Ci2%2C150%2C133%2C3%2C149%2C4k%2C13a%7Ccsh%3D1&katpre=1&katbid=-103&pgid=p0393336782t202210011129&goent=1&nb=1&cadomain=tzR-hLcl-L81q0bo4F7GnA3mMwDIDjC2d77KxBXphR_fTCDUsmLZYQ%3D%3D&allsc=NSW
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/nmedianet.js?cid=8CUABW64L
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.25.220.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-220-23.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
60124fb3ef6c2b27a806f40c62188fb221f02aa9b4d1ccaf371767ea08eba2ee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-sc-w
22-c10f
pragma
no-cache
date
Sat, 01 Oct 2022 11:29:51 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=0, no-cache, no-store
x-sc-h
22-xpnl
timing-allow-origin
*
content-length
33469
expires
Sat, 01 Oct 2022 11:29:51 GMT
bping.php
lg3.media.net/ Frame F7A1 		15 B
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lg3.media.net/bping.php?vgd_len=518&&vgd_cdv=806&gdpr=0&prid=8PRVCXX19&cid=8CUABW64L&crid=357234536&vi=1664623790184782149&ugd=4&lf=6&cc=AU&sc=NSW&lper=100&wsip=2886995206&r=1664623791363&requrl=https%3A%2F%2Fwww.bg3.co&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=54203&vgd_rakh=1664623790167019783&vgd_l1rhst=contextual.media.net&vgd_rpth=%2Fnmedianet.js&vgd_hb_audit_1=8CU3SX34C&vgd_hb_audit_2=529820104&vgd_pgid=p0393336782t202210011129&vgd_pgids=1&vgd_uspa=0&hvsid=00001664623791360029185683031708&gdpr=0&vgd_l2type=sca&vgd_end=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664623789109&bpp=12&bdt=241&idt=291&shv=r20220928&mjsv=m202209260101&ptt=5&saldr=sa&correlator=3320968579404&frm=8&ife=1&pv=2&ga_vid=208553748.1664623789&ga_sid=1664623789&ga_hid=278133060&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C42531705%2C44774606&oid=2&pvsid=1158264308673769&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.4v6z4brohjt0&fsb=1&dtd=307
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.25.248.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-248-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=21600
date
Sat, 01 Oct 2022 11:29:51 GMT
server
Apache
ntcoent-length
15
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
max-age=22948
content-length
15
checksync.php
contextual.media.net/ Frame 0DCF 		26 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CU3SX34C&prvid=99%2C77%2C20000%2C2033%2C262%2C241%2C3018%2C246%2C4%2C313%2C359%2C10000%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664623789109&bpp=12&bdt=241&idt=291&shv=r20220928&mjsv=m202209260101&ptt=5&saldr=sa&correlator=3320968579404&frm=8&ife=1&pv=2&ga_vid=208553748.1664623789&ga_sid=1664623789&ga_hid=278133060&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C42531705%2C44774606&oid=2&pvsid=1158264308673769&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.4v6z4brohjt0&fsb=1&dtd=307
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.25.220.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-220-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
53b2d93227aed1e39ad5c0baf449453d05567d303cd2b62af280f056a9d04fd3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
9411
content-type
text/html; charset=UTF-8
date
Sat, 01 Oct 2022 11:29:51 GMT
expires
Mon, 03 Oct 2022 11:29:51 GMT
p3p
CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
clog
hblg.media.net/ Frame F7A1 		35 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/clog?logid=awlog&pixel_len_bucket=4649&lmt_enf=true&req_mtype%3C%3E=0&mx_bsProfileRa=0&mx_nsz=3&spSource=0&ifst=0&vid=YzgkrQALmWkD5_99LQO4ZA&s_city=dallesport&ugd=4&bcat%3C%3E=1000037%23%2310539%23%231000036%23%231000004%23%2313612%23%2313740%23%2310445%23%2310031%23%2313423%23%231000031%23%231000030%23%2310130%23%2311669%23%2313525%23%2313589%23%231000024%23%2310648%23%2311321%23%2310106%23%2310366%23%2313566&exp=sfl%3Dfalse%7CssBucket%3D0%7Cbfl%3D-100%7Csch%3D1%7Cclt%3D3%7CssProfile%3D0%7Cdbr%3D1%7Ctpi%3D1&app=0&ctr=3.344339E-4&mx_TAF=3&device_id=4&ae=false&mx_UCC=1&prspt=headerBid&mx_bss_algos%3C%3E=0&usp_status=0&seat=BID_API&og_cbdp=0.020&size=250x250&mx_TAS=1&mx_gpid_sent=false&xtmax=100&commit_id=b180e62b&scrid=1700080812610100250025000000500&itypeid=17&mx_SPRIG=0&viewability=-1&renderer=1&be=0&rtime=12.0&adj0=0.0&tmax=300&s_ip=172.217.46.129&adj2=0.0&adj1=0.0&feedback_id=YzgkrQALmWkD5_99LQO4ZA&adtypes=0&mx_aabpc=0&reqid=YzgkrQALmWkD5_99LQO4ZA&sc=AU-NSW&sd=1&mowxReqId=7051a0456e3b4be9ade00f1d49cf7e2b_1&ifdp=0&requrl=https%3A%2F%2Fwww.bg3.co&bidrestime=1664623789866&pv_adtype=0&cc=AU&strg=HARMONY&pcrid=8CUABW64L-357234536-40-21&coppa_enf=true&bdp=0.020&ct=beaconsfield&spIsReq=3&s=1&abs=0%7C0%7Cxtmax%3D100%7CHARMONY%7Cbrr%3D1&mx_epbc=8CUABW64L&dnt_enf=false&mx_ssBucket=0&vls=0&asn=54203&mang=1&fleet=common-istio&mx_isLossNtf=false&advUrl=https%3A%2F%2Ftopics.businessfocus.online&dn=bg3.co&dt=O&acid=7051a0456e3b4be9ade00f1d49cf7e2b&actltime=19&act=headerBid&iframingState=0&mx_lr_seg_deal=0&exclattr=32%7C34%7C70%7C13%7C14%7C15%7C16%7C48%7C17%7C114%7C18%7C19%7C20%7C22%7C25%7C26%7C27%7C30%7C95&dfpBd=0.014&sckfl=1&dmm_erpm=true&mx_lr=0&mview=1&smbrid=adx-1&bfs=103&rfc=-1&prvApiId=8CUABW64L&epcexp=false&pubid=pub-ADX-101418826937&mx_bsProfile=0&cid=8CU3SX34C&bcrid=1700080812610100250025000000500&omul=1.0&res_mtype=0&suid=CAESEDHJ1q9fwzkjKJYrHkyvrZM&chnl=HARMONY&pst=0&reqsize=250x250&adpos=3&itype=ADX&mx_g_one_uid_sent=None&spCst=0&mx_sid=8CUABW64L&tgtval=pub-ADX-101418826937&__expireat=1664624390120&lmt_status=N&reftype=0&prvAccId=357234536&ckfl=0&lper=1&mx_tgs=250x250%7C300x250%7C336x280&dummy_vsid=false&cbdp=0.014&pvdTmax=75&ltime=19.0&epc=357234536&ctr_vendor=EXCHANGE&prvReqId=38825707890236_2025266781_52982010413131&zip=2015&exid=31&spFst=0&mx_GCID=0&cliIPType=v4&pexid=ADX-pub-4485239425924787&ybnca_erpm=0.01&brsrclk=0&sbdrid=186&mx_bsBucketRa=0&rtttime=23&apTags%3C%3E=75&mx_PC=1&wsip=mowx-istio-764866d65d-srtcv&currsrc_date=2022-09-30+00%3A00%3A00&psrc=fail&geoll=false&omid=0&debug_ts=2022-10-01+11%3A29%3A49&policy_enf=2&mx_ssProfile=0&mx_SC=0&reftime=0&pbidflr=0.010&spbf=0&currsrc=API&fpusp=false&lmt_applied=N&mnrfc=-1&pub_blk_enf=1&amptype=1&moau=true&ocurr=USD&snm=SUCCESS&mx_IAB2=0&usp_enf=1&bidflr=0.010&incentive_type=0&pid=8PR113JGC&spTo=3&pvid=313&schain_cmpl=1&is_ortb=false&mx_aurl_hc=0&ucrid_ver=2&mx_maq_call=false&mx_uid_sent=0&mx_sbp=-10.0&mnrf=0&slotVisibility=2&dbf=1&gdpr=0&gqid=AMVB_PnJQkNLh3Yp7QQ8ZDOwbZjS24Zr1SXyZRrO-Z09mxd-tkfFP-rD7NJeOqz-Ptw7IkCs&dmm_ogerpm=false&csip=rtb-common-istio-9f7d664b7-g8ns9.SG&mx_bsBucket=0&mx_aurt=0&spIvt=3&ptype=23&media=0&acsn=1&dtc=apac_sg&cat=IAB-3&mx_aqcpl_crid=4&ogbdp=0.02&tpbTkn=false&adblk=3314916115&fpuReq=0&vcmplrt=-1.0&crid=529820104&geo_source=2&sat=1&mnet_ckfl=0&opbidflr=0.010&impId=1&rme=adm&bdata=sd2%3Dnull~iurl_l%3D50~ogerpm%3D0.01~vis_sd%3D28~dc2%3D1~scd%3Dnsw~v_asn%3D54203~vl2r_sd%3D2022100105~iurl_b%3D78616.35~url_tkc%3D0~std%3D~last%3D~vis_url_b%3D0.11~ip%3D3bw0Uw~fbb%3D0~vis_url_l%3D40~riipua%3D101%2C102~et%3D12~rc%3D1~risuid%3D0%2C0~rps_sd%3D2022100106~vis_b%3D131.13~url_b%3D0.01~url_tvi%3D1307~url_l%3D50~gcat%3D-1~bb%3D186~vv%3D0~l2r_b%3D1000~erpm%3D0.01~MFB%3D10K~bm%3D0.9~sid%3D530814538d73e7b3f2af2a8e26eb3fc5~sd%3D1~uid%3D1HeXvShTphieNIRSmk~btd%3D248904454597467090618112375717872982440897885008561149912304659836408082223795677761540~d2p_l%3D70~3pcf%3D1.47~uim%3D0~dmm_strg%3Dharmony~d2p_b%3D0.78~ogd2p_b%3D0.61~vurl_b%3D0.07~ss%3DNA~uiw%3D-1~ce%3D0~rps_b%3D12.79~vurl_l%3D50~CI%3D2745~nts%3D3~tb%3D-1~ct%3Dbeaconsfield~basis2%3D196~basis1%3D196~isRef%3D0~ivurl_b%3D13.85~isif%3D0~lc%3D3~bid%3D0.02~dc%3D8~vl2r_b%3D0.8~ivurl_l%3D50~supply_tag_id%3D%7Eamp%3D1%7Ecbdp%3D0.014%7Edmm%3Dharmony%7Esuid%3DCAESEDHJ1q9fwzkjKJYrHkyvrZM%7Esd%3D1%7Edtc%3Dapac_sg%7Exid%3DADX-pub-4485239425924787%7Edalg%3Dunison11%7Ehtml%3D1%7Eadblk%3D3314916115%7Esobp%3D%7Ectr%3D3.344339E-4%7Ebdpcapd%3D0%7Edmm_erpm%3Dfalse%7Ebflr%3D0.010%7Eogbid%3D0.020%7Eac_type%3D1%7Eitype_id%3D17%7Eseller_tag_id%3D%7Edetected_tag_id%3D%7Edcut%3D1%7Edogb%3D0-1~ibc%3D1~ddt%3D-1~nsz%3D3~tgs%3D250x250%7C300x250%7C336x280~bsb%3D0~bsp%3D0~tmx%3D75&utime=1497&sf=0&cpr=0.7361013169858568
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664623789109&bpp=12&bdt=241&idt=291&shv=r20220928&mjsv=m202209260101&ptt=5&saldr=sa&correlator=3320968579404&frm=8&ife=1&pv=2&ga_vid=208553748.1664623789&ga_sid=1664623789&ga_hid=278133060&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C42531705%2C44774606&oid=2&pvsid=1158264308673769&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.4v6z4brohjt0&fsb=1&dtd=307
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.25.248.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-248-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
max-age=3600
date
Sat, 01 Oct 2022 11:29:51 GMT
strict-transport-security
max-age=86400 ; includeSubDomains
server
Apache
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=21600
content-length
35
expires
Sat, 01 Oct 2022 17:29:51 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 20D6 		1 KB
755 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664623789109&bpp=12&bdt=241&idt=291&shv=r20220928&mjsv=m202209260101&ptt=5&saldr=sa&correlator=3320968579404&frm=8&ife=1&pv=2&ga_vid=208553748.1664623789&ga_sid=1664623789&ga_hid=278133060&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C42531705%2C44774606&oid=2&pvsid=1158264308673769&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.4v6z4brohjt0&fsb=1&dtd=307
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
60650
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 30 Sep 2022 18:39:01 GMT
etag
48472445140208031
expires
Sat, 01 Oct 2022 18:39:01 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame F7A1 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c2e9c7209b8215c5cddc6d22ffc14d2c0e203faa0e3aed8c1b13b272ee57cdc0

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
pixel
cm.g.doubleclick.net/ Frame 41C1
Redirect Chain
  • https://sync.fout.jp/sync?xid=googleadex&g_pixel=&google_gid=CAESELaEF6B2mLOXk8FGjO3oQwU&google_cver=1&google_push=AZmPxg-nwdOSqA-Pv3OrHIBj2SKGNrCKzA7nk--20U2eQAcv8xJKpzwA0GIFDBHdbJdaGSrreT8StbbIpz...
  • https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=AZmPxg-nwdOSqA-Pv3OrHIBj2SKGNrCKzA7nk--20U2eQAcv8xJKpzwA0GIFDBHdbJdaGSrreT8StbbIpzHfk4nSLKDFDfmRi8G_RKMUW8XIQKW6Pcw1yoIMYVJed_Y8Lb...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=AZmPxg-nwdOSqA-Pv3OrHIBj2SKGNrCKzA7nk--20U2eQAcv8xJKpzwA0GIFDBHdbJdaGSrreT8StbbIpzHfk4nSLKDFDfmRi8G_RKMUW8XIQKW6Pcw1yoIMYVJed_Y8Lbmjfa-11bwoZrdXLborHUma4UY&google_hm=QVRwX0RrV1RXdWNCNHRyZWRRdjEtcC1mSEJZ&from_google=pc1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664623789129&bpp=12&bdt=254&idt=302&shv=r20220928&mjsv=m202209280101&ptt=5&saldr=sa&correlator=2846240447644&frm=8&ife=1&pv=2&ga_vid=1086681421.1664623789&ga_sid=1664623789&ga_hid=1738764289&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C42531706%2C31070061%2C31069720&oid=2&pvsid=3982342905089135&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.ecsy7qwaozha&fsb=1&dtd=319
Protocol
H3
Server
172.253.118.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 11:29:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 01 Oct 2022 11:29:52 GMT
Strict-Transport-Security
max-age=15768000
Server
nginx
Transfer-Encoding
chunked
P3P
CP="ADM NOI OUR"
Location
https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=AZmPxg-nwdOSqA-Pv3OrHIBj2SKGNrCKzA7nk--20U2eQAcv8xJKpzwA0GIFDBHdbJdaGSrreT8StbbIpzHfk4nSLKDFDfmRi8G_RKMUW8XIQKW6Pcw1yoIMYVJed_Y8Lbmjfa-11bwoZrdXLborHUma4UY&google_hm=QVRwX0RrV1RXdWNCNHRyZWRRdjEtcC1mSEJZ&from_google=pc1
Cache-Control
private, no-cache, no-cache="Set-Cookie", proxy-revalidate
Connection
keep-alive
AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 41C1 		0
174 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEAzlnxq7F8F-8VhmUFCDAwY&google_cver=1&google_push=AZmPxg9E0JvJ2tvuXkbUHUIFUhHkc13vOkSmso7hqCgqOD8zxS0JQ2RzWZt41lNbt4AFKTkGY_Gfy2BrbWA0qH0TdkQUDyHh7HIF-ps7HeFX8rW6LcfqwhSo22JpmDoLInlPMj99OXYDRs56D62sgM-pfA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664623789129&bpp=12&bdt=254&idt=302&shv=r20220928&mjsv=m202209280101&ptt=5&saldr=sa&correlator=2846240447644&frm=8&ife=1&pv=2&ga_vid=1086681421.1664623789&ga_sid=1664623789&ga_hid=1738764289&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C42531706%2C31070061%2C31069720&oid=2&pvsid=3982342905089135&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.ecsy7qwaozha&fsb=1&dtd=319
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 11:29:51 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pixel
cm.g.doubleclick.net/ Frame 41C1
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEMkwoeH-vv7h9fqmCigiRfs&google_cver=1&google_push=AZmPxg8yp4xqfnZFlUeiEB0naFoRKnolDJtTJXqSFdlTYYK42k_rb0F77CmcXndc6d5MJHeN0cje_GLD...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEMkwoeH-vv7h9fqmCigiRfs&google_cver=1&google_push=AZmPxg8yp4xqfnZFlUeiEB0naFoRKnolDJtTJXqSFdlTYYK42k_rb0F77CmcXndc6d5MJHeN0cj...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTQwMTQ2NDIxMjIyNTAxMzQ0MA&google_push=AZmPxg8yp4xqfnZFlUeiEB0naFoRKnolDJtTJXqSFdlTYYK42k_rb0F77CmcXndc6d5MJHeN0cje_G...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTQwMTQ2NDIxMjIyNTAxMzQ0MA&google_push=AZmPxg8yp4xqfnZFlUeiEB0naFoRKnolDJtTJXqSFdlTYYK42k_rb0F77CmcXndc6d5MJHeN0cje_GLDKbTlCFfFXdUDPRlRTWMDTcUyqw4vJJ3x5cW1ughcJFuPBjajH4T6iHTIM8CtKA7U5yIRuIE5Qg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qiang-ni-dai-pu-nan-shen-ji-lao-13sui-ke-neng-yuan-yin-pu-guang.html
Protocol
H3
Server
172.253.118.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 11:29:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 01 Oct 2022 11:29:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTQwMTQ2NDIxMjIyNTAxMzQ0MA&google_push=AZmPxg8yp4xqfnZFlUeiEB0naFoRKnolDJtTJXqSFdlTYYK42k_rb0F77CmcXndc6d5MJHeN0cje_GLDKbTlCFfFXdUDPRlRTWMDTcUyqw4vJJ3x5cW1ughcJFuPBjajH4T6iHTIM8CtKA7U5yIRuIE5Qg
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame 41C1
Redirect Chain
  • https://sync.dsp.reemo-ad.jp/google_adx?google_gid=CAESECmTADH3wl8OFgQZ883GZXQ&google_cver=1&google_push=AZmPxg9m-NBQbjfkDAUQ5EtMEMuXu_nbTL7M5IwA7zDMqMvn9FTm2wmFbpPU6_YhOyn4wxYFEiR8h9UNSiZg7qhLYEQw...
  • https://cm.g.doubleclick.net/pixel?google_nid=gmo_ad_marketing&google_push=AZmPxg9m-NBQbjfkDAUQ5EtMEMuXu_nbTL7M5IwA7zDMqMvn9FTm2wmFbpPU6_YhOyn4wxYFEiR8h9UNSiZg7qhLYEQwKobCUoUQH7pHpxsjccU6cEeYQDahoE...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gmo_ad_marketing&google_push=AZmPxg9m-NBQbjfkDAUQ5EtMEMuXu_nbTL7M5IwA7zDMqMvn9FTm2wmFbpPU6_YhOyn4wxYFEiR8h9UNSiZg7qhLYEQwKobCUoUQH7pHpxsjccU6cEeYQDahoEbcZiiEPVf5McGZFy6EnhRUotSmSNJDs_8
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qiang-ni-dai-pu-nan-shen-ji-lao-13sui-ke-neng-yuan-yin-pu-guang.html
Protocol
H3
Server
172.253.118.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 11:29:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=gmo_ad_marketing&google_push=AZmPxg9m-NBQbjfkDAUQ5EtMEMuXu_nbTL7M5IwA7zDMqMvn9FTm2wmFbpPU6_YhOyn4wxYFEiR8h9UNSiZg7qhLYEQwKobCUoUQH7pHpxsjccU6cEeYQDahoEbcZiiEPVf5McGZFy6EnhRUotSmSNJDs_8
date
Sat, 01 Oct 2022 11:29:52 GMT
server
nginx
pixel
cm.g.doubleclick.net/ Frame 41C1
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESELP5paSUnII92O3u2tiH_tE&google_cver=1&google_push=AZmPxg_LgU9mupZba9RHnd23rTnDKjPPIpFj1UyUb3lUBqF0LlzzWdLvsxMBggb6gqLtZIMTC5gosIupT1Pt6mbTSPvpcTHNi1...
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=0&gdpr_consent=&us_privacy=&sync=1&google_push=AZmPxg_LgU9mupZba9RHnd23rTnDKjPPIpFj1UyUb3lUBqF0LlzzWdLvsxMBggb6gqLtZIMTC5gosIupT1Pt6mbTSPvpcTHNi1j...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjkzOTkxMjM4NjIyODM2NDgyNTY2Mw%3D%3D&google_push=AZmPxg_LgU9mupZba9RHnd23rTnDKjPPIpFj1UyUb3lUBqF0LlzzWdLv...
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjkzOTkxMjM4NjIyODM2NDgyNTY2Mw%3D%3D&google_push=AZmPxg_LgU9mupZba9RHnd23rTnDKjPPIpFj1UyUb3lUBqF0LlzzWdLvsxMBggb6gqLtZIMTC5gosIupT1Pt6mbTSPvpcTHNi1jbETOpRTe5UtwbsaKe8bm_810UlVLXmvlMhypT-hPeBjSR1iH4ErCovGk
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664623789129&bpp=12&bdt=254&idt=302&shv=r20220928&mjsv=m202209280101&ptt=5&saldr=sa&correlator=2846240447644&frm=8&ife=1&pv=2&ga_vid=1086681421.1664623789&ga_sid=1664623789&ga_hid=1738764289&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C42531706%2C31070061%2C31069720&oid=2&pvsid=3982342905089135&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.ecsy7qwaozha&fsb=1&dtd=319
Protocol
H2
Server
172.253.118.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 11:29:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjkzOTkxMjM4NjIyODM2NDgyNTY2Mw%3D%3D&google_push=AZmPxg_LgU9mupZba9RHnd23rTnDKjPPIpFj1UyUb3lUBqF0LlzzWdLvsxMBggb6gqLtZIMTC5gosIupT1Pt6mbTSPvpcTHNi1jbETOpRTe5UtwbsaKe8bm_810UlVLXmvlMhypT-hPeBjSR1iH4ErCovGk
date
Sat, 01 Oct 2022 11:29:51 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pixel
cm.g.doubleclick.net/ Frame 41C1
Redirect Chain
  • https://google.dap.fw-ad.jp/dsp/google/pixel?google_gid=CAESEL6cJi7ybLl6esYJaBo55E4&google_cver=1&google_push=AZmPxg9EzhG04trNfugnawBBurZYAyQr2IYzF-143mLa6oKVhvv-yqPP1QkgSl0DybhFURK7WElT58zzmu_x-EE...
  • https://cm.g.doubleclick.net/pixel?google_nid=docomo_ads_platform&google_push=AZmPxg9EzhG04trNfugnawBBurZYAyQr2IYzF-143mLa6oKVhvv-yqPP1QkgSl0DybhFURK7WElT58zzmu_x-EEI5fsi0HI0Z7fCmPBg89qTH947AVUaEpV...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=docomo_ads_platform&google_push=AZmPxg9EzhG04trNfugnawBBurZYAyQr2IYzF-143mLa6oKVhvv-yqPP1QkgSl0DybhFURK7WElT58zzmu_x-EEI5fsi0HI0Z7fCmPBg89qTH947AVUaEpVNOARVGvm62hHzq7HnrdwcCS9pxsC6HvikISY&google_hm=ZTg2ZGM0NTQtMjI5OC0zZTQxLTk2ZTUtODI3NmU3NjMwM2Ux
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664623789129&bpp=12&bdt=254&idt=302&shv=r20220928&mjsv=m202209280101&ptt=5&saldr=sa&correlator=2846240447644&frm=8&ife=1&pv=2&ga_vid=1086681421.1664623789&ga_sid=1664623789&ga_hid=1738764289&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C42531706%2C31070061%2C31069720&oid=2&pvsid=3982342905089135&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.ecsy7qwaozha&fsb=1&dtd=319
Protocol
H2
Server
172.253.118.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 11:29:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=docomo_ads_platform&google_push=AZmPxg9EzhG04trNfugnawBBurZYAyQr2IYzF-143mLa6oKVhvv-yqPP1QkgSl0DybhFURK7WElT58zzmu_x-EEI5fsi0HI0Z7fCmPBg89qTH947AVUaEpVNOARVGvm62hHzq7HnrdwcCS9pxsC6HvikISY&google_hm=ZTg2ZGM0NTQtMjI5OC0zZTQxLTk2ZTUtODI3NmU3NjMwM2Ux
date
Sat, 01 Oct 2022 11:29:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
no-store
content-length
0
pixel
cm.g.doubleclick.net/ Frame 41C1
Redirect Chain
  • https://sync.inmobi.com/gob?google_gid=CAESEOT60gaGIbkSfyLVcrDzL7o&google_cver=1&google_push=AZmPxg8ku7vsM5AT7bQiq_Qh_B6zBRp8SewoAMY_OUhFq_an7sQvGE6Jl4bJgLLQ8Xy5vugNlUM53zHw8H5vo3pwIOSmDJJb3XUP200m...
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAZmPxg8ku7vsM5AT7bQiq_Qh_B6zBRp8SewoAMY_OUhFq_an...
  • https://id5-sync.com/c/495/0/0/1.gif?gdpr=0&gdpr_consent=&us_privacy=
  • https://sync.inmobi.com/gobRedirectFromId5?id=ID5-ZHMOOr1mdmsHhbRE_L0uf7A7vvpDP1I0aCej4KknhQ&google_push=AZmPxg8ku7vsM5AT7bQiq_Qh_B6zBRp8SewoAMY_OUhFq_an7sQvGE6Jl4bJgLLQ8Xy5vugNlUM53zHw8H5vo3pwIOSm...
  • https://cm.g.doubleclick.net/pixel?google_hm=i8ciPZzEUaVusorpnHmV&google_push=AZmPxg8ku7vsM5AT7bQiq_Qh_B6zBRp8SewoAMY_OUhFq_an7sQvGE6Jl4bJgLLQ8Xy5vugNlUM53zHw8H5vo3pwIOSmDJJb3XUP200mHbp5PibtPnTi7OA...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_hm=i8ciPZzEUaVusorpnHmV&google_push=AZmPxg8ku7vsM5AT7bQiq_Qh_B6zBRp8SewoAMY_OUhFq_an7sQvGE6Jl4bJgLLQ8Xy5vugNlUM53zHw8H5vo3pwIOSmDJJb3XUP200mHbp5PibtPnTi7OAxzp1DK7Art_C2wyQ8bKXo6P1i14z4htelAoVV&google_nid=inmobi_new_eb
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qiang-ni-dai-pu-nan-shen-ji-lao-13sui-ke-neng-yuan-yin-pu-guang.html
Protocol
H3
Server
172.253.118.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 11:29:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 01 Oct 2022 11:29:54 GMT
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies
none
referrer-policy
no-referrer
expect-ct
max-age=0
x-dns-prefetch-control
off
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=utf-8
location
https://cm.g.doubleclick.net/pixel?google_hm=i8ciPZzEUaVusorpnHmV&google_push=AZmPxg8ku7vsM5AT7bQiq_Qh_B6zBRp8SewoAMY_OUhFq_an7sQvGE6Jl4bJgLLQ8Xy5vugNlUM53zHw8H5vo3pwIOSmDJJb3XUP200mHbp5PibtPnTi7OAxzp1DK7Art_C2wyQ8bKXo6P1i14z4htelAoVV&google_nid=inmobi_new_eb
x-download-options
noopen
vary
Accept
content-length
281
x-xss-protection
0
attr
cm.g.doubleclick.net/pixel/ Frame 41C1 		0
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13ImhqDZESUOIcYy-O5YNer2h5v2uuAvRFp8lc5YWZcUVxh7ne-wEOI0AU7QWg5PRbcZ7DAcRQU
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664623789129&bpp=12&bdt=254&idt=302&shv=r20220928&mjsv=m202209280101&ptt=5&saldr=sa&correlator=2846240447644&frm=8&ife=1&pv=2&ga_vid=1086681421.1664623789&ga_sid=1664623789&ga_hid=1738764289&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C42531706%2C31070061%2C31069720&oid=2&pvsid=3982342905089135&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.ecsy7qwaozha&fsb=1&dtd=319
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 11:29:51 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
cksync
cs.media.net/ Frame CEAB
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?cs=6&google_nid=media&google_cm=1&google_hm=MzA3NjI1MzkxNjgzMDM3MTAwMFYxMA%3D%3D&google_sc=1
  • https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEDL-Uy_FzE-v01Rls63mTCY&google_cver=1
45 B
445 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEDL-Uy_FzE-v01Rls63mTCY&google_cver=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CU3SX34C&prvid=99%2C77%2C20000%2C2033%2C262%2C241%2C3018%2C246%2C4%2C313%2C359%2C10000%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Protocol
H2
Server
184.25.248.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-248-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 11:29:52 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Sat, 01 Oct 2022 11:29:52 GMT

Redirect headers

pragma
no-cache
date
Sat, 01 Oct 2022 11:29:51 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEDL-Uy_FzE-v01Rls63mTCY&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync
cs.media.net/ Frame CEAB
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=94fe3cf1-3e44-4ca9-b31e-4d20824c3f42
45 B
450 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=94fe3cf1-3e44-4ca9-b31e-4d20824c3f42
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CU3SX34C&prvid=99%2C77%2C20000%2C2033%2C262%2C241%2C3018%2C246%2C4%2C313%2C359%2C10000%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Protocol
H2
Server
184.25.248.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-248-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 11:29:51 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Sat, 01 Oct 2022 11:29:51 GMT

Redirect headers

pragma
no-cache
date
Sat, 01 Oct 2022 11:29:51 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=94fe3cf1-3e44-4ca9-b31e-4d20824c3f42
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
199
publishertag.prebid.js
static.criteo.net/js/ld/ 		88 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 11:29:51 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Sat, 17 Sep 2022 19:59:55 GMT
server
nginx
etag
W/"6326273b-16120"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 02 Oct 2022 11:29:51 GMT
dpixel
cms.quantserve.com/ Frame 20D6 		35 B
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEExNAypDvUrNiceOZ4NyWsk&google_cver=1&google_push=AZmPxg-uKjZZIyVXkyC8I0UPABD7fC9_-hZwG_S0aIH-oBC0AGdUtPw0J_IJx9h1oapErpypXI9-1wft2h4_pN3P3nrmUePV-2s
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664623789109&bpp=12&bdt=241&idt=291&shv=r20220928&mjsv=m202209260101&ptt=5&saldr=sa&correlator=3320968579404&frm=8&ife=1&pv=2&ga_vid=208553748.1664623789&ga_sid=1664623789&ga_hid=278133060&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C42531705%2C44774606&oid=2&pvsid=1158264308673769&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.4v6z4brohjt0&fsb=1&dtd=307
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.229.10.211 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 11:29:51 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 20D6
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESELo0eJgx-AfcQgEpHAZy29U&google_cver=1&google_push=AZmPxg_tFa2amZgC1mfj6PnEuXofod_x0NU7cpL9Q8DwKP6tnKILuLJtyxj7AM-NzyS5B2cJMAGni65QlP5qbfBl...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AZmPxg_tFa2amZgC1mfj6PnEuXofod_x0NU7cpL9Q8DwKP6tnKILuLJtyxj7AM-NzyS5B2cJMAGni65QlP5qbfBlamkEOUSV-3PJ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AZmPxg_tFa2amZgC1mfj6PnEuXofod_x0NU7cpL9Q8DwKP6tnKILuLJtyxj7AM-NzyS5B2cJMAGni65QlP5qbfBlamkEOUSV-3PJ
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qiang-ni-dai-pu-nan-shen-ji-lao-13sui-ke-neng-yuan-yin-pu-guang.html
Protocol
H3
Server
172.253.118.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 11:29:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Sat, 01 Oct 2022 11:29:52 GMT
Server
MT3 4525 e1952b7 master hkg-pixel-x20 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AZmPxg_tFa2amZgC1mfj6PnEuXofod_x0NU7cpL9Q8DwKP6tnKILuLJtyxj7AM-NzyS5B2cJMAGni65QlP5qbfBlamkEOUSV-3PJ
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Sat, 01 Oct 2022 11:29:51 GMT
pixel
cm.g.doubleclick.net/ Frame 20D6
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEHrq5JSpkDHfQ-S-9E1EnGM&google_cver=1&google_push=AZmPxg_5e81cvOPWhiBlFuQLcyAQ9mKPzy4Ll3d0W_xgJBCNDWwAwOdW9T2kCARAvseQvW_4At4O-KT...
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=8&google_gid=CAESEHrq5JSpkDHfQ-S-9E1EnGM&google_cver=1&google_push=AZmPxg_5e81cvOPWhiBlFuQLcyAQ9mKPzy4Ll3d0W_xgJBCNDWwAwOdW9T2kCARAvseQv...
  • https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=PUmmrNh-SjmzMCvnMf2Ay2M4JLA
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=PUmmrNh-SjmzMCvnMf2Ay2M4JLA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qiang-ni-dai-pu-nan-shen-ji-lao-13sui-ke-neng-yuan-yin-pu-guang.html
Protocol
H3
Server
172.253.118.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 11:29:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 01 Oct 2022 11:29:52 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=PUmmrNh-SjmzMCvnMf2Ay2M4JLA
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
pixel
cm.g.doubleclick.net/ Frame 20D6
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEOb_W91qnLdkGkVfLEzR6Bs&google_cver=1&google_push=AZmPxg-C4o9oda4BKFwFNUisiIyrVr3VjMt1RCx77a6guiQzErhzpItii3YrtQpjCdgbfLsbsdzzl_G_sYgPkkMtcoQ5...
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEOb_W91qnLdkGkVfLEzR6Bs&google_cver=1&google_push=AZmPxg-C4o9oda4BKFwFNUisiIyrVr3VjMt1RCx77a6guiQzErhzpItii3YrtQpjCdgbfLsbsdzzl_G_sYgPkk...
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=c517c859-213d-4ae2-834e-1c2a02286ba3&ssp=google&gdpr=&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10524419749888161839&gdpr=&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.vis...
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2910&partner_device_id=10524419749888161839&gdpr=&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26s...
  • https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=a1b328e9-f147-491b-836f-9bdb746f7b7d&ssp=google&gdpr_consent=&gdpr=
  • https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=10524419749888161839&ssp=google&gdpr=&gdpr_consent=
  • https://odr.mookie1.com/t/v2?tagid=V2_785409&src.visitorId=207510804291002756105&ssp=google&gdpr=&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10524419749888161839&ssp=google&gdpr=&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AZmPxg-C4o9oda4BKFwFNUisiIyrVr3VjMt1RCx77a6guiQzErhzpItii3YrtQpjCdgbfLsbsdzzl_G_sYgPkkMtcoQ5rdXz5Lx6&google_hm=xRfIWSE9SuKDThwqAihrow==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AZmPxg-C4o9oda4BKFwFNUisiIyrVr3VjMt1RCx77a6guiQzErhzpItii3YrtQpjCdgbfLsbsdzzl_G_sYgPkkMtcoQ5rdXz5Lx6&google_hm=xRfIWSE9SuKDThwqAihrow==
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qiang-ni-dai-pu-nan-shen-ji-lao-13sui-ke-neng-yuan-yin-pu-guang.html
Protocol
H3
Server
172.253.118.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 11:29:56 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AZmPxg-C4o9oda4BKFwFNUisiIyrVr3VjMt1RCx77a6guiQzErhzpItii3YrtQpjCdgbfLsbsdzzl_G_sYgPkkMtcoQ5rdXz5Lx6&google_hm=xRfIWSE9SuKDThwqAihrow==
Date
Sat, 01 Oct 2022 11:29:55 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 20D6
Redirect Chain
  • https://match.360yield.com/match/ebda?google_gid=CAESEFd04-fN8T6Ck0K6TG12vIc&google_cver=1&google_push=AZmPxg9WldekJYT68CUC0f3a2Hc7_P_gspxU-e9CZUPJPo9mDClev6Ukhjc9XFhcFO-0MPoO4XsqjLEJC6GeNmy-jOWTSa...
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEFd04-fN8T6Ck0K6TG12vIc&google_cver=1&google_push=AZmPxg9WldekJYT68CUC0f3a2Hc7_P_gspxU-e9CZUPJPo9mDClev6Ukhjc9XFhcFO-0MPoO4XsqjLEJC6GeNmy-...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=kOM2n5eHSoaEbvCcc-LA1g&google_push=AZmPxg9WldekJYT68CUC0f3a2Hc7_P_gspxU-e9CZUPJPo9mDClev6Ukhjc9XFhcFO-0MPoO4XsqjLEJC6GeNmy...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=kOM2n5eHSoaEbvCcc-LA1g&google_push=AZmPxg9WldekJYT68CUC0f3a2Hc7_P_gspxU-e9CZUPJPo9mDClev6Ukhjc9XFhcFO-0MPoO4XsqjLEJC6GeNmy-jOWTSaleJMc
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qiang-ni-dai-pu-nan-shen-ji-lao-13sui-ke-neng-yuan-yin-pu-guang.html
Protocol
H3
Server
172.253.118.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 11:29:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=kOM2n5eHSoaEbvCcc-LA1g&google_push=AZmPxg9WldekJYT68CUC0f3a2Hc7_P_gspxU-e9CZUPJPo9mDClev6Ukhjc9XFhcFO-0MPoO4XsqjLEJC6GeNmy-jOWTSaleJMc
access-control-allow-origin
*
date
Sat, 01 Oct 2022 11:29:52 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pixel
cm.g.doubleclick.net/ Frame 20D6
Redirect Chain
  • https://tg.socdm.com/rtb/sync_before?proto=google_ebda&google_gid=CAESEKPSs8Ag2znvY8fzTeVxBM8&google_cver=1&google_push=AZmPxg_hYB5Y5bwjwJTdY00B2A_wI61wvyo1P0tOiQ3OcAtVIypi4QMucTvbJc6_XVX_X-JeenBPq...
  • https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AZmPxg_hYB5Y5bwjwJTdY00B2A_wI61wvyo1P0tOiQ3OcAtVIypi4QMucTvbJc6_XVX_X-JeenBPqPPWtasAG8xNOrRc2Yz29As&google_hm=WXpna3NNQ284...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AZmPxg_hYB5Y5bwjwJTdY00B2A_wI61wvyo1P0tOiQ3OcAtVIypi4QMucTvbJc6_XVX_X-JeenBPqPPWtasAG8xNOrRc2Yz29As&google_hm=WXpna3NNQ284WDhBQUctNHUzVUFBQUFB
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qiang-ni-dai-pu-nan-shen-ji-lao-13sui-ke-neng-yuan-yin-pu-guang.html
Protocol
H3
Server
172.253.118.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 11:29:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

X-SO-Cluster-ID
9
Date
Sat, 01 Oct 2022 11:29:52 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync_before?proto=google_ebda&google_gid=CAESEKPSs8Ag2znvY8fzTeVxBM8&google_cver=1&google_push=AZmPxg_hYB5Y5bwjwJTdY00B2A_wI61wvyo1P0tOiQ3OcAtVIypi4QMucTvbJc6_XVX_X-JeenBPqPPWtasAG8xNOrRc2Yz29As","cluster_id":9,"gdpr":false,"ipv4":"173.245.209.111","key":"YzgksMCo8X8AAG-4u3UAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad169"}
X-SO-Key
YzgksMCo8X8AAG-4u3UAAAAA
Server
nginx
X-SO-Upstream-ID
m-ad169
P3P
CP="See also http://www.scaleout.jp/privacy/"
Location
https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AZmPxg_hYB5Y5bwjwJTdY00B2A_wI61wvyo1P0tOiQ3OcAtVIypi4QMucTvbJc6_XVX_X-JeenBPqPPWtasAG8xNOrRc2Yz29As&google_hm=WXpna3NNQ284WDhBQUctNHUzVUFBQUFB
Cache-Control
private
X-SO-HostName
m-ad169.dc4p.scaleout.jp
Connection
keep-alive
X-SO-Ads-Time
2
Content-Length
0
X-SO-LB-Hostname
m-tgng27.dc4p.scaleout.jp
X-SO-IP
173.245.209.111
/
b1sync.zemanta.com/usersync/googleadx/ Frame 20D6
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEOkzRG1wCVzmKYEMMRbQSzU&google_cver=1&google_push=AZmPxg9Y5hgwfcGKfp_-XKQZKCSsOc-ENbTLGdzfGRmq2tleGPXG8OqozG6YSwHUvzUOTLxiBbPewSuatGXdl...
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEOkzRG1wCVzmKYEMMRbQSzU&google_push=AZmPxg9Y5hgwfcGKfp_-XKQZKCSsOc-ENbTLGdzfGRmq2tleGPXG8OqozG6YSwHUvzUOTLxiBbPewSuatGXdl...
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AZmPxg9Y5hgwfcGKfp_-XKQZKCSsOc-ENbTLGdzfGRmq2tleGPXG8OqozG6YSwHUvzUOTLxiBbPewSuatGXdldKjgytqJD4cj-UoSA&google_hm=Z1U0NGFLb0lZZGNnUk...
  • https://b1sync.zemanta.com/usersync/googleadx/?google_error=5
26 B
127 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b1sync.zemanta.com/usersync/googleadx/?google_error=5
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qiang-ni-dai-pu-nan-shen-ji-lao-13sui-ke-neng-yuan-yin-pu-guang.html
Protocol
HTTP/1.1
Server
64.202.112.255 Lovettsville, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 01 Oct 2022 11:29:53 GMT
Content-Length
26
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Sat, 01 Oct 2022 11:29:53 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://b1sync.zemanta.com/usersync/googleadx/?google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
258
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 20D6 		0
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L4sM-G6AWZZk8wJDAAdF8tXTN6RHYugu8Yy7DWyCFuc2Jgx22yJ1TgBHXpV9DwXkJqqBWZqg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664623789109&bpp=12&bdt=241&idt=291&shv=r20220928&mjsv=m202209260101&ptt=5&saldr=sa&correlator=3320968579404&frm=8&ife=1&pv=2&ga_vid=208553748.1664623789&ga_sid=1664623789&ga_hid=278133060&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C42531705%2C44774606&oid=2&pvsid=1158264308673769&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.4v6z4brohjt0&fsb=1&dtd=307
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 11:29:51 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
cksync
cs.media.net/ Frame 0DCF
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=94fe3cf1-3e44-4ca9-b31e-4d20824c3f42
45 B
450 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=94fe3cf1-3e44-4ca9-b31e-4d20824c3f42
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CU3SX34C&prvid=99%2C77%2C20000%2C2033%2C262%2C241%2C3018%2C246%2C4%2C313%2C359%2C10000%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Protocol
H2
Server
184.25.248.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-248-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 11:29:51 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Sat, 01 Oct 2022 11:29:51 GMT

Redirect headers

pragma
no-cache
date
Sat, 01 Oct 2022 11:29:51 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=94fe3cf1-3e44-4ca9-b31e-4d20824c3f42
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
199
cksync
cs.media.net/ Frame 0DCF
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?cs=6&google_nid=media&google_cm=1&google_hm=MzA3NjI1MzkxNjgzMDM4OTAwMFYxMA%3D%3D&google_sc=1
  • https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEDL-Uy_FzE-v01Rls63mTCY&google_cver=1
45 B
445 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEDL-Uy_FzE-v01Rls63mTCY&google_cver=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CU3SX34C&prvid=99%2C77%2C20000%2C2033%2C262%2C241%2C3018%2C246%2C4%2C313%2C359%2C10000%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Protocol
H2
Server
184.25.248.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-248-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 11:29:52 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Sat, 01 Oct 2022 11:29:52 GMT

Redirect headers

pragma
no-cache
date
Sat, 01 Oct 2022 11:29:51 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEDL-Uy_FzE-v01Rls63mTCY&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame ED41 		107 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame ED41 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame ED41 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
bql.php
lg3.media.net/ Frame ED41 		15 B
159 B 		Script
General
Check archive.org
Download Go to
Full URL
https://lg3.media.net/bql.php?vgd_len=5250&&&vgd_l2type=sca&fp=FnZYo7G4iSfp5-Rs1OBmo1GxS_NBijX5zCyLPgfhEyXNKj5J6_OR2aW7f-DdyYmpieq4vPrVhvOW_Sz0K0zbwEJkWoiWAY2g63SdpnR6fLROLL77mSYNin4CgyvwSiNU&cme=xl1mjTZYOnpLhbeqUYN0Ytpd2RwIJ9wdRS4Cqtv_COOVTmw8kf6_NBHxlifDrtoU4UiTIDgqV2fRSVrbeUjqUO8D4OWiYDUeVuC18VQZsv5g7fHDfdnWHNZV3JeZzVTdHZ7iIUxyLQ27eePkpRUqQJD-TgxP1_EqW097k6YUhp7yA6VyZsZ2MwozmtF4GGIOSR6Ym8d_7EE83w4-MJFlSA%3D%3D%7C%7Cu8A6SM53vAdJjhazCSusZAnIl_9HqKRb%7CjyjVTouP1sOI3OR67jxweNSVYtHEv6HR%7Ca0AmFUYXmD6ASqXHhJuVwQhdp4_HJdO5PL2fuJszgjo%3D%7CdsA6EMpZ47R6ljdz__nQtthZoUpm2bb5%7CbYc2tEkUPgkjvTPRTqVvovE3f1Svdh4GA1HFujZVnLRXTolXZqBOc8vJEconSqPLSip1A8CRnn4b4sVC8Hv5ezzHwTqJ1eaxb233HnueVzNa9A8EwamojgXpaQGF4P_XSBxv-3aEauLGs7l4BV6cHmzMXq7aCHlIMoesVZ3Y7VMmMqyhf8V4_LKHxIJNJuIOVxEv5aYnVAIoSq4gpVOsTeWCDbG_vsDE-OV1cNFfmts%3D%7C&v=1&geo=-33.91%7C151.2&dlper=20&lper=100&lpid=&tsid=5&q=&prv=&type=&ps=&hint=&td=&cc=AU&wsip=170785172&bca=0&ugd=4&vgd_fcic=0&vgde_setid=Nff&vgd_dnquo=01_9&ksu=224&fdkt=232&vgde_kbbh=ffoyxQJuO&kwd[]=Vitamins+for+Hair+Loss&kwt[]=232&kbc[]=a8c5cf0754323e1139b173ce42054d81.d2s&kwp[]=1&kid[]=30111142&kbc2[]=0%7C1%3D0.39%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C60%3D0.53%7C12%3D0.36%7C10%3D3.62%7C66%3D0.93%7C63%3D0.26%7C62%3D1.95%7Cps%3D0.968%7C3%3D0.14%7C4%3D4.00&ktd[]=1126174818697472&ktrkt[]=Vitamins+for+Hair+Loss&kwd[]=Best+Priced+Car+Insurance&kwt[]=232&kbc[]=a8c5cf0754323e1139b173ce42054d81.d2s&kwp[]=2&kid[]=48970281&kbc2[]=0%7C1%3D0.22%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C60%3D0.23%7C12%3D0.19%7C10%3D3.62%7C66%3D0.49%7C63%3D0.26%7C62%3D0.98%7Cps%3D0.968%7C3%3D0.20%7C4%3D4.61&ktd[]=1126174801920256&ktrkt[]=Best+Priced+Car+Insurance&kwd[]=Best+Cryptocurrencies+to+Buy&kwt[]=232&kbc[]=a8c5cf0754323e1139b173ce42054d81.d2s&kwp[]=3&kid[]=329544111&kbc2[]=0%7C1%3D0.79%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C60%3D0.79%7C12%3D0.86%7C10%3D3.62%7C66%3D0.42%7C63%3D0.26%7C62%3D0.49%7Cps%3D0.968%7C3%3D0.77%7C4%3D3.64&ktd[]=1126174801920256&ktrkt[]=Best+Cryptocurrencies+to+Buy&kwd[]=Best+High+Return+Investments&kwt[]=232&kbc[]=a8c5cf0754323e1139b173ce42054d81.d2s&kwp[]=4&kid[]=326649050&kbc2[]=0%7C1%3D0.68%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C60%3D0.68%7C12%3D0.75%7C10%3D3.62%7C66%3D0.42%7C63%3D0.26%7C62%3D0.46%7Cps%3D0.968%7C3%3D0.86%7C4%3D3.44&ktd[]=1126174801920256&ktrkt[]=Best+High+Return+Investments&kwd[]=Stocks+To+Invest+In&kwt[]=391&kbc[]=1224808752&kwp[]=5&kid[]=27190006&kbc2[]=pmb%3D1%7C1%3D0.96%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C60%3D0.96%7C12%3D0.07%7C10%3D3.62%7C66%3D0.35%7C63%3D0.26%7C62%3D1.83%7Cps%3D0.503%7C3%3D0.71%7C4%3D4.57&ktd[]=1126174818636032&ktrkt[]=Stocks+To+Invest+In&cid=8CUABW64L&vi=1664623790352318519&tdAdd[]=ib%3D0&vsid=3076253916830344&tdAdd[]=asnum%3D54203&vgde_test_data_struct=%7B%22EO7E8O%22%3Au%7D&vgd_cdv=806&vgd_l3_sc=NSW&vgd_chost=contextual.media.net&vgd_hb_audit_1=8CU3SX34C&vgd_hb_audit_2=529820104&vgd_katbid=-103&vgd_pdtid=1&vgd_implt=3&vgd_l2wsip=170785172&vgd_nrrv=17795&vgd_nrrmf=c80a&vgd_nrrsf=scrr&vgd_cty=beaconsfield&vgd_go_pid=8PO15GP54&&tdAdd[]=%7C%40%7Cabp%3A1%3A2&vgd_ifrmode=11&vgd_l1rakh=1664623790194266398&sttm=1664623791166&upk=1664623791.13172&hvsid=00001664623791166029185683033610&verid=3111299&vgd_matchstr=hr%3D0%7Cbcat%3D11%2C47%2Ch%2Cgo%2Ci2%7Ccsh%3D1&sbdrId=186&vgd_ecrid=1700080812610100250025000000500&vgd_isiolc=1&vgd_fcm_enc_mis=1&pid=8PO15GP54&&abpl=2&&kbbq=%26asn%3D54203&&vgd_vstrid=3076253916830344&vgde_bdata=QOfvzxjj~8xLjMjvX9~myJLEYv9.9u~e8QMQOvA9~ONfvu~QNOvzQB~eM1QzvXHf9A~ejfLMQOvf9ff9iA9fu~8xLjMGvhWFuF.AX~xLjM7UNv9~Q7Ov~j1Q7v~e8QMxLjMGv9.uu~8EvAGB9PB~kGGv9~e8QMxLjMjvH9~L88Ex1vu9u%2Cu9f~J7vi~LNvu~L8Qx8Ov9%2C9~LEQMQOvf9ffu99u9h~e8QMGvuA9.Au~xLjMGv9.9u~xLjM7e8vuA9h~xLjMjvX9~yN17vou~GGvuWF~eev9~jfLMGvu999~JLEYv9.9u~csRv2p~GYv9.ii~Q8OvXA9WuHXAWOhAJhGAkf1kf1WJfFJGAkNX~QOvu~x8Ovy3ERFutBpFPzqy1TKf~G7OvfHWi9HHXHXihHFh9i9FXuWufA9i9XuWuuuFfHXW9uhXfAhuihFWFfi99WHWiXiHfXFufAXXiHXu9f9FXAXXiWuf~OfEMjvh9~AENkvf.9f~x8Yv9~myMYQwv9.9u~OYYMQ7Lyvw1LYmz5~OfEMGv9.FF~myOfEMGv9.Fu~exLjMGv9.9h~QQvIK~x8Bvou~NJv9~LEQMGvuF.Xf~exLjMjvX9~%3DVvfhHX~z7QvA~7Gvou~N7vGJ1NmzQk8JjO~G1Q8QfvuiF~G1Q8QuvuiF~8QDJkv9~8exLjMGvuA.iH~8Q8kv9~jNvA~G8Ov9.9f~ONvW~ejfLMGv9.Wi~8exLjMjvX9~QxEEj5M71yM8Ov~1YEvu~NGOEv9.9uH~OYYvw1LYmz5~Qx8Ov%3DK4b4IK%3Dc%3DOdTW9hGzwyqlNWhxU~QOvu~O7Nv1E1NMQy~-8OvKrtoExGoHHWXfAiHfXifHhWh~O1jyvOJk1xj7~w7Yjvu~1OGjUvAAuHiuFuuX~QmGEv~N7LvA.AHHAAi4oH~GOEN1EOv9~OYYMJLEYv7LxJ~GkjLv9.9u9~myG8Ov9.9f9~1NM75EJvu~875EJM8Ovuh~QJjjJLM71yM8Ov~OJ7JN7JOM71yM8Ov~ONx7vu~OmyGv9ou~8GNvu~OO7vou~zQlvA~7yQvfX9-fX9%7CA99-fX9%7CAAF-fW9~GQGv9~GQEv9~7Y-vfXH&vgd_optout=0&vgd_cfud=220331&vgd_scsver=325&vgd_bhv_kbb=-1&vgd_go_ent=1&vgd_l2ch=0&vgd_rensize=250_250&vgd_scr_h=1200&vgd_scr_w=1600&vgd_ect=4g&vgd_dtc=apac_sg&vgd_mbr=1&vgd_l1rpth=%2Fnmedianet.js&vgd_pgids=1&&tdAdd[]=uiparams%3D%3Brend_w%3A250%3Brend_h%3A250&&vgd_uspa=0&vgd_sc=NSW&vgd_l1rhst=contextual.media.net&hvsid=00001664623791166029185683033610&subBdr=186&bdrid=4&rc=0&rand=1664623791857&acid=8275cafd38a14c8c8137c10726d6ebc8&matm=1664623791857&requrl=https%3A%2F%2Fwww.bg3.co&vgd_ltimesrc=1&vgd_ltime=1729&vgd_rtime=1722&vgd_etm=13&vgd_l1hcsd=Shhg9%7C6515&vgd_l1ch=1&vgd_lhl=2772&vgd_pgid=p0393336782t202210011129&vgd_adprefflag=11&vgd_csip=rtb-common-istio-9f7d664b7-9g2gj.SG&vgd_sbSup=1&vgd_nrrs=17795&vgd_cntrdt=SL%7CBODY%7CHTML&vgd_eadm=1&vgd_end=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qiang-ni-dai-pu-nan-shen-ji-lao-13sui-ke-neng-yuan-yin-pu-guang.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.25.248.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-248-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=21600
date
Sat, 01 Oct 2022 11:29:51 GMT
server
Apache
ntcoent-length
15
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
max-age=10478
content-length
15
truncated
/ Frame 4D0C 		107 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 4D0C 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 4D0C 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
container.html
eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 3777 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 01 Oct 2022 11:29:50 GMT
expires
Sun, 01 Oct 2023 11:29:50 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame EBCF 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 01 Oct 2022 11:29:50 GMT
expires
Sun, 01 Oct 2023 11:29:50 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 87CF 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 01 Oct 2022 11:29:50 GMT
expires
Sun, 01 Oct 2023 11:29:50 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
bql.php
lg3.media.net/ Frame 4D0C 		15 B
159 B 		Script
General
Check archive.org
Download Go to
Full URL
https://lg3.media.net/bql.php?vgd_len=5303&&&vgd_l2type=sca&fp=FnZYo7G4iSfp5-Rs1OBmo1GxS_NBijX5zCyLPgfhEyXNKj5J6_OR2aW7f-DdyYmpieq4vPrVhvOW_Sz0K0zbwEJkWoiWAY2g63SdpnR6fLROLL77mSYNin4CgyvwSiNU&cme=1L330woNXGPMRt1u2aGRo_AXU6rF-DjMmz03Y4A95_GdyiYmYn2Su87YMzZJ4P0nA8Pxp17o4Ggn--9JG_EVsTLAEaVA13Sr960YdDdnxLkRU0itIQ-9LO5Fex74Uek8c9iOAHIJS46o2BRbyq61b1k5bfWnC5KgFutk3HAgwQ_gsFabmlCek57X9lRJi2RkKXY7wHfCvpyzXHWyVSJ3bew2Hrv78tXl%7C%7CdsA6EMpZ47R6ljdz__nQtthZoUpm2bb5%7CsA9IVbGB0Ed5g2VDlBBzM6qBPYlcOuCSPDas2YBYvxROH7zuGxVd3hyNsXGVrlVPdo4ucsSKXxVg9pwgK06Dtu1_jfG00h-mqgcbEE9crOZ-e1qClWKhhrmH_TaiDO32KTRFQlUuek4qgOG85JzhvyNUW2gyolkmLnRYHcPwI_5A3WGxoBTaOWUXCeAyrnHuf1RhZCg9KiErGBGtl0I0T38WlDr0Evx2ATbSTPBdpV4%3D%7Cu8A6SM53vAdJjhazCSusZAnIl_9HqKRb%7CjyjVTouP1sOI3OR67jxweNSVYtHEv6HR%7Ca0AmFUYXmD6ASqXHhJuVwQhdp4_HJdO5PL2fuJszgjo%3D%7C&v=1&geo=-33.91%7C151.2&dlper=20&lper=100&lpid=&tsid=5&q=&prv=&type=&ps=&hint=&td=&cc=AU&wsip=170785159&bca=0&ugd=4&vgd_fcic=0&vgde_setid=Nff&vgd_dnquo=01_9&ksu=224&fdkt=232&vgde_kbbh=ffoyxQJuOu99&kwd[]=Vitamins+for+Hair+Loss&kwt[]=232&kbc[]=a8c5cf0754323e1139b173ce42054d81.d2s&kwp[]=1&kid[]=30111142&kbc2[]=0%7C1%3D0.39%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C63%3D0.26%7C60%3D0.53%7C12%3D0.36%7C10%3D3.62%7C66%3D0.93%7C62%3D1.95%7Cps%3D0.968%7C3%3D0.14%7C4%3D4.00&ktd[]=1126174818697472&ktrkt[]=Vitamins+for+Hair+Loss&kwd[]=Best+Priced+Car+Insurance&kwt[]=232&kbc[]=a8c5cf0754323e1139b173ce42054d81.d2s&kwp[]=2&kid[]=48970281&kbc2[]=0%7C1%3D0.22%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C63%3D0.26%7C60%3D0.23%7C12%3D0.19%7C10%3D3.62%7C66%3D0.49%7C62%3D0.98%7Cps%3D0.968%7C3%3D0.20%7C4%3D4.61&ktd[]=1126174801920256&ktrkt[]=Best+Priced+Car+Insurance&kwd[]=Best+Cryptocurrencies+to+Buy&kwt[]=232&kbc[]=a8c5cf0754323e1139b173ce42054d81.d2s&kwp[]=3&kid[]=329544111&kbc2[]=0%7C1%3D0.79%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C63%3D0.26%7C60%3D0.79%7C12%3D0.86%7C10%3D3.62%7C66%3D0.42%7C62%3D0.49%7Cps%3D0.968%7C3%3D0.77%7C4%3D3.64&ktd[]=1126174801920256&ktrkt[]=Best+Cryptocurrencies+to+Buy&kwd[]=Best+High+Return+Investments&kwt[]=232&kbc[]=a8c5cf0754323e1139b173ce42054d81.d2s&kwp[]=4&kid[]=326649050&kbc2[]=0%7C1%3D0.68%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C63%3D0.26%7C60%3D0.68%7C12%3D0.75%7C10%3D3.62%7C66%3D0.42%7C62%3D0.46%7Cps%3D0.968%7C3%3D0.86%7C4%3D3.44&ktd[]=1126174801920256&ktrkt[]=Best+High+Return+Investments&kwd[]=Website+Maker+App&kwt[]=391&kbc[]=1224808752&kwp[]=5&kid[]=340189069&kbc2[]=1%3D0.86%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C63%3D0.26%7C60%3D0.86%7C12%3D0.24%7C10%3D3.62%7C66%3D0.66%7C62%3D0.74%7Cps%3D0.503%7C3%3D0.81%7C4%3D5.00&ktd[]=1126174801658112&ktrkt[]=Website+Maker+App&cid=8CUABW64L&vi=1664623790184782149&tdAdd[]=ib%3D0&vsid=3076253916830339&tdAdd[]=asnum%3D54203&vgde_test_data_struct=%7B%22EO7E8O%22%3Au%7D&vgd_cdv=806&vgd_l3_sc=NSW&vgd_chost=contextual.media.net&vgd_hb_audit_1=8CU3SX34C&vgd_hb_audit_2=529820104&vgd_katbid=-103&vgd_pdtid=1&vgd_implt=3&vgd_l2wsip=170785159&vgd_nrrv=17795&vgd_nrrmf=c80a&vgd_nrrsf=scrr&vgd_cty=beaconsfield&vgd_go_pid=8PO15GP54&&tdAdd[]=%7C%40%7Cabp%3A1%3A2&vgd_ifrmode=11&vgd_l1rakh=1664623790167019783&sttm=1664623791360&upk=1664623791.1506&hvsid=00001664623791360029185683031708&verid=3111299&vgd_matchstr=hr%3D0%7Cbcat%3D11%2Ca%2C13%2C47%2C14h%2C3y%2Ck2%2Cov%2Ch%2Cgo%2Ci%2Cj3%2Ci2%2C150%2C133%2C3%2C149%2C4k%2C13a%7Ccsh%3D1&sbdrId=186&vgd_ecrid=1700080812610100250025000000500&vgd_isiolc=1&vgd_fcm_enc_mis=1&pid=8PO15GP54&&abpl=2&&kbbq=%26asn%3D54203&&vgd_vstrid=3076253916830339&vgde_bdata=QOfvzxjj~8xLjMjvX9~myJLEYv9.9u~e8QMQOvfW~ONfvu~QNOvzQB~eM1QzvXHf9A~ejfLMQOvf9ffu99u9X~8xLjMGvhWFuF.AX~xLjM7UNv9~Q7Ov~j1Q7v~e8QMxLjMGv9.uu~8EvAGB9PB~kGGv9~e8QMxLjMjvH9~L88Ex1vu9u%2Cu9f~J7vuf~LNvu~L8Qx8Ov9%2C9~LEQMQOvf9ffu99u9F~e8QMGvuAu.uA~xLjMGv9.9u~xLjM7e8vuA9h~xLjMjvX9~yN17vou~GGvuWF~eev9~jfLMGvu999~JLEYv9.9u~csRvu9C~GYv9.i~Q8OvXA9WuHXAWOhAJhGAkf1kf1WJfFJGAkNX~QOvu~x8OvuqJtebw_Ew8JIVDbYU~G7OvfHWi9HHXHXihHFh9i9FuWuufAhXhuhWhfiWfHH9WihWWX99WXFuuHiiufA9HFXiWAFH9W9WfffAhiXFhhhFuXH9~OfEMjvh9~AENkvu.Hh~x8Yv9~OYYMQ7Lyvw1LYmz5~OfEMGv9.hW~myOfEMGv9.Fu~exLjMGv9.9h~QQvIK~x8Bvou~NJv9~LEQMGvuf.hi~exLjMjvX9~%3DVvfhHX~z7QvA~7Gvou~N7vGJ1NmzQk8JjO~G1Q8QfvuiF~G1Q8QuvuiF~8QDJkv9~8exLjMGvuA.WX~8Q8kv9~jNvA~G8Ov9.9f~ONvW~ejfLMGv9.W~8exLjMjvX9~QxEEj5M71yM8Ov~1YEvu~NGOEv9.9uH~OYYvw1LYmz5~Qx8Ov%3DK4b4rq6u%20ikBlUdC63LqU5eL2c~QOvu~O7Nv1E1NMQy~-8OvKrtoExGoHHWXfAiHfXifHhWh~O1jyvxz8Qmzuu~w7Yjvu~1OGjUvAAuHiuFuuX~QmGEv~N7LvA.AHHAAi4oH~GOEN1EOv9~OYYMJLEYvk1jQJ~GkjLv9.9u9~myG8Ov9.9f9~1NM75EJvu~875EJM8Ovuh~QJjjJLM71yM8Ov~OJ7JN7JOM71yM8Ov~ONx7vu~OmyGv9ou~8GNvu~OO7vou~zQlvA~7yQvfX9-fX9%7CA99-fX9%7CAAF-fW9~GQGv9~GQEv9~7Y-vhX&vgd_optout=0&vgd_cfud=220331&vgd_scsver=325&vgd_bhv_kbb=-1&vgd_go_ent=1&vgd_l2ch=0&vgd_rensize=250_250&vgd_scr_h=1200&vgd_scr_w=1600&vgd_ect=4g&vgd_dtc=apac_sg&vgd_mbr=1&vgd_l1rpth=%2Fnmedianet.js&vgd_pgids=1&&tdAdd[]=uiparams%3D%3Brend_w%3A250%3Brend_h%3A250&&vgd_uspa=0&vgd_sc=NSW&vgd_l1rhst=contextual.media.net&hvsid=00001664623791360029185683031708&subBdr=186&bdrid=313&rc=0&rand=1664623792039&acid=7051a0456e3b4be9ade00f1d49cf7e2b&matm=1664623792039&requrl=https%3A%2F%2Fwww.bg3.co&vgd_ltimesrc=1&vgd_ltime=1747&vgd_rtime=1714&vgd_etm=7&vgd_l1hcsd=Shhg9%7C6515&vgd_l1ch=1&vgd_lhl=3056&vgd_pgid=p0393336782t202210011129&vgd_adprefflag=11&vgd_csip=rtb-common-istio-9f7d664b7-g8ns9.SG&vgd_sbSup=1&vgd_nrrs=17795&vgd_cntrdt=SL%7CBODY%7CHTML&vgd_eadm=1&vgd_end=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qiang-ni-dai-pu-nan-shen-ji-lao-13sui-ke-neng-yuan-yin-pu-guang.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.25.248.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-248-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=21600
date
Sat, 01 Oct 2022 11:29:52 GMT
server
Apache
ntcoent-length
15
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
max-age=10477
content-length
15
log
hblg.media.net/ Frame 0E5D 		35 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/log?log=kfk&evtid=adplog&&lmt_enf=true&req_mtype%3C%3E=0&mx_bsProfileRa=0&mx_nsz=3&spSource=0&ifst=0&vid=YzgkrQAKsfwCD09DNgYfAA&s_city=taipei&ugd=4&bcat%3C%3E=1000031%23%231000030%23%2310130%23%231000024%23%231000037%23%231000036%23%231000004&exp=ssProfile%3D0%7Csfl%3Dfalse%7CssBucket%3D0%7Cbfl%3D-100%7Csch%3D1%7Cclt%3D3%7Cfl_rl%3D1%7Cdbr%3D1%7Ctpi%3D1&app=0&ctr=3.344339E-4&mx_TAF=3&device_id=4&ae=false&mx_UCC=1&prspt=headerBid&mx_bss_algos%3C%3E=0&usp_status=0&seat=BID_API&og_cbdp=0.020&size=250x250&mx_TAS=1&mx_gpid_sent=false&xtmax=290&commit_id=b180e62b&scrid=1700080812610100250025000000500&itypeid=17&mx_SPRIG=0&viewability=-1&renderer=1&be=0&rtime=13.0&adj0=0.0&tmax=300&s_ip=172.217.42.12&adj2=0.0&adj1=0.0&feedback_id=YzgkrQAKsfwCD09DNgYfAA&adtypes=0&mx_aabpc=0&reqid=YzgkrQAKsfwCD09DNgYfAA&sc=AU-NSW&sd=1&mowxReqId=8275cafd38a14c8c8137c10726d6ebc8_1&ifdp=0&requrl=https%3A%2F%2Fwww.bg3.co&bidrestime=1664623789758&pv_adtype=0&cc=AU&strg=HARMONY&pcrid=8CUABW64L-357234536-40-3&coppa_enf=true&bdp=0.020&ct=beaconsfield&spIsReq=3&s=1&abs=0%7C0%7Cxtmax%3D290%7CHARMONY%7Cbrr%3D0&mx_epbc=8CUABW64L&dnt_enf=false&mx_ssBucket=0&vls=0&asn=54203&mang=1&fleet=common-istio&mx_isLossNtf=false&advUrl=https%3A%2F%2Ftopics.businessfocus.online&dn=bg3.co&dt=O&acid=8275cafd38a14c8c8137c10726d6ebc8&actltime=20&act=headerBid&iframingState=0&mx_lr_seg_deal=0&exclattr=32%7C34%7C70%7C13%7C14%7C15%7C16%7C48%7C17%7C18%7C114%7C19%7C20%7C22%7C25%7C26%7C27%7C30%7C95&dfpBd=0.014&sckfl=1&dmm_erpm=true&mx_lr=0&mview=1&smbrid=adx-1&bfs=103&rfc=-1&prvApiId=8CUABW64L&epcexp=false&pubid=pub-ADX-101418826937&mx_bsProfile=0&cid=8CU3SX34C&bcrid=1700080812610100250025000000500&omul=1.0&res_mtype=0&suid=CAESENACMCdjL807bnhgHzc87uk&chnl=HARMONY&pst=0&reqsize=250x250&adpos=3&itype=ADX&mx_g_one_uid_sent=None&spCst=0&mx_sid=8CUABW64L&tgtval=pub-ADX-101418826937&__expireat=1664624390013&lmt_status=N&reftype=0&prvAccId=357234536&ckfl=0&lper=1&mx_tgs=250x250%7C300x250%7C336x280&dummy_vsid=false&cbdp=0.014&pvdTmax=254&ltime=20.0&epc=357234536&ctr_vendor=EXCHANGE&prvReqId=39679432053656_416911690_52982010441&zip=2015&exid=31&spFst=0&mx_GCID=0&cliIPType=v4&pexid=ADX-pub-4485239425924787&ybnca_erpm=0.01&brsrclk=0&sbdrid=186&mx_bsBucketRa=0&rtttime=26&apTags%3C%3E=75&mx_PC=1&wsip=mowx-istio-764866d65d-gfzjc&currsrc_date=2022-09-30+00%3A00%3A00&psrc=fail&geoll=false&omid=0&debug_ts=2022-10-01+11%3A29%3A49&policy_enf=2&mx_ssProfile=0&mx_SC=0&reftime=0&pbidflr=0.010&spbf=0&currsrc=API&fpusp=false&lmt_applied=N&mnrfc=-1&pub_blk_enf=1&amptype=1&moau=true&ocurr=USD&snm=SUCCESS&mx_IAB2=0&usp_enf=1&bidflr=0.010&incentive_type=0&pid=8PR113JGC&spTo=3&pvid=4&schain_cmpl=1&is_ortb=false&mx_aurl_hc=0&ucrid_ver=2&mx_maq_call=false&mx_uid_sent=0&mx_sbp=-10.0&mnrf=0&slotVisibility=2&dbf=1&gdpr=0&gqid=AMVB_Pl3GGCK7uP4O_frVP_5i-kP_VYjzqie0MZ8fY-gLcLAmlF5M434sYyK9AQggjFxsBDg&dmm_ogerpm=false&csip=rtb-common-istio-9f7d664b7-9g2gj.SG&mx_bsBucket=0&mx_aurt=0&spIvt=3&ptype=23&media=0&acsn=1&dtc=apac_sg&cat=IAB-3&mx_aqcpl_crid=4&ogbdp=0.02&tpbTkn=false&adblk=3314916115&fpuReq=1&vcmplrt=-1.0&crid=529820104&geo_source=2&sat=1&mnet_ckfl=0&opbidflr=0.010&impId=1&rme=adm&bdata=sd2%3Dnull~iurl_l%3D50~ogerpm%3D0.01~vis_sd%3D30~dc2%3D1~scd%3Dnsw~v_asn%3D54203~vl2r_sd%3D2022093021~iurl_b%3D78616.35~url_tkc%3D0~std%3D~last%3D~vis_url_b%3D0.11~ip%3D3bw0Uw~fbb%3D0~vis_url_l%3D40~riipua%3D101%2C102~et%3D9~rc%3D1~risuid%3D0%2C0~rps_sd%3D2022100107~vis_b%3D130.31~url_b%3D0.01~url_tvi%3D1307~url_l%3D50~gcat%3D-1~bb%3D186~vv%3D0~l2r_b%3D1000~erpm%3D0.01~MFB%3DZW~bm%3D0.99~sid%3D530814538d73e7b3f2af2a8e26eb3fc5~sd%3D1~uid%3DgYpB61XwW6UnHgaLA2~btd%3D248904454597467090651812309051811162458017523719768629008489594256123559451020653559812~d2p_l%3D70~3pcf%3D2.02~uim%3D0~og_msh%3D0.01~dmm_strg%3Dharmony~d2p_b%3D0.66~ogd2p_b%3D0.61~vurl_b%3D0.07~ss%3DNA~uiw%3D-1~ce%3D0~rps_b%3D16.52~vurl_l%3D50~CI%3D2745~nts%3D3~tb%3D-1~ct%3Dbeaconsfield~basis2%3D196~basis1%3D196~isRef%3D0~ivurl_b%3D13.94~isif%3D0~lc%3D3~bid%3D0.02~dc%3D8~vl2r_b%3D0.89~ivurl_l%3D50~supply_tag_id%3D%7Eamp%3D1%7Ecbdp%3D0.014%7Edmm%3Dharmony%7Esuid%3DCAESENACMCdjL807bnhgHzc87uk%7Esd%3D1%7Edtc%3Dapac_sg%7Exid%3DADX-pub-4485239425924787%7Edalg%3Ddefault%7Ehtml%3D1%7Eadblk%3D3314916115%7Esobp%3D%7Ectr%3D3.344339E-4%7Ebdpcapd%3D0%7Edmm_erpm%3Dtrue%7Ebflr%3D0.010%7Eogbid%3D0.020%7Eac_type%3D1%7Eitype_id%3D17%7Eseller_tag_id%3D%7Edetected_tag_id%3D%7Edcut%3D1%7Edogb%3D0-1~ibc%3D1~ddt%3D-1~nsz%3D3~tgs%3D250x250%7C300x250%7C336x280~bsb%3D0~bsp%3D0~tmx%3D254&utime=1409&sf=0&cpr=0.19778760067757029&evttyp=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664623789129&bpp=12&bdt=254&idt=302&shv=r20220928&mjsv=m202209280101&ptt=5&saldr=sa&correlator=2846240447644&frm=8&ife=1&pv=2&ga_vid=1086681421.1664623789&ga_sid=1664623789&ga_hid=1738764289&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C42531706%2C31070061%2C31069720&oid=2&pvsid=3982342905089135&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.ecsy7qwaozha&fsb=1&dtd=319
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.25.248.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-248-23.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 11:29:52 GMT
strict-transport-security
max-age=86400 ; includeSubDomains
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Sat, 01 Oct 2022 11:29:52 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 71E3 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220928&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209260101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
6e84f3de4b97a001be90738b65e057db0d5d00b55c3969a28146e69441c0d4be
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 11:29:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11152
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 0282 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220928&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209270101/show_ads_impl_fy2021.js?bust=31070009
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
c1ea13ce403943e70795dffe2984dc0afb1ba5abad8bee8b220f7613204fbca1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 11:29:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10996
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame 1A46 		624 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARjn4NpjMAE&v=APEucNXKAPqBNWkUZDRChUhtV8oAx4reGcHfsOr0CTXak-EAAArHcso7DWh7II31ddZDVKsDkkxwV7j58lexjNlEA8weUH8lRQ
Requested by
Host: eae788224dba35857150c6163776964a.safeframe.googlesyndication.com
URL: https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
276
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 01 Oct 2022 11:29:52 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 3777 		28 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BpTdzf3Emi6FV3a-92r4KbqNMOuGpaX-Vy3sd9e7FfHImJo4Qg5TYr0yqKAVnrVw5WSotGjqr5LSUiVYcDQ8gP-oESforeMOj7RXgIBsGJ5t8MQK6UoU2M6XKveRzwQJFlStcLiezrdXY2-HQYL3lN37vot7krdFglthQ0GLz7sR_s3SY&cry=1&dbm_d=AKAmf-BfdSjNV9VI2XWl9ZkUZYJNs73qdGXOD_hA8rKZCPs3pJ2XkIZ16ABIFJ-f18aKn4BTw1gvxMuWzEfFyXrFegcZfatF43LYog4N51jbWJ3rGDPpoMBmhq04Tr_ofTX7JrJraPQ8_AWoWjmS-onDTf0DCdPmljBKUZOp9KmoGxf9Nld9nTNV46LV907wpS0WLRSzttUzePJlCpz6UwqwzIZwPuOkB4GclWcRoLlDj7KeBtdh7hJrH1aa-M6xR_qdiG3_0xuz7gCtXrmGdythjdytYlsF-ZKZkS7EJbvshZgnNDpE5zVuqTRuepSC634dIqj-mJHywzS0SrZGmwzvQUOMzs7-xAycZL0jef1jJ22qxcDMrY7sKLNCcYYRY4bASxEMgxGEdRLXav9oI7OxrKUjsMB9-I93Xc08ZwqapCtoxGupCNFFlHr7_eNDClXfYbO5QxO31aQRQvbZFKPh1cO8r0CoZLwJj-YP_wPKuDgzPJ3j05-1R0S3bqzHA1ndiVj9z_AEi25FVzeiKZQBOB7PBu7EG_BxbD9fDRetWjZiF60_qFUkOtSCMpTpsvld8ByS03PhXtJFiSqKdCUfkaIh26d6fdAVNDfOBrzEt1_-T6l95tCO0cXqneP21r6zwwb1iKVth05-L46LVYFZ5wyrMb5GdcEkO8ClWc-wiwqDhW4QtLgZwCQd4EshdTvkGOX_nwfVSQBuhYnPXxQijL3XOXct0Xge3IhQIWW8p7Yl9y3aI97lQnLlZXBcM20bH4ppvflSGAlAZerlY0iAVURu9fs6S48k2PqSJ7oVjfDJYa_jswW2U1ZjSzGwrUSaRRU9ocFaJMypLOQLxxDM7fhw_SA3VlvPrvR79gzWhHRHlHNKy9AjTU3YOYRw7GQNPsLNhvlk0hXjWnKkLF6-XUoBknmYhZVUcw3pbPjZ2h0Bwha7PJeCdcKdUkBZlh5JViJr_-WShB4HtYVfTwdISCLVNeniR_dFajPVlOv9ZwprQ_xR-5egkhTOJAjSKK_8ENTEBLJwhDFwLwlfEYBC3EgiZN3G-qJDjGusw2unTvCN4HRIlTx9VbJU2VBcYuxUnR2vEXWifXgwywfamoKk0NHKxR5we7EIumD9XbS5GlNXt1z4AiY2udobaBrxKnfRo6yAGa3S_L9cIQcLA7wGd8ZNxYj5lUYSiq8_EiZ3_1W-YGyYjwGPIE_e_DNeiU6SkoGKAOIiBkjxZjka1kQqvupPwpuHEqfli0t7fZvg7OHKNBQ3nNtISi6QJYRa-cU_uOV7tudMPXRvGOnmvf2CysJmXD-Vxk8qiuOYSonR_KtcBSAf_Lxi4UR05XhYDBtnqVxUalnLXaR-WxVVkJTD9LyhzHcUdhHLh_iX63WeaTq1O87mE3czEO6mpH6ooPde95NrobvjnVGw4sGmzTcR4GT_A2ir6NnRYnPlqpcS0nenJjwGJgtstxbn3I3hCwJVC5kBA9RBW_5WzHDrHVe9e0Xbs6gd6JTnAS4ecc289YfCwgYj1x6zJ0jeEz21Gx2OpyPUYt9tVEnza_SHTonJwUGytn4YLQov8XhAIKkoNSENZSvmLA6Oc5a7L3R1Sr_hEZlCHGEFxPhTJxlOYHhXZJtOGXxQlLBwcsndRoxGwMDywV5tZJdvb3Qf6x2BBx-Br-edZb8_kyO7D9vfaGC-JL_ZQNU2IalfbGjKjLU9Yxk07i4qBtDdK6EWHSm4oVpkHVpkJ5JeTjMberHxR22gwSnj1cDG7-teV_qbEcarS-btrd8YM2RzCXXGn2BU4bvY09M28Wrixu65HhGvTIEIG0BnFv9NjKI-Wbf0rLuhyjxmTb8cw9r8l_O5D3H_J9zw1ezfL0hU0kleCurJY9wixEtWMjtXKJXskiTdLBMkxaIchINW6oO1xVEc7xI8zRY0Q_0fNO1JONHQZcwNx57Bfb2Tzna6snFmPnHF32L5lFvJYGafk4F5nXpl7fCNjrITEX7XAZv16p8nfOmK5EeekvjBxGAphOaO3IXrLb7gXjwWbzoLTUeWUW_HepsZfKgcfJye2-xRplFgNl-wGe4xEyGUXgNZkXFsBDVEgT2DyNDBhGhWyxPzf31wTqHRAFKm-omQf9gWPKarkv8PYedE-4ble0L6v8F99nK_BYb7S0moXmPw96khbWWVBS67iiN379Ir5h2YXNRk3s7VBGVoQYCVRB72UTmCSY1jziR7hh_gYR2jDC2Wb1rXkfnf5jAWS5nm4cT1asO2LYjQfU8kUpZjipYV__F8tkAy9a6OxU46thhPyTw27c78NIDej--wnOnVol_Mhp087-fz3Pl2lmArCXoYjxamOYOgG5vvnT5syCYcY6vu581lcM8919ZJOrEr3PLZMAhVP7yfl6ZSFkwCYRB-EoDemPwHWpO1wQJdejt4BsrrT0Y6HTrYThAm8eh-9Zw7vJ84aWoXmzTrUqY5P8uKeTVUXcISFwW-gkV8pYdmd7KR449imYuFsIgab8nVxUQ8-ut1vVC1Ol3VChLLjbJMbo8ABm4pMEX6woO_D2zb9gNApYpez85FKK-vn2N4bn1nLtXpV_zRH7gRKJbge3XjaHwnyjpVp52lgjit5Vlv2i2_khXw-VHA9LUEWN4s-omx6l2rAI1axB5NPIx9RuA_nDy7kPbM8YVgOpUIwEc_A2PTffFPPUWhDiXeVr42-v0Qe7cuctEb2SQq4XaZyzAixsy38wCUxD4kdHwYQj58dmgjHLj8vsWBjl5_UeqpKpYq-eAPcNTOF2h5s-wS9_9OYFdcS2ibIVR9wP5iO-gFF9jRSL7jXKiEpWfThaWni66qWQA8pmDCh84sMZgUZ8mugaquTzXui9pGAhT6U859ptuPP8EUKXFu-73iPjYflkygs1ut8NbAbN8Z_JqslUHfEwAbSXpPJingXBvyS-BcSDt8hpth5mSXzY-XS3Gv2pi3JZCRYFBzkP1idCzo7rc3gJwEoRbP6aO7Kmj-xpk1Xy7npI5PVdV3E64mxdV8qlbUJalsUiRdQh1Xmh09AusBWHHriVyRVYb9FSXIMSEHWMR1UYKl1VqabHOXxgIM1XucrMOwyAXuHJqfjUVSFhTKGj1gIm5eHURc6fsy7Rs4hBlZOM3UAKSUrvc5kSqqPMmRzfC2FIER-SVrXzmTvhawUzqquxMUP0EQoiqipBk2aCNrytq7oatin3Qf07TdG5Sezv6EpgcxC6hzCXmWYvBK0NxcMZ3ts3r6CWGB-gIMcnqKc9UzoK5muesapunc2GstsTeFTd-75bsl9ULVDuqac6S04qDTB1W8NTf4JEdC9avutKcOF1NB4Q77ZNudHnqZDcK1JQdAIlDvLUJGfm0bpKKGxxEFxdyxa3ruOM0T5_HuEm_v7M4bCN8cauhKyIh1mTLC_9o_gQJMqg1lUXN60EyGUtIK7FZlEV5IBK1_1Dr0fHPIe4xqwoqWvvRaryTaieCtm0QadJBYR5bROW_5lg4IaqJNA29onKc8pujRrDMDwqaQqCcCedZ_TG6dIqmnZXols6mq7x7W1cqTfz0njEzNs7WCP6H5e6vwjjSGmRAh4d7dHOTdhrX9DiLEdyCgJKVfNKINZbQLeWFjbYLzVw&cid=CAASJORoezEmzU__Q_BapaF2bckNt-i_wx5DzL2f1eGIkuS-gBfLjg&rfl=1%2Chttps%253A%252F%252Fwww.bg3.co%252F%240
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qiang-ni-dai-pu-nan-shen-ji-lao-13sui-ke-neng-yuan-yin-pu-guang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
cafe /
Resource Hash
e63b8a63c18e0e776cd511d1dd4b305d87699e5f0988e4eb7e71217d4d8d7e09
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 11:29:52 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17100
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3777 		42 B
68 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CjsTXNtHHpa237QNt6P9Si3Mr-pEFsUdGz1i-ALq72LHWOTK49D0-9XE4cS9dsVOn6Bg0uG6LCMfTS__bCfMSP3AUutO88YFOlVbtGDfP1dCKMOXI
Requested by
Host: eae788224dba35857150c6163776964a.safeframe.googlesyndication.com
URL: https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 11:29:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dvbs_src.js
cdn.doubleverify.com/ Frame 3777 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvbs_src.js?ctx=1828362&cmp=115740&plc=4168947&sid=18330&DVP_PROG_REP=1&prr=1&DVP_DV_TT=1&DVP_DV_CT=1&DVP_PP_ID=3&DVP_PP_IMP_ID=ABAjH0iQsoC-EN9yFFC3J7OSBHSY&DVP_DBM_1=3060631&DVP_DBM_2=11726559&DVP_DBM_3=18211405561&DVP_DBM_4=209104999&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=881479034793&turl=https://www.bg3.co/a/qiang-ni-dai-pu-nan-shen-ji-lao-13sui-ke-neng-yuan-yin-pu-guang.html&DVP_PP_BUNDLE_ID=&dvregion=0&unit=300x250
Requested by
Host: eae788224dba35857150c6163776964a.safeframe.googlesyndication.com
URL: https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.25.249.212 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-249-212.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 /
Resource Hash
b42f035c593881359488262fdaf928acd4b9e6129051810120cc361c2a9688dd

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 01 Oct 2022 11:29:52 GMT
Content-Encoding
gzip
Last-Modified
Mon, 29 Aug 2022 13:19:47 GMT
Server
Microsoft-IIS/10.0
ETag
"f128ce2aabbd81:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
1170
dvtp_src.js
cdn.doubleverify.com/ Frame 3777 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvtp_src.js?ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&advid=3398311&adsrv=0&btreg=&btadsrv=&tagtype=&dvtagver=6.1.src&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_DV_CT=1&DVP_PP_ID=3&DVPX_PP_IMP_ID=ABAjH0iQsoC-EN9yFFC3J7OSBHSY&DVP_DBM_1=3060631&DVP_DBM_2=11726559&DVP_DBM_3=18211405561&DVP_DBM_4=209104999&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=881479034793&turl=https://www.bg3.co/a/qiang-ni-dai-pu-nan-shen-ji-lao-13sui-ke-neng-yuan-yin-pu-guang.html&DVP_PP_BUNDLE_ID=
Requested by
Host: eae788224dba35857150c6163776964a.safeframe.googlesyndication.com
URL: https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.25.249.212 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-249-212.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 /
Resource Hash
9dc99a92f9d68c0bb47cf55e03971e0f068090465859bd483c97bf9c6fdd32e3

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 01 Oct 2022 11:29:52 GMT
Content-Encoding
gzip
Last-Modified
Mon, 19 Sep 2022 15:59:20 GMT
Server
Microsoft-IIS/10.0
ETag
"0fc3bc740ccd81:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3314
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/ Frame 3777 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/window_focus_fy2021.js
Requested by
Host: eae788224dba35857150c6163776964a.safeframe.googlesyndication.com
URL: https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 10:26:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3803
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 15 Oct 2022 10:26:29 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/ Frame 3777 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: eae788224dba35857150c6163776964a.safeframe.googlesyndication.com
URL: https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
cafe /
Resource Hash
86d8e892ceacd8c8a7e7125c68dd0e1b311f8399871b6d64b8b6795f0235c1d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 10:46:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2602
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7559
x-xss-protection
0
server
cafe
etag
15289875785628835784
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 15 Oct 2022 10:46:30 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3777 		140 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: eae788224dba35857150c6163776964a.safeframe.googlesyndication.com
URL: https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
sffe /
Resource Hash
da8438b81e390283f6eb8cc9cf49ccde3d00c954b4fbccdf6372c162c4b58ab2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 11:29:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44530
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1664365478704152"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 01 Oct 2022 11:29:52 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame DAC2 		624 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARj_y9pjMAE&v=APEucNV_bZQLADRy9PCzx2GNNTWkABw6QV7p-kXaIsGYuQ1BBq_-2mDpeWGuHEzhk1_EngXjpCRlQ-uc91G8hJVCVmx2jdXKXQ
Requested by
Host: eae788224dba35857150c6163776964a.safeframe.googlesyndication.com
URL: https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
276
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 01 Oct 2022 11:29:52 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame EBCF 		28 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A64saxJSdc5i0t-03ehQf06FEiBs87UNmZxNrGD9WbJpslTeB2JjAaurybl4_Pi7FTi2PTKoA2FwvpWN1SWeCiZkvzfFDnD80cr2S252EU_Z9oAFntJSt5FbSlWeEWufRypEL2DHRvjxdZvenK3LpdPwhbRYXf9bFCe0JC5mcoT-_wxx4&cry=1&dbm_d=AKAmf-CFpcNgjFf-XBPiH1dp8Two5sfuMHVL9beOh7phehanb0nqvcMjdFQAPqofoi_v2RpbvirkWEpcavGJ17V3DoNlY7lnTsjCVusqcy8IIz5kqSGDFRWSWCNDyz_efemdQL6ljcj9nvknIxyinlzyZs_csUDSzv2t5VEXL1a9s3f9db3Y38ydNqxHm_Q1mSUksZFXQOFRwv1jA6AA6PGQoSd6Am78HFx-doXkcsreaSWJ-UJqX5zNBJ_bDj41zVDIsrCMHtKsJQYY4ql0YbgQfN1gzj-MNjynmdcD2Qz7hOieVwMZQ5u42wSwjbQWwIi63xgYDfxe-rLSJCnvrZNX1HZsq0pytfqUiLugoX5qeLUFrhrCLO9NBgCee58l4VI_05TOXnggpkGvMy0r9KpcZFqfOSCbuyS0oYDn0W2RgF5jjDl71xFoUuBuo5L8-hj9b46jbWDbiZkudscsoc45ezpEJFxlmf7EoWw2BXkK8Yau1XNS89Y8OTAXU3ytiaQCh4jvL6mIJ5LRvPgXp0uS08aeqn5EdJwBT37kEKtKndOkzN_-ej4mHH9X9TztWcSXGMDs70oEPDGJPwcn-rEIWamt9j6myq-69Zze38ADfbApZOg7xJ5oJHb95Q9oA_8L-13linsUIxle-npCplCKDiZqYuFypXOjosgElYY6av4iHaut0oS7mYvN7KPbZoesGIfdSuebDwTZhuHKPSAUWBfEYqio1bT-Iyjaa6RK-QcGtgpqSHukuoArv6M6ulh8eQXznoU2tfPbyKXwKgN-u37Nl8cKHjpNB3s9utXfLF9gU021syc7_UVL20aDeDGiDYsJus814FKJQNhbnfQLeDJSQsh7mEU3SUbGfMiG4a-Y2b498ZpOoRyIT-AXKxMKv7pElAXEAM1ljOlXdanZ0X_cvnO0gwFGCJ7Gky5LAhiDiDa7iiAVzh01ofj3pohelZ0V9n-QAT2loarZOb8BUQHwRI_sI7zzJ7pfXj8AGRivx2VkHBA7azk-p8j5Ry2g8SOi-NBrw8LO6AmegYbXoAwC3d1HGz3n84Cbh-o2XmWAEgtn1Gp8X8hPMhoD4vGZyzyHCWwqJRcYdVSQfDcf7koRDmV36QTi9OmVbH3gFE0akveRpZSeDG-m7KfHlHfJoCAQ2dMelK5homn-OhRwPrg40XCqd-8DAhOsDAS9NpeuLevhGTiIYKvQ8G7NzR60ylYClv6xwpkfVZ8hhfGWt7DSY8AdASVtWhy5caXoK71-dlOA5zVUtwFU7rfxC9RRJt4xF70hsu4rZrwnEPTnKj7iZf9gIElK21VwVC6EOIRqG9alUML04CtuD_EaK7n8n3KuOCSoEoMFVNlYMILJ_jzv-LJdZv1emxI2j5sWDCW6R40Dymj_hXg-cAJgL4bZSXDjBMyBPC-8e4CVwrmrSnA4FmmXq2iMzdCeFYdWreub526DSYmbLg-iBAXw7_P2-Vk0aVY9QOHR0azgLo4lFHyDWFyKFRlh4aY1HkNo344eGEwwoPaJV4fcI_Qi04QcYBwTLuKX9eTPLdBxwBESs3S6I9JcT9ceeROk_GkbFtgxfHEcNuVs5Jd3O44PX5JWoGCOOHaDgoh4AfGDY9xRoMbB_8mCMo66hqqd6NPlLD2h7M2FZbR_3zzSO7IItWEEZ5km0tpU-noQCTD3fYGrk5NqFviBHLxOGMP32UNqSWpIa3QUbC0ZP5PE_yRIeZcZbvWsJUDgRxvb4Qxx6KRd8s4jVCx3Lyf34-aR1KVz8D6GlBG__3uy1Ho9lpig2tj1T2EUtgtOCxGVxI146oQDaEzbE5AgJ_1NeV3deYA8uOg_J3icBOsb6iJwjJfdxpEDqZhTfyv_utzREEUyI7RVJqjomLf2OfkLrycQUpC7d__sX5S-WPLjE8NrlVJN8eYFd_P6RbuK1P_7TyvdViFw4kwEcso7i-J3BYP9nmnAM6NhuJoYsgoPJSDtqAN4lcrlaWYodoBKTyCC3zdFDbM_N2TFZ6DZqY7BV3FD8jCZhkkdWXTq1EfcD30YeyxFmXxu65Ycy-YA0lgJ2c4g0W_JJzZURKkZmDk4MERqLIJh3hwsXVsBx8Psg0NqmHVDpcYTBofhXydVokz6OnhVkrBNjj2loKne9A0ZMkavn7dSgGsoUsTTJBXVad--TB1bItKmEMceyvdMxndwCzqL7-A6xW3JWsgY-BIK8P0j3XDKN_zzlNmTeOlZd9o7zMmCDinMoZGgG0ivu862qfXbWtKeSSTopXeF1PYl2Q-LsSSU81TYba1ED6t2knD-p_jjhG_xANEPEmEXNUkra72z658EM-zHjukJZqPI7Be1yOEiN6AaJRuuqucAhit7RxyR2CWlc5kwFgE-RVOgMorTMGS4X5fe5TT8MRBfWRen5vTS5UFencgzOy1ryqTTG_Z9_xik6r5a0iJHFccbmAk6VOKKkcutzcfzjgog_t9-UAgU8ZAvqB4M0wBKje6_exH0hwbOWHQqRE94LfAXeRtEcPDjiriCS-6e7a8CeWFHfIQt3MEXEKs-E-siui-Y0OlFpo1E6Kes5td29NYGLjIcgPhN8hBaT1Y8DzgUnQj15bOTHcSDTLAzXdeHvdcpLphP_xx8YNHtH-YYq646B7owBH-sACVGImdxHLt4OKhbxvJSaSp4h0QySAIhnTvbuYSpFWVEDQvL1SLNCo3shLXQfmcvFX2AqQp4wV2toAlsgA6_71kgdtQ0B7C89-7RuRcMOXS_K-baxnIM-w2lP541zPE_bGR2a9kKS3uKhsG2ywMtrKOPvKyg2_leMzyTdGL8htEYLWzgY-HUlJ5CY8BeG96XXkVJYvD4LA0tHbbqYHOal9UaFXzPYGT9YfuyLaLRaPdXDJ4HtCZcPyTLxCn1NBSYwFNI1tmyJqjeLMspXB_izLMUJuwesqoQE3pojJ_iG3UfnC_4R8wRH4lmk3M4ZXtBoQn_AjiLmexdqf6vj2pMivf9e8GhZkRNm6AGtnQfNlnY7yZaN5btdYIhTPGsTpy-NiW3xlpRT80bXp7zSj3phihFFhxvrSbYLg2VRMFlNDpCtKHNGd3LqYGmm8P8j5cAcSVndecM4wmR7Oo2pVQLjTZhM0tUTeIX8uiXP_4gLkYrDfQ1YGJmlz0QI-i8mwvDlQVYj9ew73sFIX62wgfKqHP49Wb5kCEkRJPvvzdNHSdFuCszXFCt81Lkbllhr0uI7nCwWIQNLtqTRrdJ0HHB3NFJ0vwByb2F-8ChM5U6ewyBu5hXfXcnZk3YYCJz-5WollnAtLs2C4juAHF7CIZV46q8z0BItyFbfCK7GBHDDPeOTgU4E4ZdqXsRCZn8KmlExe4Yza5Izb5qKHgfbGaOk8o13Fygd6p-2E9PkAe4DfvFL5nRGGvTAvYZuit8gfvK1XrI1ZSehdI-dK5WFW14IaFK0QQjX5ikb740QI-iHFSZnyHj_Am6xebvgJLytQpuFXFhSSzsuaqhJDE-bhOU8atEtPNuCMZw04JiSEk6xlQa3BI6zSkjE_q4BrtBl54bEUAJZJA_KhSH3ooDB7VYPtoXMmzZ40EySy1sYbZCSgQuUUx130JprZmBgjFt9HSHhKYMjqZgLQ&cid=CAASJORo2vvEARFxzh2IpKlX7yBb9y-jG-PPSL873EcPWRfsNxt6Qw&rfl=1%2Chttps%253A%252F%252Fwww.bg3.co%252F%240
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qiang-ni-dai-pu-nan-shen-ji-lao-13sui-ke-neng-yuan-yin-pu-guang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
cafe /
Resource Hash
00386a33911d4af07ed9e5dda85bf17491c5b223328eea64f5f10dfd4f2f2cc6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 11:29:52 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17149
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame EBCF 		42 B
68 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D6DFIsQSLd7ysJWf7IpaOmIQulEOCPIKqRjQl8lbgmkzRxJ7h-eXk4l1htp6GhFwOuYSi88ImKTf8BXyZAO_Ti-4VWBnM8FAgr42qdkOGsvol2Xpw
Requested by
Host: eae788224dba35857150c6163776964a.safeframe.googlesyndication.com
URL: https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 11:29:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dvbs_src.js
cdn.doubleverify.com/ Frame EBCF 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvbs_src.js?ctx=1828362&cmp=115740&plc=4168949&sid=18330&DVP_PROG_REP=1&prr=1&DVP_DV_TT=1&DVP_DV_CT=1&DVP_PP_ID=3&DVP_PP_IMP_ID=ABAjH0hWE6741yOO4XGrzR2RSibP&DVP_DBM_1=3060631&DVP_DBM_2=11726559&DVP_DBM_3=18211405561&DVP_DBM_4=209102335&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=881479034793&turl=https://www.bg3.co/a/qiang-ni-dai-pu-nan-shen-ji-lao-13sui-ke-neng-yuan-yin-pu-guang.html&DVP_PP_BUNDLE_ID=&dvregion=0&unit=728x90
Requested by
Host: eae788224dba35857150c6163776964a.safeframe.googlesyndication.com
URL: https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.25.249.212 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-249-212.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 /
Resource Hash
b42f035c593881359488262fdaf928acd4b9e6129051810120cc361c2a9688dd

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 01 Oct 2022 11:29:52 GMT
Content-Encoding
gzip
Last-Modified
Mon, 29 Aug 2022 13:19:47 GMT
Server
Microsoft-IIS/10.0
ETag
"f128ce2aabbd81:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
1170
dvtp_src.js
cdn.doubleverify.com/ Frame EBCF 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvtp_src.js?ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&advid=3398311&adsrv=0&btreg=&btadsrv=&tagtype=&dvtagver=6.1.src&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_DV_CT=1&DVP_PP_ID=3&DVPX_PP_IMP_ID=ABAjH0hWE6741yOO4XGrzR2RSibP&DVP_DBM_1=3060631&DVP_DBM_2=11726559&DVP_DBM_3=18211405561&DVP_DBM_4=209102335&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=881479034793&turl=https://www.bg3.co/a/qiang-ni-dai-pu-nan-shen-ji-lao-13sui-ke-neng-yuan-yin-pu-guang.html&DVP_PP_BUNDLE_ID=
Requested by
Host: eae788224dba35857150c6163776964a.safeframe.googlesyndication.com
URL: https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.25.249.212 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-249-212.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 /
Resource Hash
9dc99a92f9d68c0bb47cf55e03971e0f068090465859bd483c97bf9c6fdd32e3

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 01 Oct 2022 11:29:52 GMT
Content-Encoding
gzip
Last-Modified
Mon, 19 Sep 2022 15:59:20 GMT
Server
Microsoft-IIS/10.0
ETag
"0fc3bc740ccd81:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3314
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/ Frame EBCF 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/window_focus_fy2021.js
Requested by
Host: eae788224dba35857150c6163776964a.safeframe.googlesyndication.com
URL: https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 10:26:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3803
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 15 Oct 2022 10:26:29 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/ Frame EBCF 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: eae788224dba35857150c6163776964a.safeframe.googlesyndication.com
URL: https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
cafe /
Resource Hash
86d8e892ceacd8c8a7e7125c68dd0e1b311f8399871b6d64b8b6795f0235c1d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 10:46:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2602
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7559
x-xss-protection
0
server
cafe
etag
15289875785628835784
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 15 Oct 2022 10:46:30 GMT
l
www.google.com/ads/measurement/ Frame EBCF 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ2E-b3yspuXXVAXeP55bOF3oDjqdASuOoE0iHANaTCJ1-lGdP5Gjw3etGEf5duhZXZVOtWozf5KlicDIJafwA-Fs2TAQ
Requested by
Host: eae788224dba35857150c6163776964a.safeframe.googlesyndication.com
URL: https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f105.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame EBCF 		140 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: eae788224dba35857150c6163776964a.safeframe.googlesyndication.com
URL: https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
sffe /
Resource Hash
da8438b81e390283f6eb8cc9cf49ccde3d00c954b4fbccdf6372c162c4b58ab2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 11:29:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44530
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1664365478704152"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 01 Oct 2022 11:29:52 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 6C2D 		624 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CInSVRCfg1YYu8Do0gEwAQ&v=APEucNV8E4JBj8v3hUhccqjmZA4YUP8VQwSa3uKyEXDfk7AA2LZ6ASUnrOKqpvxqJ3RhxSE1hrScLYS83z55VUmSct0lZ01_Ng
Requested by
Host: eae788224dba35857150c6163776964a.safeframe.googlesyndication.com
URL: https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
276
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 01 Oct 2022 11:29:52 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 87CF 		80 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BYvT2TQYzFUjMjU7SLmWjbugEJX8BCkMRGUkJmwHfsqrLRLZCWI3qPG0nPd8xVKeFR54iCVaIPuOMLplCSV4rxwvL8xMajG7Nd5C6hhyPCpuwElsCHClMH-AZEvNAY2Z66Z9HGVJqlYbBCK7XxkAik0pBd_ekrbwwvn2gdZDGBxN4tVtw&dbm_d=AKAmf-DRh9-x-nM1Vw6at3cjdVUAAMJXwivKRsiiZVFlYud_mtSWHdgtU6VA3WL8Hcr7RfZrLSiylZ53UJEDzbuuI3paNb9lYdp9BS4aRJ888d-g-v3JSXrF-MKjiSKPH_MT2uZCAxOsPb0oVEIWoE495O7sn7ctEobYsO8afTE1gmCfSe2Af_HSNexUsPYvT4O1xIA0wpg7uUhQwBbiroXqAQ4VN6U7FyTdJCF98FOGI6jCubkDsMOYKQj9PEAsFnFeFti9DfnP5wUv9nzoOMKSoWhxrza0Jplbge7AjI_iJFK2VI2GenvDuWlCo844zuKFuC0KlkCXCn_ZBI01J8lSCHyk7DazIMbCY_O_9ZbuvrFQbogQlMNsK6RLH-k-JAhvKYjjeayeoZhtKs4sDcyY4THSfwPfxjLGQ4sVb_rPuJXcOvoUZqI11X7oo2UVuhyijXWc44T1z98wUOaONf-M9zvyWHZqLNl-OhxbCfDoy8k1QAt4McBrxXWTUb-ix2VVPcd5F2CtKOYHVnwcHv-cfk2lcrq9iE0P071MeKXv0FFEd_rFxxeSb818GwsmtaOQW3tvOq-P0Pi2nsp9HZRDOJAQtLgCy1XvI3pvNHlOEKLduxEw5ev_MT-KMgEvI0tlhJzHGL5V9_YYqicFt6yKnu4VRxqnl_mTTb_A1zhemE22Jt18XA3Y998Z1l24kdYIkmYXeR9XWeo5W6J40k4jK2wuNFVmdsAyXYq91z1FfE95RmJSJkKaOD3y5nazhf-j9PB4RL3VlGgW_-i1r6ntf54aZ4hehHn6PueqNFyV7IasdEqI3IGkM0XqK869JcbUtlMlsoCyznGvXQF-h4Esbed4BCKO6krq7H2dBG7nt-3CI5hSxHneM_qn-wpzlIuipLQoLB3_sZQsHMDYcy3GWxEuWWR8VsHRfTqIGCq9Oo5pQfqZYdx8oSuORFuaPk4T1Fjz-4qe5YZCAQZkBOUSt1arjrSmt5aO670v7ROBD-c2AubS91CUF_zT95SvDeVcwH1IScPLhQ4vMTADfm5Uy_O409EceIriKsKNMae2gcFMvx56716qbTIpd3C0kVmsvVxB0sYPFBO9ujh4ZM9g7ZOsjRND3hswiLxFPNfX65cBGuTR20R1YL2p2BJgczGEGzB6X5ENmZiwwZA9a3g1Hs9axBwQo0kWBIzwfb03WSqxrvI3TPigrxxmiGN_m-cnVwuIALsqVYLSYZsGSm6wjAmn0muwBoHPnvuE6SV598-R7GCFRmTtifR4GmlTD0DVGAP_yuyGXBt_4V1_xbbLsVo_dOJkKK-hpKBNmMjPGKKJPyuTW4h6s8zOJNTKJVetTPOgnTIBmUuEZbPsvzEtLuh1JvjZVjRG4BMrqYC4iOUIUNXGT8dG-jLa6LkLgMobVZz1y1L2XuZNaaORyamaUyrdGNLsefv8afLaE2j8x2c5I3RSxybl0rAhNiugNhRvv5J96sFfcnFbjwZPMMfie_DsJh5S55ORA0pFEDk1XchPT1CvuSDuLrSqmincfjyp4LoR-bPFaeeCzz_QB277quin_noEYbDlPyBGZJF2428NhkA1uOiOis3ngvnBz_zFVb64g6FlkvGmMkgqhMy5x1Lp4ZBB7kjClD6jQbxSYJShpR6xrQMocawEsMevWDn3Ghxha3ZzcbmppA_Q-lgGHMMzeVuaI4watQwCzsPSmpb3UCfQe0rEMrEYem6gNkI3o--Nrdi90cq7NocDe0xasJlJxpgdKujVazciTYdjQcV9sPP17RRHBx681YDn949dQAKxxjNeKQaSWx8dlK7Mewn4RtbpY_K_GVLqXd9c-KPltoaj1UHtmN0Jkpz7KqPLVDlWQYHY5ksOdTjUWtASimhMem27R2nZaDwpBHHp0S6M--hlQdfM1AtVTQMY3kfochlxKJXhgVUsTkjGBRuq9ZZh0vc2sY1krg9goCkIRY9ct78n4v-vsMQjJdJsP7RMyZPFZ6Et3nHdpmChbwRslk7ogqvaWYQ2oBo145nOumSYOcvsdf7NOtoLPVSMj_jaUUWYLxno730XOyV4CuFL7eNdRCr-H3xSG32JaYknphjv5LEPkZONJIKyjRIbbe8xXG9prk47_YQ10ZRUPTZkeFlGTUpr0JQfZsUMO2vD-2GYAYPDNLLo1A9JXTL4Btv7XD3osvuMBkHFXOnL2P8FxQc65F23eeQF5ga0Opc-Iw2Wqi9r1lbLwJwEJKXGEcYnWQ8cS2xlb5hAOyGP2Kd9Jutv4SZMqx2c-yk8tDvVHPEyqYvNohk3CRXzyVTRXwRBSxYXRLYZEKcyTNVYjhflcLy55DsAXHVrmqj9W1TZ4CKrquJQGGnyDidKWi7uY-bXE_3u7A3M3ijY17hfo0oW92HxDQP4NEC4ZilWJREPM760P_igiKmTYOjuUwu8Ja-9jg9NHHzu0RvTaLRLOcT5oo-aodkhw3G2OWPbOpgcsyaKvGJsoH9gx5ewVMirlgkLbZNp-tX2IaJ-cw6KOdM9MQCUbS7QXUj8kS7Qwz6EqTblB2L9-gOFQM6v4AKF6dFtikEJom5BXyzjZXYxeii9vyDFzncscQFv8bH97a0USCQPo-ShV4Z-1nhmyoVXDMpe8SrsQv7QIHDJ2aD-NJMjwz8tRXyo--20jfG603O9sLaex_7qwqjbnSBu-WT3JU2QHLACeAz8KuD5bBXDN5wb2ITkjYMHqqUW0XSOjh3xf8xGfJP2QhGDNlwPDGwhlnZdAQIqHOM7VwnCgVO5kshWuDGuG3-HrRlY-c-DR9KNLCzPw2fs9EX5zPVIgzQCTjqpBEl__EILzIxQ6qSV2FxbtA1Swkas0r6qwRfUGpAqZrBIO3MLEYqj5xKoK3GOmycEys8tXFvIjuK9sJzIGXV7kWmHzHvVBsQddCQrc3GWpJ-xc_hga_p1E2FVKgBSNoPcnguwIp0MUHf6wFlMkC5sDHbPn8Q_usfTvSV5rS_YEF2_ug3wj6YxyNs5IJz4ydXXbvbM-uxvzh1lQnOiWhMB_pcxJkeBPIbb-20QjMyXeCWo8wyydbxPnrVOdfIErvGUR4lTiLEPmJcNcjax-qxFH9tI8iIycS2ZF4i3O1XXmp0aUVNmV5PIuwcRLjd37Yf8w2YkCk1xgzQZR6c38xpJptsktrkhvbDKOuI3ZTIdGIHh9exYzhnXl4aVcne2QAcCFXNGwJsALWahe4ULXeEL-zBFKBasJr1Nj5fEQzcGSI2O9-KEAtDNTLsaKkMglsS_84-D6Trn6HY1S8R4KMgpTeAnCkMrfCLBBMGdCzUdtA0zHAep422Qu47ktwVnYehoYdM2mwl9P31ZxEX-L9Mz9lSlpSG1c6bQhLIkkNNX7lLkrpgmLL5zgsI0J19GMO-4m9yRpAwj&cid=CAASJORoCCybkWVWDY_jmweXhTgjYuonvaCJLchaE_SNBFmTPtlZJw&rfl=1%2Chttps%253A%252F%252Fwww.bg3.co%252F%240
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qiang-ni-dai-pu-nan-shen-ji-lao-13sui-ke-neng-yuan-yin-pu-guang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
cafe /
Resource Hash
cb320cee1570ac7bbadd0ae6117f046aeb5ceae569a71716b8c50131455c701d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 11:29:52 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34646
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 87CF 		42 B
68 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-C-G4Qw-0xrardf4TthPhz07xCFE9qOLDBuzF3MCHethLDD0dFEcGLR7QR8xzBDZcTk_svCqXO8CojZZFUZj_DkvKdvuznDcwyggydB9nozcPtN95Y
Requested by
Host: eae788224dba35857150c6163776964a.safeframe.googlesyndication.com
URL: https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 11:29:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/ Frame 87CF 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/window_focus_fy2021.js
Requested by
Host: eae788224dba35857150c6163776964a.safeframe.googlesyndication.com
URL: https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 10:26:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3803
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 15 Oct 2022 10:26:29 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/ Frame 87CF 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: eae788224dba35857150c6163776964a.safeframe.googlesyndication.com
URL: https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
cafe /
Resource Hash
86d8e892ceacd8c8a7e7125c68dd0e1b311f8399871b6d64b8b6795f0235c1d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 10:46:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2602
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7559
x-xss-protection
0
server
cafe
etag
15289875785628835784
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 15 Oct 2022 10:46:30 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 87CF 		140 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: eae788224dba35857150c6163776964a.safeframe.googlesyndication.com
URL: https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
sffe /
Resource Hash
da8438b81e390283f6eb8cc9cf49ccde3d00c954b4fbccdf6372c162c4b58ab2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 11:29:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44530
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1664365478704152"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 01 Oct 2022 11:29:52 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 478C 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220928&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209280101/show_ads_impl_fy2021.js?bust=31070061
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
28cb66b28620e11248fe5f9136a9a7d27bc42996d07b46af72c29284aa9e6e26
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 11:29:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11331
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 80EF 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220928&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209260101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
e6bf39944e3e29b92c35505da881c01d92f105ad961aa372b00ba8bfbb9d9df7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 11:29:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11113
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 71E3 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209260101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 11:29:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 01 Oct 2022 11:29:52 GMT
rum
dsum-sec.casalemedia.com/ Frame 1A46
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHMPl3ESPOvvC9AA1czHJHU&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHMPl3ESPOvvC9AA1czHJHU&google_cver=1&C=1
43 B
844 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHMPl3ESPOvvC9AA1czHJHU&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARjn4NpjMAE&v=APEucNXKAPqBNWkUZDRChUhtV8oAx4reGcHfsOr0CTXak-EAAArHcso7DWh7II31ddZDVKsDkkxwV7j58lexjNlEA8weUH8lRQ
Protocol
H3
Server
104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 11:29:53 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vFsfIgaA7AFwHgYtv%2FzGvTHho7V9kZ9XB3YG%2FwfUVkIHBLts6ywxx0pajFm1PPDmEawvChIAUboklJJQlrcydd%2FoUwa2SyDjNb3zXjOVdyRDZkSpFgxSoUjTK9ux1vQlyDhXVWaT6jm3QA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
7534dcf2d818aad1-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 01 Oct 2022 11:29:52 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hf3GBmwKzFILKEFoBcStN0GHSZJp4UB6%2FHhzRo3cpugmmcyk7l7oJ5aF4RvVs70PM9tfJO17%2BiZs32aBrt8DCyzzbEkyTbcSX%2FRIujWiz4E9q%2BnD%2F5x%2BOr32HazjamlKBJSn3WSbV4m60A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
/rum?cm_dsp_id=45&external_user_id=CAESEHMPl3ESPOvvC9AA1czHJHU&google_cver=1&C=1
cache-control
no-cache
cf-ray
7534dcf0ccc4ab02-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
rum
dsum-sec.casalemedia.com/ Frame 1A46
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YzgksIzwkGH2s7rQXrj5agAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHMPl3ESPOvvC9AA1czHJHU&google_cver=1
43 B
844 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHMPl3ESPOvvC9AA1czHJHU&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARjn4NpjMAE&v=APEucNXKAPqBNWkUZDRChUhtV8oAx4reGcHfsOr0CTXak-EAAArHcso7DWh7II31ddZDVKsDkkxwV7j58lexjNlEA8weUH8lRQ
Protocol
H3
Server
104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 11:29:53 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j0Lf3slZN3yV%2BkEC99NOk1gQGPW7nnfluTjWB%2BNIsbiAfpQzCR85zHH4JOhYCBhaBxCWaM31LTmWP8aCZLCQSVkKfWW%2BWiqzSeN88FTTthWNoW16xpRdSDg4Z9npdhy4LVjbsaYNS%2F0v3w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
7534dcf62c0baad1-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 01 Oct 2022 11:29:53 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHMPl3ESPOvvC9AA1czHJHU&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 1A46
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEGyAyf5Tkgqn-rDQ4tYEVkw&google_cver=1
43 B
1020 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEGyAyf5Tkgqn-rDQ4tYEVkw&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARjn4NpjMAE&v=APEucNXKAPqBNWkUZDRChUhtV8oAx4reGcHfsOr0CTXak-EAAArHcso7DWh7II31ddZDVKsDkkxwV7j58lexjNlEA8weUH8lRQ
Protocol
HTTP/1.1
Server
104.254.151.36 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
897.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 01 Oct 2022 11:29:52 GMT
AN-X-Request-Uuid
0fc5ef3c-f00b-4212-ac8c-276959b98958
Server
nginx/1.21.3
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
173.245.209.111; 173.245.209.111; 897.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 01 Oct 2022 11:29:52 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEGyAyf5Tkgqn-rDQ4tYEVkw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 1A46
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjA3MjY0ODM2Njc3OTY2ODQyNA%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjA3MjY0ODM2Njc3OTY2ODQyNA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARjn4NpjMAE&v=APEucNXKAPqBNWkUZDRChUhtV8oAx4reGcHfsOr0CTXak-EAAArHcso7DWh7II31ddZDVKsDkkxwV7j58lexjNlEA8weUH8lRQ
Protocol
H3
Server
172.253.118.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 11:29:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 01 Oct 2022 11:29:52 GMT
AN-X-Request-Uuid
195a7b67-56f3-42ca-8ea5-da9184132141
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjA3MjY0ODM2Njc3OTY2ODQyNA%3D%3D
Connection
keep-alive
X-Proxy-Origin
173.245.209.111; 173.245.209.111; 897.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 0282 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209270101/show_ads_impl_fy2021.js?bust=31070009
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 11:29:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 01 Oct 2022 11:29:52 GMT
rum
dsum-sec.casalemedia.com/ Frame DAC2
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHMPl3ESPOvvC9AA1czHJHU&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHMPl3ESPOvvC9AA1czHJHU&google_cver=1&C=1
43 B
840 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHMPl3ESPOvvC9AA1czHJHU&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARj_y9pjMAE&v=APEucNV_bZQLADRy9PCzx2GNNTWkABw6QV7p-kXaIsGYuQ1BBq_-2mDpeWGuHEzhk1_EngXjpCRlQ-uc91G8hJVCVmx2jdXKXQ
Protocol
H3
Server
104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 11:29:53 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jrs80onObUzfyhtRP9J17tQ5gLknQKFVAtI4D6zXELgMssHueTSdYtQc1nE2%2F6Mz1jDGlIVVeaa9M%2BsHTXA1hHsrq3fL2TewL52YD2UEdlKGb8f%2BkGnW3O4K931CCqNCxDUvPrRpWDA9cw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
7534dcf2d816aad1-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 01 Oct 2022 11:29:52 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jTXyw1hpuYbmxoDDBEiEsDsG8rBpxTRTpyHBQb1sD0dfJnsWuZ9NqKdjmBN0QjXTh6zAwG%2BlDp2fWBKAlN2Py4rJlisz8RKt7BZqok6IJDstCqWO3nIbd5BmJASPfkoEALf%2BK6xjOkq33g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
/rum?cm_dsp_id=45&external_user_id=CAESEHMPl3ESPOvvC9AA1czHJHU&google_cver=1&C=1
cache-control
no-cache
cf-ray
7534dcf0ccc2ab02-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
rum
dsum-sec.casalemedia.com/ Frame DAC2
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YzgksJf-f6GROLXxlAQIfQAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHMPl3ESPOvvC9AA1czHJHU&google_cver=1
43 B
847 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHMPl3ESPOvvC9AA1czHJHU&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARj_y9pjMAE&v=APEucNV_bZQLADRy9PCzx2GNNTWkABw6QV7p-kXaIsGYuQ1BBq_-2mDpeWGuHEzhk1_EngXjpCRlQ-uc91G8hJVCVmx2jdXKXQ
Protocol
H3
Server
104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 11:29:53 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1l4arb6duu4OlykMfjL4E%2Bh2u9nSFgHNM1EDrISd33G12ffa2Xj8IH0%2FDY%2BU5Hp%2BhTeH4Thm1I%2BW6Jpy%2BLYMdDjNsmOlGRFidYmmKQy3ZbVF3WxLR%2FHtops9XKTMPn3Z0petzoVwSyb3Ww%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
7534dcf62c08aad1-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 01 Oct 2022 11:29:53 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHMPl3ESPOvvC9AA1czHJHU&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame DAC2
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEGyAyf5Tkgqn-rDQ4tYEVkw&google_cver=1
43 B
1020 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEGyAyf5Tkgqn-rDQ4tYEVkw&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARj_y9pjMAE&v=APEucNV_bZQLADRy9PCzx2GNNTWkABw6QV7p-kXaIsGYuQ1BBq_-2mDpeWGuHEzhk1_EngXjpCRlQ-uc91G8hJVCVmx2jdXKXQ
Protocol
HTTP/1.1
Server
104.254.151.36 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
897.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 01 Oct 2022 11:29:53 GMT
AN-X-Request-Uuid
daa10279-406e-4442-b4bf-16a8450289c8
Server
nginx/1.21.3
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
173.245.209.111; 173.245.209.111; 897.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 01 Oct 2022 11:29:52 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEGyAyf5Tkgqn-rDQ4tYEVkw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame DAC2
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjA3MjY0ODM2Njc3OTY2ODQyNA%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjA3MjY0ODM2Njc3OTY2ODQyNA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARj_y9pjMAE&v=APEucNV_bZQLADRy9PCzx2GNNTWkABw6QV7p-kXaIsGYuQ1BBq_-2mDpeWGuHEzhk1_EngXjpCRlQ-uc91G8hJVCVmx2jdXKXQ
Protocol
H3
Server
172.253.118.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 11:29:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 01 Oct 2022 11:29:52 GMT
AN-X-Request-Uuid
7a757b56-ea4a-4f6d-b312-64c03222f7a7
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjA3MjY0ODM2Njc3OTY2ODQyNA%3D%3D
Connection
keep-alive
X-Proxy-Origin
173.245.209.111; 173.245.209.111; 897.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 6C2D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHMPl3ESPOvvC9AA1czHJHU&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHMPl3ESPOvvC9AA1czHJHU&google_cver=1&C=1
43 B
844 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHMPl3ESPOvvC9AA1czHJHU&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CInSVRCfg1YYu8Do0gEwAQ&v=APEucNV8E4JBj8v3hUhccqjmZA4YUP8VQwSa3uKyEXDfk7AA2LZ6ASUnrOKqpvxqJ3RhxSE1hrScLYS83z55VUmSct0lZ01_Ng
Protocol
H3
Server
104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 11:29:53 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5Goh8yMq9tLwCsC620%2FOGg7rMgRdMfOty3Ra4owjGKN2fODEZUtNraxlubn6VBGjDNCl5075R%2BE%2Fli41U1arI2t9Ql%2BzHmsscNhADcWnTt76EFub8irfpabVnGrIF%2BjRTKuFiQXfOlW3CQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
7534dcf2d81eaad1-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 01 Oct 2022 11:29:52 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HFqBQp2gpuYppoEP2dEMxybxoPWwfEegoMOVdTkCsLLd0LLuPoW23kGhzsspt6oLp14WjrDd6N5w59St%2Bcgm89Cs5iG2LXqhq0vIVXOTOaAbxMbwNAd1bsfxl0h5pHlpD7aFxD9%2FkLOR7w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
/rum?cm_dsp_id=45&external_user_id=CAESEHMPl3ESPOvvC9AA1czHJHU&google_cver=1&C=1
cache-control
no-cache
cf-ray
7534dcf0ccc1ab02-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
rum
dsum-sec.casalemedia.com/ Frame 6C2D
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YzgksDGKQvl0d4Ldvmh0JwAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHMPl3ESPOvvC9AA1czHJHU&google_cver=1
43 B
852 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHMPl3ESPOvvC9AA1czHJHU&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CInSVRCfg1YYu8Do0gEwAQ&v=APEucNV8E4JBj8v3hUhccqjmZA4YUP8VQwSa3uKyEXDfk7AA2LZ6ASUnrOKqpvxqJ3RhxSE1hrScLYS83z55VUmSct0lZ01_Ng
Protocol
H3
Server
104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 11:29:53 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FWwTNpkE6zU6J4Y4%2BCdhYfsyw9vmO0gL32MtzS%2FEO144xu%2FEaxXPhG3WLE458cB25Bc7fGva0%2F80%2BETvNWfd%2BJD9M2WoYey3CJLA3U%2Bp%2BFf60Er8AnAeHNQMAOW7j%2B4IN6JXRDf7jZ6kKA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
7534dcf62c09aad1-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 01 Oct 2022 11:29:53 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHMPl3ESPOvvC9AA1czHJHU&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 6C2D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEGyAyf5Tkgqn-rDQ4tYEVkw&google_cver=1
43 B
1020 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEGyAyf5Tkgqn-rDQ4tYEVkw&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CInSVRCfg1YYu8Do0gEwAQ&v=APEucNV8E4JBj8v3hUhccqjmZA4YUP8VQwSa3uKyEXDfk7AA2LZ6ASUnrOKqpvxqJ3RhxSE1hrScLYS83z55VUmSct0lZ01_Ng
Protocol
HTTP/1.1
Server
104.254.151.36 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
897.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 01 Oct 2022 11:29:53 GMT
AN-X-Request-Uuid
9b893b44-1a48-45bd-875f-5fd0cc219a95
Server
nginx/1.21.3
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
173.245.209.111; 173.245.209.111; 897.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 01 Oct 2022 11:29:52 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEGyAyf5Tkgqn-rDQ4tYEVkw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 6C2D
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjA3MjY0ODM2Njc3OTY2ODQyNA%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjA3MjY0ODM2Njc3OTY2ODQyNA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CInSVRCfg1YYu8Do0gEwAQ&v=APEucNV8E4JBj8v3hUhccqjmZA4YUP8VQwSa3uKyEXDfk7AA2LZ6ASUnrOKqpvxqJ3RhxSE1hrScLYS83z55VUmSct0lZ01_Ng
Protocol
H3
Server
172.253.118.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 11:29:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 01 Oct 2022 11:29:52 GMT
AN-X-Request-Uuid
4fda8661-062f-40c3-bdc7-bbaca164a658
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjA3MjY0ODM2Njc3OTY2ODQyNA%3D%3D
Connection
keep-alive
X-Proxy-Origin
173.245.209.111; 173.245.209.111; 897.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220928/r20110914/ Frame 3777 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220928/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BpTdzf3Emi6FV3a-92r4KbqNMOuGpaX-Vy3sd9e7FfHImJo4Qg5TYr0yqKAVnrVw5WSotGjqr5LSUiVYcDQ8gP-oESforeMOj7RXgIBsGJ5t8MQK6UoU2M6XKveRzwQJFlStcLiezrdXY2-HQYL3lN37vot7krdFglthQ0GLz7sR_s3SY&cry=1&dbm_d=AKAmf-BfdSjNV9VI2XWl9ZkUZYJNs73qdGXOD_hA8rKZCPs3pJ2XkIZ16ABIFJ-f18aKn4BTw1gvxMuWzEfFyXrFegcZfatF43LYog4N51jbWJ3rGDPpoMBmhq04Tr_ofTX7JrJraPQ8_AWoWjmS-onDTf0DCdPmljBKUZOp9KmoGxf9Nld9nTNV46LV907wpS0WLRSzttUzePJlCpz6UwqwzIZwPuOkB4GclWcRoLlDj7KeBtdh7hJrH1aa-M6xR_qdiG3_0xuz7gCtXrmGdythjdytYlsF-ZKZkS7EJbvshZgnNDpE5zVuqTRuepSC634dIqj-mJHywzS0SrZGmwzvQUOMzs7-xAycZL0jef1jJ22qxcDMrY7sKLNCcYYRY4bASxEMgxGEdRLXav9oI7OxrKUjsMB9-I93Xc08ZwqapCtoxGupCNFFlHr7_eNDClXfYbO5QxO31aQRQvbZFKPh1cO8r0CoZLwJj-YP_wPKuDgzPJ3j05-1R0S3bqzHA1ndiVj9z_AEi25FVzeiKZQBOB7PBu7EG_BxbD9fDRetWjZiF60_qFUkOtSCMpTpsvld8ByS03PhXtJFiSqKdCUfkaIh26d6fdAVNDfOBrzEt1_-T6l95tCO0cXqneP21r6zwwb1iKVth05-L46LVYFZ5wyrMb5GdcEkO8ClWc-wiwqDhW4QtLgZwCQd4EshdTvkGOX_nwfVSQBuhYnPXxQijL3XOXct0Xge3IhQIWW8p7Yl9y3aI97lQnLlZXBcM20bH4ppvflSGAlAZerlY0iAVURu9fs6S48k2PqSJ7oVjfDJYa_jswW2U1ZjSzGwrUSaRRU9ocFaJMypLOQLxxDM7fhw_SA3VlvPrvR79gzWhHRHlHNKy9AjTU3YOYRw7GQNPsLNhvlk0hXjWnKkLF6-XUoBknmYhZVUcw3pbPjZ2h0Bwha7PJeCdcKdUkBZlh5JViJr_-WShB4HtYVfTwdISCLVNeniR_dFajPVlOv9ZwprQ_xR-5egkhTOJAjSKK_8ENTEBLJwhDFwLwlfEYBC3EgiZN3G-qJDjGusw2unTvCN4HRIlTx9VbJU2VBcYuxUnR2vEXWifXgwywfamoKk0NHKxR5we7EIumD9XbS5GlNXt1z4AiY2udobaBrxKnfRo6yAGa3S_L9cIQcLA7wGd8ZNxYj5lUYSiq8_EiZ3_1W-YGyYjwGPIE_e_DNeiU6SkoGKAOIiBkjxZjka1kQqvupPwpuHEqfli0t7fZvg7OHKNBQ3nNtISi6QJYRa-cU_uOV7tudMPXRvGOnmvf2CysJmXD-Vxk8qiuOYSonR_KtcBSAf_Lxi4UR05XhYDBtnqVxUalnLXaR-WxVVkJTD9LyhzHcUdhHLh_iX63WeaTq1O87mE3czEO6mpH6ooPde95NrobvjnVGw4sGmzTcR4GT_A2ir6NnRYnPlqpcS0nenJjwGJgtstxbn3I3hCwJVC5kBA9RBW_5WzHDrHVe9e0Xbs6gd6JTnAS4ecc289YfCwgYj1x6zJ0jeEz21Gx2OpyPUYt9tVEnza_SHTonJwUGytn4YLQov8XhAIKkoNSENZSvmLA6Oc5a7L3R1Sr_hEZlCHGEFxPhTJxlOYHhXZJtOGXxQlLBwcsndRoxGwMDywV5tZJdvb3Qf6x2BBx-Br-edZb8_kyO7D9vfaGC-JL_ZQNU2IalfbGjKjLU9Yxk07i4qBtDdK6EWHSm4oVpkHVpkJ5JeTjMberHxR22gwSnj1cDG7-teV_qbEcarS-btrd8YM2RzCXXGn2BU4bvY09M28Wrixu65HhGvTIEIG0BnFv9NjKI-Wbf0rLuhyjxmTb8cw9r8l_O5D3H_J9zw1ezfL0hU0kleCurJY9wixEtWMjtXKJXskiTdLBMkxaIchINW6oO1xVEc7xI8zRY0Q_0fNO1JONHQZcwNx57Bfb2Tzna6snFmPnHF32L5lFvJYGafk4F5nXpl7fCNjrITEX7XAZv16p8nfOmK5EeekvjBxGAphOaO3IXrLb7gXjwWbzoLTUeWUW_HepsZfKgcfJye2-xRplFgNl-wGe4xEyGUXgNZkXFsBDVEgT2DyNDBhGhWyxPzf31wTqHRAFKm-omQf9gWPKarkv8PYedE-4ble0L6v8F99nK_BYb7S0moXmPw96khbWWVBS67iiN379Ir5h2YXNRk3s7VBGVoQYCVRB72UTmCSY1jziR7hh_gYR2jDC2Wb1rXkfnf5jAWS5nm4cT1asO2LYjQfU8kUpZjipYV__F8tkAy9a6OxU46thhPyTw27c78NIDej--wnOnVol_Mhp087-fz3Pl2lmArCXoYjxamOYOgG5vvnT5syCYcY6vu581lcM8919ZJOrEr3PLZMAhVP7yfl6ZSFkwCYRB-EoDemPwHWpO1wQJdejt4BsrrT0Y6HTrYThAm8eh-9Zw7vJ84aWoXmzTrUqY5P8uKeTVUXcISFwW-gkV8pYdmd7KR449imYuFsIgab8nVxUQ8-ut1vVC1Ol3VChLLjbJMbo8ABm4pMEX6woO_D2zb9gNApYpez85FKK-vn2N4bn1nLtXpV_zRH7gRKJbge3XjaHwnyjpVp52lgjit5Vlv2i2_khXw-VHA9LUEWN4s-omx6l2rAI1axB5NPIx9RuA_nDy7kPbM8YVgOpUIwEc_A2PTffFPPUWhDiXeVr42-v0Qe7cuctEb2SQq4XaZyzAixsy38wCUxD4kdHwYQj58dmgjHLj8vsWBjl5_UeqpKpYq-eAPcNTOF2h5s-wS9_9OYFdcS2ibIVR9wP5iO-gFF9jRSL7jXKiEpWfThaWni66qWQA8pmDCh84sMZgUZ8mugaquTzXui9pGAhT6U859ptuPP8EUKXFu-73iPjYflkygs1ut8NbAbN8Z_JqslUHfEwAbSXpPJingXBvyS-BcSDt8hpth5mSXzY-XS3Gv2pi3JZCRYFBzkP1idCzo7rc3gJwEoRbP6aO7Kmj-xpk1Xy7npI5PVdV3E64mxdV8qlbUJalsUiRdQh1Xmh09AusBWHHriVyRVYb9FSXIMSEHWMR1UYKl1VqabHOXxgIM1XucrMOwyAXuHJqfjUVSFhTKGj1gIm5eHURc6fsy7Rs4hBlZOM3UAKSUrvc5kSqqPMmRzfC2FIER-SVrXzmTvhawUzqquxMUP0EQoiqipBk2aCNrytq7oatin3Qf07TdG5Sezv6EpgcxC6hzCXmWYvBK0NxcMZ3ts3r6CWGB-gIMcnqKc9UzoK5muesapunc2GstsTeFTd-75bsl9ULVDuqac6S04qDTB1W8NTf4JEdC9avutKcOF1NB4Q77ZNudHnqZDcK1JQdAIlDvLUJGfm0bpKKGxxEFxdyxa3ruOM0T5_HuEm_v7M4bCN8cauhKyIh1mTLC_9o_gQJMqg1lUXN60EyGUtIK7FZlEV5IBK1_1Dr0fHPIe4xqwoqWvvRaryTaieCtm0QadJBYR5bROW_5lg4IaqJNA29onKc8pujRrDMDwqaQqCcCedZ_TG6dIqmnZXols6mq7x7W1cqTfz0njEzNs7WCP6H5e6vwjjSGmRAh4d7dHOTdhrX9DiLEdyCgJKVfNKINZbQLeWFjbYLzVw&cid=CAASJORoezEmzU__Q_BapaF2bckNt-i_wx5DzL2f1eGIkuS-gBfLjg&rfl=1%2Chttps%253A%252F%252Fwww.bg3.co%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
f03f34a896200ac3d36794a86a5b23d054f1982d05740b454078c8526a33b631
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 11:18:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
698
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11727
x-xss-protection
0
server
cafe
etag
4188671789125589074
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 15 Oct 2022 11:18:14 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 3777 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BpTdzf3Emi6FV3a-92r4KbqNMOuGpaX-Vy3sd9e7FfHImJo4Qg5TYr0yqKAVnrVw5WSotGjqr5LSUiVYcDQ8gP-oESforeMOj7RXgIBsGJ5t8MQK6UoU2M6XKveRzwQJFlStcLiezrdXY2-HQYL3lN37vot7krdFglthQ0GLz7sR_s3SY&cry=1&dbm_d=AKAmf-BfdSjNV9VI2XWl9ZkUZYJNs73qdGXOD_hA8rKZCPs3pJ2XkIZ16ABIFJ-f18aKn4BTw1gvxMuWzEfFyXrFegcZfatF43LYog4N51jbWJ3rGDPpoMBmhq04Tr_ofTX7JrJraPQ8_AWoWjmS-onDTf0DCdPmljBKUZOp9KmoGxf9Nld9nTNV46LV907wpS0WLRSzttUzePJlCpz6UwqwzIZwPuOkB4GclWcRoLlDj7KeBtdh7hJrH1aa-M6xR_qdiG3_0xuz7gCtXrmGdythjdytYlsF-ZKZkS7EJbvshZgnNDpE5zVuqTRuepSC634dIqj-mJHywzS0SrZGmwzvQUOMzs7-xAycZL0jef1jJ22qxcDMrY7sKLNCcYYRY4bASxEMgxGEdRLXav9oI7OxrKUjsMB9-I93Xc08ZwqapCtoxGupCNFFlHr7_eNDClXfYbO5QxO31aQRQvbZFKPh1cO8r0CoZLwJj-YP_wPKuDgzPJ3j05-1R0S3bqzHA1ndiVj9z_AEi25FVzeiKZQBOB7PBu7EG_BxbD9fDRetWjZiF60_qFUkOtSCMpTpsvld8ByS03PhXtJFiSqKdCUfkaIh26d6fdAVNDfOBrzEt1_-T6l95tCO0cXqneP21r6zwwb1iKVth05-L46LVYFZ5wyrMb5GdcEkO8ClWc-wiwqDhW4QtLgZwCQd4EshdTvkGOX_nwfVSQBuhYnPXxQijL3XOXct0Xge3IhQIWW8p7Yl9y3aI97lQnLlZXBcM20bH4ppvflSGAlAZerlY0iAVURu9fs6S48k2PqSJ7oVjfDJYa_jswW2U1ZjSzGwrUSaRRU9ocFaJMypLOQLxxDM7fhw_SA3VlvPrvR79gzWhHRHlHNKy9AjTU3YOYRw7GQNPsLNhvlk0hXjWnKkLF6-XUoBknmYhZVUcw3pbPjZ2h0Bwha7PJeCdcKdUkBZlh5JViJr_-WShB4HtYVfTwdISCLVNeniR_dFajPVlOv9ZwprQ_xR-5egkhTOJAjSKK_8ENTEBLJwhDFwLwlfEYBC3EgiZN3G-qJDjGusw2unTvCN4HRIlTx9VbJU2VBcYuxUnR2vEXWifXgwywfamoKk0NHKxR5we7EIumD9XbS5GlNXt1z4AiY2udobaBrxKnfRo6yAGa3S_L9cIQcLA7wGd8ZNxYj5lUYSiq8_EiZ3_1W-YGyYjwGPIE_e_DNeiU6SkoGKAOIiBkjxZjka1kQqvupPwpuHEqfli0t7fZvg7OHKNBQ3nNtISi6QJYRa-cU_uOV7tudMPXRvGOnmvf2CysJmXD-Vxk8qiuOYSonR_KtcBSAf_Lxi4UR05XhYDBtnqVxUalnLXaR-WxVVkJTD9LyhzHcUdhHLh_iX63WeaTq1O87mE3czEO6mpH6ooPde95NrobvjnVGw4sGmzTcR4GT_A2ir6NnRYnPlqpcS0nenJjwGJgtstxbn3I3hCwJVC5kBA9RBW_5WzHDrHVe9e0Xbs6gd6JTnAS4ecc289YfCwgYj1x6zJ0jeEz21Gx2OpyPUYt9tVEnza_SHTonJwUGytn4YLQov8XhAIKkoNSENZSvmLA6Oc5a7L3R1Sr_hEZlCHGEFxPhTJxlOYHhXZJtOGXxQlLBwcsndRoxGwMDywV5tZJdvb3Qf6x2BBx-Br-edZb8_kyO7D9vfaGC-JL_ZQNU2IalfbGjKjLU9Yxk07i4qBtDdK6EWHSm4oVpkHVpkJ5JeTjMberHxR22gwSnj1cDG7-teV_qbEcarS-btrd8YM2RzCXXGn2BU4bvY09M28Wrixu65HhGvTIEIG0BnFv9NjKI-Wbf0rLuhyjxmTb8cw9r8l_O5D3H_J9zw1ezfL0hU0kleCurJY9wixEtWMjtXKJXskiTdLBMkxaIchINW6oO1xVEc7xI8zRY0Q_0fNO1JONHQZcwNx57Bfb2Tzna6snFmPnHF32L5lFvJYGafk4F5nXpl7fCNjrITEX7XAZv16p8nfOmK5EeekvjBxGAphOaO3IXrLb7gXjwWbzoLTUeWUW_HepsZfKgcfJye2-xRplFgNl-wGe4xEyGUXgNZkXFsBDVEgT2DyNDBhGhWyxPzf31wTqHRAFKm-omQf9gWPKarkv8PYedE-4ble0L6v8F99nK_BYb7S0moXmPw96khbWWVBS67iiN379Ir5h2YXNRk3s7VBGVoQYCVRB72UTmCSY1jziR7hh_gYR2jDC2Wb1rXkfnf5jAWS5nm4cT1asO2LYjQfU8kUpZjipYV__F8tkAy9a6OxU46thhPyTw27c78NIDej--wnOnVol_Mhp087-fz3Pl2lmArCXoYjxamOYOgG5vvnT5syCYcY6vu581lcM8919ZJOrEr3PLZMAhVP7yfl6ZSFkwCYRB-EoDemPwHWpO1wQJdejt4BsrrT0Y6HTrYThAm8eh-9Zw7vJ84aWoXmzTrUqY5P8uKeTVUXcISFwW-gkV8pYdmd7KR449imYuFsIgab8nVxUQ8-ut1vVC1Ol3VChLLjbJMbo8ABm4pMEX6woO_D2zb9gNApYpez85FKK-vn2N4bn1nLtXpV_zRH7gRKJbge3XjaHwnyjpVp52lgjit5Vlv2i2_khXw-VHA9LUEWN4s-omx6l2rAI1axB5NPIx9RuA_nDy7kPbM8YVgOpUIwEc_A2PTffFPPUWhDiXeVr42-v0Qe7cuctEb2SQq4XaZyzAixsy38wCUxD4kdHwYQj58dmgjHLj8vsWBjl5_UeqpKpYq-eAPcNTOF2h5s-wS9_9OYFdcS2ibIVR9wP5iO-gFF9jRSL7jXKiEpWfThaWni66qWQA8pmDCh84sMZgUZ8mugaquTzXui9pGAhT6U859ptuPP8EUKXFu-73iPjYflkygs1ut8NbAbN8Z_JqslUHfEwAbSXpPJingXBvyS-BcSDt8hpth5mSXzY-XS3Gv2pi3JZCRYFBzkP1idCzo7rc3gJwEoRbP6aO7Kmj-xpk1Xy7npI5PVdV3E64mxdV8qlbUJalsUiRdQh1Xmh09AusBWHHriVyRVYb9FSXIMSEHWMR1UYKl1VqabHOXxgIM1XucrMOwyAXuHJqfjUVSFhTKGj1gIm5eHURc6fsy7Rs4hBlZOM3UAKSUrvc5kSqqPMmRzfC2FIER-SVrXzmTvhawUzqquxMUP0EQoiqipBk2aCNrytq7oatin3Qf07TdG5Sezv6EpgcxC6hzCXmWYvBK0NxcMZ3ts3r6CWGB-gIMcnqKc9UzoK5muesapunc2GstsTeFTd-75bsl9ULVDuqac6S04qDTB1W8NTf4JEdC9avutKcOF1NB4Q77ZNudHnqZDcK1JQdAIlDvLUJGfm0bpKKGxxEFxdyxa3ruOM0T5_HuEm_v7M4bCN8cauhKyIh1mTLC_9o_gQJMqg1lUXN60EyGUtIK7FZlEV5IBK1_1Dr0fHPIe4xqwoqWvvRaryTaieCtm0QadJBYR5bROW_5lg4IaqJNA29onKc8pujRrDMDwqaQqCcCedZ_TG6dIqmnZXols6mq7x7W1cqTfz0njEzNs7WCP6H5e6vwjjSGmRAh4d7dHOTdhrX9DiLEdyCgJKVfNKINZbQLeWFjbYLzVw&cid=CAASJORoezEmzU__Q_BapaF2bckNt-i_wx5DzL2f1eGIkuS-gBfLjg&rfl=1%2Chttps%253A%252F%252Fwww.bg3.co%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 12:36:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
600780
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 24 Sep 2023 12:36:52 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 960C 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
278138
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 28 Sep 2022 06:14:14 GMT
expires
Thu, 28 Sep 2023 06:14:14 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 29E5 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f105.1e100.net
Software
GSE /
Resource Hash
6d842a22c232b53ec7c74bce56df579e3387709608bde51b4c1f72667821d596
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-_Ja5uqg38zud5UNRO5CWvg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-_Ja5uqg38zud5UNRO5CWvg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 01 Oct 2022 11:29:52 GMT
expires
Sat, 01 Oct 2022 11:29:52 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 478C 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209280101/show_ads_impl_fy2021.js?bust=31070061
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 11:29:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 01 Oct 2022 11:29:52 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 80EF 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209260101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 11:29:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 01 Oct 2022 11:29:52 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 0794 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
278138
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 28 Sep 2022 06:14:14 GMT
expires
Thu, 28 Sep 2023 06:14:14 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame B178 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f105.1e100.net
Software
GSE /
Resource Hash
1e4dc86604b5ed64a6a715f016c3fe788afd2b2928e39b9c0b7b85d2e3878f07
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-U-QVl8fPI2iU54vJYOqvvw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-U-QVl8fPI2iU54vJYOqvvw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 01 Oct 2022 11:29:52 GMT
expires
Sat, 01 Oct 2022 11:29:52 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220928/r20110914/ Frame EBCF 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220928/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A64saxJSdc5i0t-03ehQf06FEiBs87UNmZxNrGD9WbJpslTeB2JjAaurybl4_Pi7FTi2PTKoA2FwvpWN1SWeCiZkvzfFDnD80cr2S252EU_Z9oAFntJSt5FbSlWeEWufRypEL2DHRvjxdZvenK3LpdPwhbRYXf9bFCe0JC5mcoT-_wxx4&cry=1&dbm_d=AKAmf-CFpcNgjFf-XBPiH1dp8Two5sfuMHVL9beOh7phehanb0nqvcMjdFQAPqofoi_v2RpbvirkWEpcavGJ17V3DoNlY7lnTsjCVusqcy8IIz5kqSGDFRWSWCNDyz_efemdQL6ljcj9nvknIxyinlzyZs_csUDSzv2t5VEXL1a9s3f9db3Y38ydNqxHm_Q1mSUksZFXQOFRwv1jA6AA6PGQoSd6Am78HFx-doXkcsreaSWJ-UJqX5zNBJ_bDj41zVDIsrCMHtKsJQYY4ql0YbgQfN1gzj-MNjynmdcD2Qz7hOieVwMZQ5u42wSwjbQWwIi63xgYDfxe-rLSJCnvrZNX1HZsq0pytfqUiLugoX5qeLUFrhrCLO9NBgCee58l4VI_05TOXnggpkGvMy0r9KpcZFqfOSCbuyS0oYDn0W2RgF5jjDl71xFoUuBuo5L8-hj9b46jbWDbiZkudscsoc45ezpEJFxlmf7EoWw2BXkK8Yau1XNS89Y8OTAXU3ytiaQCh4jvL6mIJ5LRvPgXp0uS08aeqn5EdJwBT37kEKtKndOkzN_-ej4mHH9X9TztWcSXGMDs70oEPDGJPwcn-rEIWamt9j6myq-69Zze38ADfbApZOg7xJ5oJHb95Q9oA_8L-13linsUIxle-npCplCKDiZqYuFypXOjosgElYY6av4iHaut0oS7mYvN7KPbZoesGIfdSuebDwTZhuHKPSAUWBfEYqio1bT-Iyjaa6RK-QcGtgpqSHukuoArv6M6ulh8eQXznoU2tfPbyKXwKgN-u37Nl8cKHjpNB3s9utXfLF9gU021syc7_UVL20aDeDGiDYsJus814FKJQNhbnfQLeDJSQsh7mEU3SUbGfMiG4a-Y2b498ZpOoRyIT-AXKxMKv7pElAXEAM1ljOlXdanZ0X_cvnO0gwFGCJ7Gky5LAhiDiDa7iiAVzh01ofj3pohelZ0V9n-QAT2loarZOb8BUQHwRI_sI7zzJ7pfXj8AGRivx2VkHBA7azk-p8j5Ry2g8SOi-NBrw8LO6AmegYbXoAwC3d1HGz3n84Cbh-o2XmWAEgtn1Gp8X8hPMhoD4vGZyzyHCWwqJRcYdVSQfDcf7koRDmV36QTi9OmVbH3gFE0akveRpZSeDG-m7KfHlHfJoCAQ2dMelK5homn-OhRwPrg40XCqd-8DAhOsDAS9NpeuLevhGTiIYKvQ8G7NzR60ylYClv6xwpkfVZ8hhfGWt7DSY8AdASVtWhy5caXoK71-dlOA5zVUtwFU7rfxC9RRJt4xF70hsu4rZrwnEPTnKj7iZf9gIElK21VwVC6EOIRqG9alUML04CtuD_EaK7n8n3KuOCSoEoMFVNlYMILJ_jzv-LJdZv1emxI2j5sWDCW6R40Dymj_hXg-cAJgL4bZSXDjBMyBPC-8e4CVwrmrSnA4FmmXq2iMzdCeFYdWreub526DSYmbLg-iBAXw7_P2-Vk0aVY9QOHR0azgLo4lFHyDWFyKFRlh4aY1HkNo344eGEwwoPaJV4fcI_Qi04QcYBwTLuKX9eTPLdBxwBESs3S6I9JcT9ceeROk_GkbFtgxfHEcNuVs5Jd3O44PX5JWoGCOOHaDgoh4AfGDY9xRoMbB_8mCMo66hqqd6NPlLD2h7M2FZbR_3zzSO7IItWEEZ5km0tpU-noQCTD3fYGrk5NqFviBHLxOGMP32UNqSWpIa3QUbC0ZP5PE_yRIeZcZbvWsJUDgRxvb4Qxx6KRd8s4jVCx3Lyf34-aR1KVz8D6GlBG__3uy1Ho9lpig2tj1T2EUtgtOCxGVxI146oQDaEzbE5AgJ_1NeV3deYA8uOg_J3icBOsb6iJwjJfdxpEDqZhTfyv_utzREEUyI7RVJqjomLf2OfkLrycQUpC7d__sX5S-WPLjE8NrlVJN8eYFd_P6RbuK1P_7TyvdViFw4kwEcso7i-J3BYP9nmnAM6NhuJoYsgoPJSDtqAN4lcrlaWYodoBKTyCC3zdFDbM_N2TFZ6DZqY7BV3FD8jCZhkkdWXTq1EfcD30YeyxFmXxu65Ycy-YA0lgJ2c4g0W_JJzZURKkZmDk4MERqLIJh3hwsXVsBx8Psg0NqmHVDpcYTBofhXydVokz6OnhVkrBNjj2loKne9A0ZMkavn7dSgGsoUsTTJBXVad--TB1bItKmEMceyvdMxndwCzqL7-A6xW3JWsgY-BIK8P0j3XDKN_zzlNmTeOlZd9o7zMmCDinMoZGgG0ivu862qfXbWtKeSSTopXeF1PYl2Q-LsSSU81TYba1ED6t2knD-p_jjhG_xANEPEmEXNUkra72z658EM-zHjukJZqPI7Be1yOEiN6AaJRuuqucAhit7RxyR2CWlc5kwFgE-RVOgMorTMGS4X5fe5TT8MRBfWRen5vTS5UFencgzOy1ryqTTG_Z9_xik6r5a0iJHFccbmAk6VOKKkcutzcfzjgog_t9-UAgU8ZAvqB4M0wBKje6_exH0hwbOWHQqRE94LfAXeRtEcPDjiriCS-6e7a8CeWFHfIQt3MEXEKs-E-siui-Y0OlFpo1E6Kes5td29NYGLjIcgPhN8hBaT1Y8DzgUnQj15bOTHcSDTLAzXdeHvdcpLphP_xx8YNHtH-YYq646B7owBH-sACVGImdxHLt4OKhbxvJSaSp4h0QySAIhnTvbuYSpFWVEDQvL1SLNCo3shLXQfmcvFX2AqQp4wV2toAlsgA6_71kgdtQ0B7C89-7RuRcMOXS_K-baxnIM-w2lP541zPE_bGR2a9kKS3uKhsG2ywMtrKOPvKyg2_leMzyTdGL8htEYLWzgY-HUlJ5CY8BeG96XXkVJYvD4LA0tHbbqYHOal9UaFXzPYGT9YfuyLaLRaPdXDJ4HtCZcPyTLxCn1NBSYwFNI1tmyJqjeLMspXB_izLMUJuwesqoQE3pojJ_iG3UfnC_4R8wRH4lmk3M4ZXtBoQn_AjiLmexdqf6vj2pMivf9e8GhZkRNm6AGtnQfNlnY7yZaN5btdYIhTPGsTpy-NiW3xlpRT80bXp7zSj3phihFFhxvrSbYLg2VRMFlNDpCtKHNGd3LqYGmm8P8j5cAcSVndecM4wmR7Oo2pVQLjTZhM0tUTeIX8uiXP_4gLkYrDfQ1YGJmlz0QI-i8mwvDlQVYj9ew73sFIX62wgfKqHP49Wb5kCEkRJPvvzdNHSdFuCszXFCt81Lkbllhr0uI7nCwWIQNLtqTRrdJ0HHB3NFJ0vwByb2F-8ChM5U6ewyBu5hXfXcnZk3YYCJz-5WollnAtLs2C4juAHF7CIZV46q8z0BItyFbfCK7GBHDDPeOTgU4E4ZdqXsRCZn8KmlExe4Yza5Izb5qKHgfbGaOk8o13Fygd6p-2E9PkAe4DfvFL5nRGGvTAvYZuit8gfvK1XrI1ZSehdI-dK5WFW14IaFK0QQjX5ikb740QI-iHFSZnyHj_Am6xebvgJLytQpuFXFhSSzsuaqhJDE-bhOU8atEtPNuCMZw04JiSEk6xlQa3BI6zSkjE_q4BrtBl54bEUAJZJA_KhSH3ooDB7VYPtoXMmzZ40EySy1sYbZCSgQuUUx130JprZmBgjFt9HSHhKYMjqZgLQ&cid=CAASJORo2vvEARFxzh2IpKlX7yBb9y-jG-PPSL873EcPWRfsNxt6Qw&rfl=1%2Chttps%253A%252F%252Fwww.bg3.co%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
f03f34a896200ac3d36794a86a5b23d054f1982d05740b454078c8526a33b631
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 11:18:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
698
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11727
x-xss-protection
0
server
cafe
etag
4188671789125589074
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 15 Oct 2022 11:18:14 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame EBCF 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A64saxJSdc5i0t-03ehQf06FEiBs87UNmZxNrGD9WbJpslTeB2JjAaurybl4_Pi7FTi2PTKoA2FwvpWN1SWeCiZkvzfFDnD80cr2S252EU_Z9oAFntJSt5FbSlWeEWufRypEL2DHRvjxdZvenK3LpdPwhbRYXf9bFCe0JC5mcoT-_wxx4&cry=1&dbm_d=AKAmf-CFpcNgjFf-XBPiH1dp8Two5sfuMHVL9beOh7phehanb0nqvcMjdFQAPqofoi_v2RpbvirkWEpcavGJ17V3DoNlY7lnTsjCVusqcy8IIz5kqSGDFRWSWCNDyz_efemdQL6ljcj9nvknIxyinlzyZs_csUDSzv2t5VEXL1a9s3f9db3Y38ydNqxHm_Q1mSUksZFXQOFRwv1jA6AA6PGQoSd6Am78HFx-doXkcsreaSWJ-UJqX5zNBJ_bDj41zVDIsrCMHtKsJQYY4ql0YbgQfN1gzj-MNjynmdcD2Qz7hOieVwMZQ5u42wSwjbQWwIi63xgYDfxe-rLSJCnvrZNX1HZsq0pytfqUiLugoX5qeLUFrhrCLO9NBgCee58l4VI_05TOXnggpkGvMy0r9KpcZFqfOSCbuyS0oYDn0W2RgF5jjDl71xFoUuBuo5L8-hj9b46jbWDbiZkudscsoc45ezpEJFxlmf7EoWw2BXkK8Yau1XNS89Y8OTAXU3ytiaQCh4jvL6mIJ5LRvPgXp0uS08aeqn5EdJwBT37kEKtKndOkzN_-ej4mHH9X9TztWcSXGMDs70oEPDGJPwcn-rEIWamt9j6myq-69Zze38ADfbApZOg7xJ5oJHb95Q9oA_8L-13linsUIxle-npCplCKDiZqYuFypXOjosgElYY6av4iHaut0oS7mYvN7KPbZoesGIfdSuebDwTZhuHKPSAUWBfEYqio1bT-Iyjaa6RK-QcGtgpqSHukuoArv6M6ulh8eQXznoU2tfPbyKXwKgN-u37Nl8cKHjpNB3s9utXfLF9gU021syc7_UVL20aDeDGiDYsJus814FKJQNhbnfQLeDJSQsh7mEU3SUbGfMiG4a-Y2b498ZpOoRyIT-AXKxMKv7pElAXEAM1ljOlXdanZ0X_cvnO0gwFGCJ7Gky5LAhiDiDa7iiAVzh01ofj3pohelZ0V9n-QAT2loarZOb8BUQHwRI_sI7zzJ7pfXj8AGRivx2VkHBA7azk-p8j5Ry2g8SOi-NBrw8LO6AmegYbXoAwC3d1HGz3n84Cbh-o2XmWAEgtn1Gp8X8hPMhoD4vGZyzyHCWwqJRcYdVSQfDcf7koRDmV36QTi9OmVbH3gFE0akveRpZSeDG-m7KfHlHfJoCAQ2dMelK5homn-OhRwPrg40XCqd-8DAhOsDAS9NpeuLevhGTiIYKvQ8G7NzR60ylYClv6xwpkfVZ8hhfGWt7DSY8AdASVtWhy5caXoK71-dlOA5zVUtwFU7rfxC9RRJt4xF70hsu4rZrwnEPTnKj7iZf9gIElK21VwVC6EOIRqG9alUML04CtuD_EaK7n8n3KuOCSoEoMFVNlYMILJ_jzv-LJdZv1emxI2j5sWDCW6R40Dymj_hXg-cAJgL4bZSXDjBMyBPC-8e4CVwrmrSnA4FmmXq2iMzdCeFYdWreub526DSYmbLg-iBAXw7_P2-Vk0aVY9QOHR0azgLo4lFHyDWFyKFRlh4aY1HkNo344eGEwwoPaJV4fcI_Qi04QcYBwTLuKX9eTPLdBxwBESs3S6I9JcT9ceeROk_GkbFtgxfHEcNuVs5Jd3O44PX5JWoGCOOHaDgoh4AfGDY9xRoMbB_8mCMo66hqqd6NPlLD2h7M2FZbR_3zzSO7IItWEEZ5km0tpU-noQCTD3fYGrk5NqFviBHLxOGMP32UNqSWpIa3QUbC0ZP5PE_yRIeZcZbvWsJUDgRxvb4Qxx6KRd8s4jVCx3Lyf34-aR1KVz8D6GlBG__3uy1Ho9lpig2tj1T2EUtgtOCxGVxI146oQDaEzbE5AgJ_1NeV3deYA8uOg_J3icBOsb6iJwjJfdxpEDqZhTfyv_utzREEUyI7RVJqjomLf2OfkLrycQUpC7d__sX5S-WPLjE8NrlVJN8eYFd_P6RbuK1P_7TyvdViFw4kwEcso7i-J3BYP9nmnAM6NhuJoYsgoPJSDtqAN4lcrlaWYodoBKTyCC3zdFDbM_N2TFZ6DZqY7BV3FD8jCZhkkdWXTq1EfcD30YeyxFmXxu65Ycy-YA0lgJ2c4g0W_JJzZURKkZmDk4MERqLIJh3hwsXVsBx8Psg0NqmHVDpcYTBofhXydVokz6OnhVkrBNjj2loKne9A0ZMkavn7dSgGsoUsTTJBXVad--TB1bItKmEMceyvdMxndwCzqL7-A6xW3JWsgY-BIK8P0j3XDKN_zzlNmTeOlZd9o7zMmCDinMoZGgG0ivu862qfXbWtKeSSTopXeF1PYl2Q-LsSSU81TYba1ED6t2knD-p_jjhG_xANEPEmEXNUkra72z658EM-zHjukJZqPI7Be1yOEiN6AaJRuuqucAhit7RxyR2CWlc5kwFgE-RVOgMorTMGS4X5fe5TT8MRBfWRen5vTS5UFencgzOy1ryqTTG_Z9_xik6r5a0iJHFccbmAk6VOKKkcutzcfzjgog_t9-UAgU8ZAvqB4M0wBKje6_exH0hwbOWHQqRE94LfAXeRtEcPDjiriCS-6e7a8CeWFHfIQt3MEXEKs-E-siui-Y0OlFpo1E6Kes5td29NYGLjIcgPhN8hBaT1Y8DzgUnQj15bOTHcSDTLAzXdeHvdcpLphP_xx8YNHtH-YYq646B7owBH-sACVGImdxHLt4OKhbxvJSaSp4h0QySAIhnTvbuYSpFWVEDQvL1SLNCo3shLXQfmcvFX2AqQp4wV2toAlsgA6_71kgdtQ0B7C89-7RuRcMOXS_K-baxnIM-w2lP541zPE_bGR2a9kKS3uKhsG2ywMtrKOPvKyg2_leMzyTdGL8htEYLWzgY-HUlJ5CY8BeG96XXkVJYvD4LA0tHbbqYHOal9UaFXzPYGT9YfuyLaLRaPdXDJ4HtCZcPyTLxCn1NBSYwFNI1tmyJqjeLMspXB_izLMUJuwesqoQE3pojJ_iG3UfnC_4R8wRH4lmk3M4ZXtBoQn_AjiLmexdqf6vj2pMivf9e8GhZkRNm6AGtnQfNlnY7yZaN5btdYIhTPGsTpy-NiW3xlpRT80bXp7zSj3phihFFhxvrSbYLg2VRMFlNDpCtKHNGd3LqYGmm8P8j5cAcSVndecM4wmR7Oo2pVQLjTZhM0tUTeIX8uiXP_4gLkYrDfQ1YGJmlz0QI-i8mwvDlQVYj9ew73sFIX62wgfKqHP49Wb5kCEkRJPvvzdNHSdFuCszXFCt81Lkbllhr0uI7nCwWIQNLtqTRrdJ0HHB3NFJ0vwByb2F-8ChM5U6ewyBu5hXfXcnZk3YYCJz-5WollnAtLs2C4juAHF7CIZV46q8z0BItyFbfCK7GBHDDPeOTgU4E4ZdqXsRCZn8KmlExe4Yza5Izb5qKHgfbGaOk8o13Fygd6p-2E9PkAe4DfvFL5nRGGvTAvYZuit8gfvK1XrI1ZSehdI-dK5WFW14IaFK0QQjX5ikb740QI-iHFSZnyHj_Am6xebvgJLytQpuFXFhSSzsuaqhJDE-bhOU8atEtPNuCMZw04JiSEk6xlQa3BI6zSkjE_q4BrtBl54bEUAJZJA_KhSH3ooDB7VYPtoXMmzZ40EySy1sYbZCSgQuUUx130JprZmBgjFt9HSHhKYMjqZgLQ&cid=CAASJORo2vvEARFxzh2IpKlX7yBb9y-jG-PPSL873EcPWRfsNxt6Qw&rfl=1%2Chttps%253A%252F%252Fwww.bg3.co%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 12:36:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
600780
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 24 Sep 2023 12:36:52 GMT
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 87CF 		106 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qiang-ni-dai-pu-nan-shen-ji-lao-13sui-ke-neng-yuan-yin-pu-guang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f148.1e100.net
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/
Origin
https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 09:06:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
8581
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 02 Oct 2022 09:06:52 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220928/r20110914/elements/html/ Frame 87CF 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220928/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BYvT2TQYzFUjMjU7SLmWjbugEJX8BCkMRGUkJmwHfsqrLRLZCWI3qPG0nPd8xVKeFR54iCVaIPuOMLplCSV4rxwvL8xMajG7Nd5C6hhyPCpuwElsCHClMH-AZEvNAY2Z66Z9HGVJqlYbBCK7XxkAik0pBd_ekrbwwvn2gdZDGBxN4tVtw&dbm_d=AKAmf-DRh9-x-nM1Vw6at3cjdVUAAMJXwivKRsiiZVFlYud_mtSWHdgtU6VA3WL8Hcr7RfZrLSiylZ53UJEDzbuuI3paNb9lYdp9BS4aRJ888d-g-v3JSXrF-MKjiSKPH_MT2uZCAxOsPb0oVEIWoE495O7sn7ctEobYsO8afTE1gmCfSe2Af_HSNexUsPYvT4O1xIA0wpg7uUhQwBbiroXqAQ4VN6U7FyTdJCF98FOGI6jCubkDsMOYKQj9PEAsFnFeFti9DfnP5wUv9nzoOMKSoWhxrza0Jplbge7AjI_iJFK2VI2GenvDuWlCo844zuKFuC0KlkCXCn_ZBI01J8lSCHyk7DazIMbCY_O_9ZbuvrFQbogQlMNsK6RLH-k-JAhvKYjjeayeoZhtKs4sDcyY4THSfwPfxjLGQ4sVb_rPuJXcOvoUZqI11X7oo2UVuhyijXWc44T1z98wUOaONf-M9zvyWHZqLNl-OhxbCfDoy8k1QAt4McBrxXWTUb-ix2VVPcd5F2CtKOYHVnwcHv-cfk2lcrq9iE0P071MeKXv0FFEd_rFxxeSb818GwsmtaOQW3tvOq-P0Pi2nsp9HZRDOJAQtLgCy1XvI3pvNHlOEKLduxEw5ev_MT-KMgEvI0tlhJzHGL5V9_YYqicFt6yKnu4VRxqnl_mTTb_A1zhemE22Jt18XA3Y998Z1l24kdYIkmYXeR9XWeo5W6J40k4jK2wuNFVmdsAyXYq91z1FfE95RmJSJkKaOD3y5nazhf-j9PB4RL3VlGgW_-i1r6ntf54aZ4hehHn6PueqNFyV7IasdEqI3IGkM0XqK869JcbUtlMlsoCyznGvXQF-h4Esbed4BCKO6krq7H2dBG7nt-3CI5hSxHneM_qn-wpzlIuipLQoLB3_sZQsHMDYcy3GWxEuWWR8VsHRfTqIGCq9Oo5pQfqZYdx8oSuORFuaPk4T1Fjz-4qe5YZCAQZkBOUSt1arjrSmt5aO670v7ROBD-c2AubS91CUF_zT95SvDeVcwH1IScPLhQ4vMTADfm5Uy_O409EceIriKsKNMae2gcFMvx56716qbTIpd3C0kVmsvVxB0sYPFBO9ujh4ZM9g7ZOsjRND3hswiLxFPNfX65cBGuTR20R1YL2p2BJgczGEGzB6X5ENmZiwwZA9a3g1Hs9axBwQo0kWBIzwfb03WSqxrvI3TPigrxxmiGN_m-cnVwuIALsqVYLSYZsGSm6wjAmn0muwBoHPnvuE6SV598-R7GCFRmTtifR4GmlTD0DVGAP_yuyGXBt_4V1_xbbLsVo_dOJkKK-hpKBNmMjPGKKJPyuTW4h6s8zOJNTKJVetTPOgnTIBmUuEZbPsvzEtLuh1JvjZVjRG4BMrqYC4iOUIUNXGT8dG-jLa6LkLgMobVZz1y1L2XuZNaaORyamaUyrdGNLsefv8afLaE2j8x2c5I3RSxybl0rAhNiugNhRvv5J96sFfcnFbjwZPMMfie_DsJh5S55ORA0pFEDk1XchPT1CvuSDuLrSqmincfjyp4LoR-bPFaeeCzz_QB277quin_noEYbDlPyBGZJF2428NhkA1uOiOis3ngvnBz_zFVb64g6FlkvGmMkgqhMy5x1Lp4ZBB7kjClD6jQbxSYJShpR6xrQMocawEsMevWDn3Ghxha3ZzcbmppA_Q-lgGHMMzeVuaI4watQwCzsPSmpb3UCfQe0rEMrEYem6gNkI3o--Nrdi90cq7NocDe0xasJlJxpgdKujVazciTYdjQcV9sPP17RRHBx681YDn949dQAKxxjNeKQaSWx8dlK7Mewn4RtbpY_K_GVLqXd9c-KPltoaj1UHtmN0Jkpz7KqPLVDlWQYHY5ksOdTjUWtASimhMem27R2nZaDwpBHHp0S6M--hlQdfM1AtVTQMY3kfochlxKJXhgVUsTkjGBRuq9ZZh0vc2sY1krg9goCkIRY9ct78n4v-vsMQjJdJsP7RMyZPFZ6Et3nHdpmChbwRslk7ogqvaWYQ2oBo145nOumSYOcvsdf7NOtoLPVSMj_jaUUWYLxno730XOyV4CuFL7eNdRCr-H3xSG32JaYknphjv5LEPkZONJIKyjRIbbe8xXG9prk47_YQ10ZRUPTZkeFlGTUpr0JQfZsUMO2vD-2GYAYPDNLLo1A9JXTL4Btv7XD3osvuMBkHFXOnL2P8FxQc65F23eeQF5ga0Opc-Iw2Wqi9r1lbLwJwEJKXGEcYnWQ8cS2xlb5hAOyGP2Kd9Jutv4SZMqx2c-yk8tDvVHPEyqYvNohk3CRXzyVTRXwRBSxYXRLYZEKcyTNVYjhflcLy55DsAXHVrmqj9W1TZ4CKrquJQGGnyDidKWi7uY-bXE_3u7A3M3ijY17hfo0oW92HxDQP4NEC4ZilWJREPM760P_igiKmTYOjuUwu8Ja-9jg9NHHzu0RvTaLRLOcT5oo-aodkhw3G2OWPbOpgcsyaKvGJsoH9gx5ewVMirlgkLbZNp-tX2IaJ-cw6KOdM9MQCUbS7QXUj8kS7Qwz6EqTblB2L9-gOFQM6v4AKF6dFtikEJom5BXyzjZXYxeii9vyDFzncscQFv8bH97a0USCQPo-ShV4Z-1nhmyoVXDMpe8SrsQv7QIHDJ2aD-NJMjwz8tRXyo--20jfG603O9sLaex_7qwqjbnSBu-WT3JU2QHLACeAz8KuD5bBXDN5wb2ITkjYMHqqUW0XSOjh3xf8xGfJP2QhGDNlwPDGwhlnZdAQIqHOM7VwnCgVO5kshWuDGuG3-HrRlY-c-DR9KNLCzPw2fs9EX5zPVIgzQCTjqpBEl__EILzIxQ6qSV2FxbtA1Swkas0r6qwRfUGpAqZrBIO3MLEYqj5xKoK3GOmycEys8tXFvIjuK9sJzIGXV7kWmHzHvVBsQddCQrc3GWpJ-xc_hga_p1E2FVKgBSNoPcnguwIp0MUHf6wFlMkC5sDHbPn8Q_usfTvSV5rS_YEF2_ug3wj6YxyNs5IJz4ydXXbvbM-uxvzh1lQnOiWhMB_pcxJkeBPIbb-20QjMyXeCWo8wyydbxPnrVOdfIErvGUR4lTiLEPmJcNcjax-qxFH9tI8iIycS2ZF4i3O1XXmp0aUVNmV5PIuwcRLjd37Yf8w2YkCk1xgzQZR6c38xpJptsktrkhvbDKOuI3ZTIdGIHh9exYzhnXl4aVcne2QAcCFXNGwJsALWahe4ULXeEL-zBFKBasJr1Nj5fEQzcGSI2O9-KEAtDNTLsaKkMglsS_84-D6Trn6HY1S8R4KMgpTeAnCkMrfCLBBMGdCzUdtA0zHAep422Qu47ktwVnYehoYdM2mwl9P31ZxEX-L9Mz9lSlpSG1c6bQhLIkkNNX7lLkrpgmLL5zgsI0J19GMO-4m9yRpAwj&cid=CAASJORoCCybkWVWDY_jmweXhTgjYuonvaCJLchaE_SNBFmTPtlZJw&rfl=1%2Chttps%253A%252F%252Fwww.bg3.co%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 10:17:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4325
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3181
x-xss-protection
0
server
cafe
etag
10699485926258732851
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 15 Oct 2022 10:17:47 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220928/r20110914/ Frame 87CF 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220928/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BYvT2TQYzFUjMjU7SLmWjbugEJX8BCkMRGUkJmwHfsqrLRLZCWI3qPG0nPd8xVKeFR54iCVaIPuOMLplCSV4rxwvL8xMajG7Nd5C6hhyPCpuwElsCHClMH-AZEvNAY2Z66Z9HGVJqlYbBCK7XxkAik0pBd_ekrbwwvn2gdZDGBxN4tVtw&dbm_d=AKAmf-DRh9-x-nM1Vw6at3cjdVUAAMJXwivKRsiiZVFlYud_mtSWHdgtU6VA3WL8Hcr7RfZrLSiylZ53UJEDzbuuI3paNb9lYdp9BS4aRJ888d-g-v3JSXrF-MKjiSKPH_MT2uZCAxOsPb0oVEIWoE495O7sn7ctEobYsO8afTE1gmCfSe2Af_HSNexUsPYvT4O1xIA0wpg7uUhQwBbiroXqAQ4VN6U7FyTdJCF98FOGI6jCubkDsMOYKQj9PEAsFnFeFti9DfnP5wUv9nzoOMKSoWhxrza0Jplbge7AjI_iJFK2VI2GenvDuWlCo844zuKFuC0KlkCXCn_ZBI01J8lSCHyk7DazIMbCY_O_9ZbuvrFQbogQlMNsK6RLH-k-JAhvKYjjeayeoZhtKs4sDcyY4THSfwPfxjLGQ4sVb_rPuJXcOvoUZqI11X7oo2UVuhyijXWc44T1z98wUOaONf-M9zvyWHZqLNl-OhxbCfDoy8k1QAt4McBrxXWTUb-ix2VVPcd5F2CtKOYHVnwcHv-cfk2lcrq9iE0P071MeKXv0FFEd_rFxxeSb818GwsmtaOQW3tvOq-P0Pi2nsp9HZRDOJAQtLgCy1XvI3pvNHlOEKLduxEw5ev_MT-KMgEvI0tlhJzHGL5V9_YYqicFt6yKnu4VRxqnl_mTTb_A1zhemE22Jt18XA3Y998Z1l24kdYIkmYXeR9XWeo5W6J40k4jK2wuNFVmdsAyXYq91z1FfE95RmJSJkKaOD3y5nazhf-j9PB4RL3VlGgW_-i1r6ntf54aZ4hehHn6PueqNFyV7IasdEqI3IGkM0XqK869JcbUtlMlsoCyznGvXQF-h4Esbed4BCKO6krq7H2dBG7nt-3CI5hSxHneM_qn-wpzlIuipLQoLB3_sZQsHMDYcy3GWxEuWWR8VsHRfTqIGCq9Oo5pQfqZYdx8oSuORFuaPk4T1Fjz-4qe5YZCAQZkBOUSt1arjrSmt5aO670v7ROBD-c2AubS91CUF_zT95SvDeVcwH1IScPLhQ4vMTADfm5Uy_O409EceIriKsKNMae2gcFMvx56716qbTIpd3C0kVmsvVxB0sYPFBO9ujh4ZM9g7ZOsjRND3hswiLxFPNfX65cBGuTR20R1YL2p2BJgczGEGzB6X5ENmZiwwZA9a3g1Hs9axBwQo0kWBIzwfb03WSqxrvI3TPigrxxmiGN_m-cnVwuIALsqVYLSYZsGSm6wjAmn0muwBoHPnvuE6SV598-R7GCFRmTtifR4GmlTD0DVGAP_yuyGXBt_4V1_xbbLsVo_dOJkKK-hpKBNmMjPGKKJPyuTW4h6s8zOJNTKJVetTPOgnTIBmUuEZbPsvzEtLuh1JvjZVjRG4BMrqYC4iOUIUNXGT8dG-jLa6LkLgMobVZz1y1L2XuZNaaORyamaUyrdGNLsefv8afLaE2j8x2c5I3RSxybl0rAhNiugNhRvv5J96sFfcnFbjwZPMMfie_DsJh5S55ORA0pFEDk1XchPT1CvuSDuLrSqmincfjyp4LoR-bPFaeeCzz_QB277quin_noEYbDlPyBGZJF2428NhkA1uOiOis3ngvnBz_zFVb64g6FlkvGmMkgqhMy5x1Lp4ZBB7kjClD6jQbxSYJShpR6xrQMocawEsMevWDn3Ghxha3ZzcbmppA_Q-lgGHMMzeVuaI4watQwCzsPSmpb3UCfQe0rEMrEYem6gNkI3o--Nrdi90cq7NocDe0xasJlJxpgdKujVazciTYdjQcV9sPP17RRHBx681YDn949dQAKxxjNeKQaSWx8dlK7Mewn4RtbpY_K_GVLqXd9c-KPltoaj1UHtmN0Jkpz7KqPLVDlWQYHY5ksOdTjUWtASimhMem27R2nZaDwpBHHp0S6M--hlQdfM1AtVTQMY3kfochlxKJXhgVUsTkjGBRuq9ZZh0vc2sY1krg9goCkIRY9ct78n4v-vsMQjJdJsP7RMyZPFZ6Et3nHdpmChbwRslk7ogqvaWYQ2oBo145nOumSYOcvsdf7NOtoLPVSMj_jaUUWYLxno730XOyV4CuFL7eNdRCr-H3xSG32JaYknphjv5LEPkZONJIKyjRIbbe8xXG9prk47_YQ10ZRUPTZkeFlGTUpr0JQfZsUMO2vD-2GYAYPDNLLo1A9JXTL4Btv7XD3osvuMBkHFXOnL2P8FxQc65F23eeQF5ga0Opc-Iw2Wqi9r1lbLwJwEJKXGEcYnWQ8cS2xlb5hAOyGP2Kd9Jutv4SZMqx2c-yk8tDvVHPEyqYvNohk3CRXzyVTRXwRBSxYXRLYZEKcyTNVYjhflcLy55DsAXHVrmqj9W1TZ4CKrquJQGGnyDidKWi7uY-bXE_3u7A3M3ijY17hfo0oW92HxDQP4NEC4ZilWJREPM760P_igiKmTYOjuUwu8Ja-9jg9NHHzu0RvTaLRLOcT5oo-aodkhw3G2OWPbOpgcsyaKvGJsoH9gx5ewVMirlgkLbZNp-tX2IaJ-cw6KOdM9MQCUbS7QXUj8kS7Qwz6EqTblB2L9-gOFQM6v4AKF6dFtikEJom5BXyzjZXYxeii9vyDFzncscQFv8bH97a0USCQPo-ShV4Z-1nhmyoVXDMpe8SrsQv7QIHDJ2aD-NJMjwz8tRXyo--20jfG603O9sLaex_7qwqjbnSBu-WT3JU2QHLACeAz8KuD5bBXDN5wb2ITkjYMHqqUW0XSOjh3xf8xGfJP2QhGDNlwPDGwhlnZdAQIqHOM7VwnCgVO5kshWuDGuG3-HrRlY-c-DR9KNLCzPw2fs9EX5zPVIgzQCTjqpBEl__EILzIxQ6qSV2FxbtA1Swkas0r6qwRfUGpAqZrBIO3MLEYqj5xKoK3GOmycEys8tXFvIjuK9sJzIGXV7kWmHzHvVBsQddCQrc3GWpJ-xc_hga_p1E2FVKgBSNoPcnguwIp0MUHf6wFlMkC5sDHbPn8Q_usfTvSV5rS_YEF2_ug3wj6YxyNs5IJz4ydXXbvbM-uxvzh1lQnOiWhMB_pcxJkeBPIbb-20QjMyXeCWo8wyydbxPnrVOdfIErvGUR4lTiLEPmJcNcjax-qxFH9tI8iIycS2ZF4i3O1XXmp0aUVNmV5PIuwcRLjd37Yf8w2YkCk1xgzQZR6c38xpJptsktrkhvbDKOuI3ZTIdGIHh9exYzhnXl4aVcne2QAcCFXNGwJsALWahe4ULXeEL-zBFKBasJr1Nj5fEQzcGSI2O9-KEAtDNTLsaKkMglsS_84-D6Trn6HY1S8R4KMgpTeAnCkMrfCLBBMGdCzUdtA0zHAep422Qu47ktwVnYehoYdM2mwl9P31ZxEX-L9Mz9lSlpSG1c6bQhLIkkNNX7lLkrpgmLL5zgsI0J19GMO-4m9yRpAwj&cid=CAASJORoCCybkWVWDY_jmweXhTgjYuonvaCJLchaE_SNBFmTPtlZJw&rfl=1%2Chttps%253A%252F%252Fwww.bg3.co%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
f03f34a896200ac3d36794a86a5b23d054f1982d05740b454078c8526a33b631
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 11:18:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
698
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11727
x-xss-protection
0
server
cafe
etag
4188671789125589074
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 15 Oct 2022 11:18:14 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame B744 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
6779
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 01 Oct 2022 09:36:53 GMT
expires
Sun, 01 Oct 2023 09:36:53 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
bqi.php
lg3.media.net/ Frame 0E5D 		15 B
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lg3.media.net/bqi.php?vgd_len=2893&lf=3&&vgd_hb_audit_1=8CU3SX34C&vgd_hb_audit_2=529820104&vgd_l2type=sca&pid=8PO15GP54&katbid=-103&katen=1&cme=xl1mjTZYOnpLhbeqUYN0Ytpd2RwIJ9wdRS4Cqtv_COOVTmw8kf6_NBHxlifDrtoU4UiTIDgqV2fRSVrbeUjqUO8D4OWiYDUeVuC18VQZsv5g7fHDfdnWHNZV3JeZzVTdHZ7iIUxyLQ27eePkpRUqQJD-TgxP1_EqW097k6YUhp7yA6VyZsZ2MwozmtF4GGIOSR6Ym8d_7EE83w4-MJFlSA==||u8A6SM53vAdJjhazCSusZAnIl_9HqKRb|jyjVTouP1sOI3OR67jxweNSVYtHEv6HR|a0AmFUYXmD6ASqXHhJuVwQhdp4_HJdO5PL2fuJszgjo=|dsA6EMpZ47R6ljdz__nQtthZoUpm2bb5|bYc2tEkUPgkjvTPRTqVvovE3f1Svdh4GA1HFujZVnLRXTolXZqBOc8vJEconSqPLSip1A8CRnn4b4sVC8Hv5ezzHwTqJ1eaxb233HnueVzNa9A8EwamojgXpaQGF4P_XSBxv-3aEauLGs7l4BV6cHmzMXq7aCHlIMoesVZ3Y7VMmMqyhf8V4_LKHxIJNJuIOVxEv5aYnVAIoSq4gpVOsTeWCDbG_vsDE-OV1cNFfmts=|&gdpr=0&prid=8PRVCXX19&cid=8CUABW64L&crid=357234536&requrl=https%3A%2F%2Fwww.bg3.co&vi=1664623790352318519&ugd=4&cc=AU&sc=NSW&bdrid=4&subBdr=186&startTime=1664623791157&vgd_l1rakh=1664623790194266398&l1ch=1&sttm=1664623791166&upk=1664623791.13172&hvsid=00001664623791166029185683033610&acid=8275cafd38a14c8c8137c10726d6ebc8&verid=3111299&vgd_bdata=sd2%3Dnull~iurl_l%3D50~ogerpm%3D0.01~vis_sd%3D30~dc2%3D1~scd%3Dnsw~v_asn%3D54203~vl2r_sd%3D2022093021~iurl_b%3D78616.35~url_tkc%3D0~std%3D~last%3D~vis_url_b%3D0.11~ip%3D3bw0Uw~fbb%3D0~vis_url_l%3D40~riipua%3D101%2C102~et%3D9~rc%3D1~risuid%3D0%2C0~rps_sd%3D2022100107~vis_b%3D130.31~url_b%3D0.01~url_tvi%3D1307~url_l%3D50~gcat%3D-1~bb%3D186~vv%3D0~l2r_b%3D1000~erpm%3D0.01~MFB%3DZW~bm%3D0.99~sid%3D530814538d73e7b3f2af2a8e26eb3fc5~sd%3D1~uid%3DgYpB61XwW6UnHgaLA2~btd%3D248904454597467090651812309051811162458017523719768629008489594256123559451020653559812~d2p_l%3D70~3pcf%3D2.02~uim%3D0~og_msh%3D0.01~dmm_strg%3Dharmony~d2p_b%3D0.66~ogd2p_b%3D0.61~vurl_b%3D0.07~ss%3DNA~uiw%3D-1~ce%3D0~rps_b%3D16.52~vurl_l%3D50~CI%3D2745~nts%3D3~tb%3D-1~ct%3Dbeaconsfield~basis2%3D196~basis1%3D196~isRef%3D0~ivurl_b%3D13.94~isif%3D0~lc%3D3~bid%3D0.02~dc%3D8~vl2r_b%3D0.89~ivurl_l%3D50~supply_tag_id%3D%7Eamp%3D1%7Ecbdp%3D0.014%7Edmm%3Dharmony%7Esuid%3DCAESENACMCdjL807bnhgHzc87uk%7Esd%3D1%7Edtc%3Dapac_sg%7Exid%3DADX-pub-4485239425924787%7Edalg%3Ddefault%7Ehtml%3D1%7Eadblk%3D3314916115%7Esobp%3D%7Ectr%3D3.344339E-4%7Ebdpcapd%3D0%7Edmm_erpm%3Dtrue%7Ebflr%3D0.010%7Eogbid%3D0.020%7Eac_type%3D1%7Eitype_id%3D17%7Eseller_tag_id%3D%7Edetected_tag_id%3D%7Edcut%3D1%7Edogb%3D0-1~ibc%3D1~ddt%3D-1~nsz%3D3~tgs%3D250x250%7C300x250%7C336x280~bsb%3D0~bsp%3D0~tmx%3D254&matchstring=hr%3D0%7Cbcat%3D11%2C47%2Ch%2Cgo%2Ci2%7Ccsh%3D1&vgd_matchstr=hr%3D0%7Cbcat%3D11%2C47%2Ch%2Cgo%2Ci2%7Ccsh%3D1&vgd_sc=NSW&infr=1&twna=1&stime=1664623790149&vgd_ecrid=1700080812610100250025000000500&l1hcsd=l1!Shhg9|6515&vgd_l1rhst=contextual.media.net&vgd_uspa=0&vgd_isiolc=1&pvl=%7B%22dtc%22%3A%22apac_sg%22%2C%22mbr%22%3A1%2C%22l1rpth%22%3A%22%2Fnmedianet.js%22%2C%22pgids%22%3A1%7D&vgd_fcm_enc_mis=1&l2ch=0&vgd_pgid=p0393336782t202210011129&vgd_pgids=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qiang-ni-dai-pu-nan-shen-ji-lao-13sui-ke-neng-yuan-yin-pu-guang.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.25.248.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-248-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=21600
date
Sat, 01 Oct 2022 11:29:52 GMT
server
Apache
ntcoent-length
15
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
max-age=85487
content-length
15
sodar
pagead2.googlesyndication.com/pagead/ Frame 29E5 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220928&jk=1158264308673769&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qiang-ni-dai-pu-nan-shen-ji-lao-13sui-ke-neng-yuan-yin-pu-guang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
-Y38d37a1DmvdXzRnIUkD6jTpQ2urOaWudC6FG_jR1g.js
pagead2.googlesyndication.com/bg/ Frame 960C 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/-Y38d37a1DmvdXzRnIUkD6jTpQ2urOaWudC6FG_jR1g.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
sffe /
Resource Hash
f98dfc777edad439af757cd19c85240fa8d3a50daeace696b9d0ba146fe34758
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 19:36:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
230028
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15918
x-xss-protection
0
last-modified
Tue, 27 Sep 2022 16:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 28 Sep 2023 19:36:04 GMT
dvbs_src_internal109.js
cdn.doubleverify.com/ Frame 3777 		59 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvbs_src_internal109.js
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=1828362&cmp=115740&plc=4168947&sid=18330&DVP_PROG_REP=1&prr=1&DVP_DV_TT=1&DVP_DV_CT=1&DVP_PP_ID=3&DVP_PP_IMP_ID=ABAjH0iQsoC-EN9yFFC3J7OSBHSY&DVP_DBM_1=3060631&DVP_DBM_2=11726559&DVP_DBM_3=18211405561&DVP_DBM_4=209104999&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=881479034793&turl=https://www.bg3.co/a/qiang-ni-dai-pu-nan-shen-ji-lao-13sui-ke-neng-yuan-yin-pu-guang.html&DVP_PP_BUNDLE_ID=&dvregion=0&unit=300x250
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.25.249.212 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-249-212.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 /
Resource Hash
e9881b639c7528a358803222a3d5b1ea1fae69ede0ad9ee2e363be38a2712302

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 01 Oct 2022 11:29:53 GMT
Content-Encoding
gzip
Last-Modified
Mon, 29 Aug 2022 13:20:14 GMT
Server
Microsoft-IIS/10.0
ETag
"03bb312aabbd81:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=946080000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
19455
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B5E3 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
278139
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 28 Sep 2022 06:14:14 GMT
expires
Thu, 28 Sep 2023 06:14:14 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame CAED 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f105.1e100.net
Software
GSE /
Resource Hash
9c97ee51e20f22a8083a18d417c52014fda7e3cb9f060e66b6999e8bbf282498
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-14_1LEFbifwLGZiHwZzqYw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-14_1LEFbifwLGZiHwZzqYw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 01 Oct 2022 11:29:53 GMT
expires
Sat, 01 Oct 2022 11:29:53 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
dvbs_src_internal109.js
cdn.doubleverify.com/ Frame EBCF 		59 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvbs_src_internal109.js
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=1828362&cmp=115740&plc=4168949&sid=18330&DVP_PROG_REP=1&prr=1&DVP_DV_TT=1&DVP_DV_CT=1&DVP_PP_ID=3&DVP_PP_IMP_ID=ABAjH0hWE6741yOO4XGrzR2RSibP&DVP_DBM_1=3060631&DVP_DBM_2=11726559&DVP_DBM_3=18211405561&DVP_DBM_4=209102335&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=881479034793&turl=https://www.bg3.co/a/qiang-ni-dai-pu-nan-shen-ji-lao-13sui-ke-neng-yuan-yin-pu-guang.html&DVP_PP_BUNDLE_ID=&dvregion=0&unit=728x90
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.25.249.212 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-249-212.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 /
Resource Hash
e9881b639c7528a358803222a3d5b1ea1fae69ede0ad9ee2e363be38a2712302

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 01 Oct 2022 11:29:53 GMT
Content-Encoding
gzip
Last-Modified
Mon, 29 Aug 2022 13:20:14 GMT
Server
Microsoft-IIS/10.0
ETag
"03bb312aabbd81:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=946080000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
19455
sodar
pagead2.googlesyndication.com/pagead/ Frame B178 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220928&jk=2049278595715717&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qiang-ni-dai-pu-nan-shen-ji-lao-13sui-ke-neng-yuan-yin-pu-guang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A544 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
278139
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 28 Sep 2022 06:14:14 GMT
expires
Thu, 28 Sep 2023 06:14:14 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 8FF6 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f105.1e100.net
Software
GSE /
Resource Hash
e8842f00ecffd8f291fb0c11b2a46ba25b35462b7cb6c2d86765bff54fd273cf
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-sKfRs1bk07Nw4tNMPcCE-g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-sKfRs1bk07Nw4tNMPcCE-g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 01 Oct 2022 11:29:53 GMT
expires
Sat, 01 Oct 2022 11:29:53 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
-Y38d37a1DmvdXzRnIUkD6jTpQ2urOaWudC6FG_jR1g.js
pagead2.googlesyndication.com/bg/ Frame 0794 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/-Y38d37a1DmvdXzRnIUkD6jTpQ2urOaWudC6FG_jR1g.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
sffe /
Resource Hash
f98dfc777edad439af757cd19c85240fa8d3a50daeace696b9d0ba146fe34758
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 19:36:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
230029
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15918
x-xss-protection
0
last-modified
Tue, 27 Sep 2022 16:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 28 Sep 2023 19:36:04 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 6151 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
6780
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 01 Oct 2022 09:36:53 GMT
expires
Sun, 01 Oct 2023 09:36:53 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 87CF 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: eae788224dba35857150c6163776964a.safeframe.googlesyndication.com
URL: https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 12:36:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
600781
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 24 Sep 2023 12:36:52 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame ADF9 		1 KB
755 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: eae788224dba35857150c6163776964a.safeframe.googlesyndication.com
URL: https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
60652
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 30 Sep 2022 18:39:01 GMT
etag
48472445140208031
expires
Sat, 01 Oct 2022 18:39:01 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 87CF 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0828d9957490e00ff0b46b40cc0bb3db1cfb49d5adc37145aa58d29de70e8c8f

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
-Y38d37a1DmvdXzRnIUkD6jTpQ2urOaWudC6FG_jR1g.js
pagead2.googlesyndication.com/bg/ Frame B744 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/-Y38d37a1DmvdXzRnIUkD6jTpQ2urOaWudC6FG_jR1g.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
sffe /
Resource Hash
f98dfc777edad439af757cd19c85240fa8d3a50daeace696b9d0ba146fe34758
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 19:36:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
230029
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15918
x-xss-protection
0
last-modified
Tue, 27 Sep 2022 16:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 28 Sep 2023 19:36:04 GMT
verify.js
rtb0.doubleverify.com/ Frame 3777 		443 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rtb0.doubleverify.com/verify.js?flvr=0&jsCallback=__verify_callback_927911609968&jsTagObjCallback=__tagObject_callback_927911609968&num=6&ctx=1828362&cmp=115740&plc=4168947&sid=18330&advid=&adsrv=&unit=300x250&isdvvid=&uid=927911609968&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&nav_pltfrm=Win32&dvp_strhd=0.30&dvpx_strhd=0.30&brid=3&brver=89&bridua=3&dup=null&turl=https://www.bg3.co/a/qiang-ni-dai-pu-nan-shen-ji-lao-13sui-ke-neng-yuan-yin-pu-guang.html&srcurlD=0&ssl=1&refD=1&htmlmsging=1&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_DV_CT=1&DVP_PP_ID=3&DVP_PP_IMP_ID=ABAjH0iQsoC-EN9yFFC3J7OSBHSY&DVP_DBM_1=3060631&DVP_DBM_2=11726559&DVP_DBM_3=18211405561&DVP_DBM_4=209104999&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=881479034793&DVP_PP_BUNDLE_ID=&prr=1&aUrlD=-1&m1=13&noc=4&fcifrms=8&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=157&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5D38b%5D4%40TauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5D38b%5D4%40Tar9EEADTbpTauTau626fggaac532bdgdf%60d_4e%60ebffehec2%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3EU2%26C%3Dl9EEADTbpTauTauHHH%5D38b%5D4%40Tau2TauB%3A2%3F8%5C%3F%3A%5C52%3A%5CAF%5C%3F2%3F%5CD96%3F%5C%3B%3A%5C%3D2%40%5C%60bDF%3A%5C%3C6%5C%3F6%3F8%5CJF2%3F%5CJ%3A%3F%5CAF%5C8F2%3F8%5D9E%3E%3D&dvp_exetime=7.50&callbackName=__verify_callback_927911609968
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal109.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.149.43.113 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
113.43.149.34.bc.googleusercontent.com
Software
/
Resource Hash
028a9bb83d9f82aeb1748c31f1b57062fac5aa30ac3e28fe92d9b40315cbd077

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 01 Oct 2022 11:29:53 GMT
Content-Encoding
br
X-DV-Response
0
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=0
Connection
close
Expires
09/30/2022 11:29:53
sodar
pagead2.googlesyndication.com/pagead/ Frame CAED 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220928&jk=3982342905089135&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qiang-ni-dai-pu-nan-shen-ji-lao-13sui-ke-neng-yuan-yin-pu-guang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
-Y38d37a1DmvdXzRnIUkD6jTpQ2urOaWudC6FG_jR1g.js
pagead2.googlesyndication.com/bg/ Frame B5E3 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/-Y38d37a1DmvdXzRnIUkD6jTpQ2urOaWudC6FG_jR1g.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
sffe /
Resource Hash
f98dfc777edad439af757cd19c85240fa8d3a50daeace696b9d0ba146fe34758
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 19:36:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
230029
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15918
x-xss-protection
0
last-modified
Tue, 27 Sep 2022 16:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 28 Sep 2023 19:36:04 GMT
verify.js
rtb0.doubleverify.com/ Frame EBCF 		440 B
568 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rtb0.doubleverify.com/verify.js?flvr=0&jsCallback=__verify_callback_64012041094&jsTagObjCallback=__tagObject_callback_64012041094&num=6&ctx=1828362&cmp=115740&plc=4168949&sid=18330&advid=&adsrv=&unit=728x90&isdvvid=&uid=64012041094&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&nav_pltfrm=Win32&dvp_strhd=0.30&dvpx_strhd=0.30&brid=3&brver=89&bridua=3&dup=null&turl=https://www.bg3.co/a/qiang-ni-dai-pu-nan-shen-ji-lao-13sui-ke-neng-yuan-yin-pu-guang.html&srcurlD=0&ssl=1&refD=1&htmlmsging=1&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_DV_CT=1&DVP_PP_ID=3&DVP_PP_IMP_ID=ABAjH0hWE6741yOO4XGrzR2RSibP&DVP_DBM_1=3060631&DVP_DBM_2=11726559&DVP_DBM_3=18211405561&DVP_DBM_4=209102335&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=881479034793&DVP_PP_BUNDLE_ID=&prr=1&aUrlD=-1&m1=13&noc=4&fcifrms=8&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=157&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5D38b%5D4%40TauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5D38b%5D4%40Tar9EEADTbpTauTau626fggaac532bdgdf%60d_4e%60ebffehec2%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3EU2%26C%3Dl9EEADTbpTauTauHHH%5D38b%5D4%40Tau2TauB%3A2%3F8%5C%3F%3A%5C52%3A%5CAF%5C%3F2%3F%5CD96%3F%5C%3B%3A%5C%3D2%40%5C%60bDF%3A%5C%3C6%5C%3F6%3F8%5CJF2%3F%5CJ%3A%3F%5CAF%5C8F2%3F8%5D9E%3E%3D&dvp_exetime=4.00&callbackName=__verify_callback_64012041094
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal109.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.149.43.113 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
113.43.149.34.bc.googleusercontent.com
Software
/
Resource Hash
eeb9f7e7c0d3259e8a4f85cf080c953033de6c185f77ff08a3dc2d6088a49a64

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 01 Oct 2022 11:29:53 GMT
Content-Encoding
br
X-DV-Response
0
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=0
Connection
close
Expires
09/30/2022 11:29:53
sodar
pagead2.googlesyndication.com/pagead/ Frame 8FF6 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220928&jk=914639876695818&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qiang-ni-dai-pu-nan-shen-ji-lao-13sui-ke-neng-yuan-yin-pu-guang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
-Y38d37a1DmvdXzRnIUkD6jTpQ2urOaWudC6FG_jR1g.js
pagead2.googlesyndication.com/bg/ Frame 6151 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/-Y38d37a1DmvdXzRnIUkD6jTpQ2urOaWudC6FG_jR1g.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
sffe /
Resource Hash
f98dfc777edad439af757cd19c85240fa8d3a50daeace696b9d0ba146fe34758
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 19:36:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
230029
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15918
x-xss-protection
0
last-modified
Tue, 27 Sep 2022 16:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 28 Sep 2023 19:36:04 GMT
-Y38d37a1DmvdXzRnIUkD6jTpQ2urOaWudC6FG_jR1g.js
pagead2.googlesyndication.com/bg/ Frame A544 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/-Y38d37a1DmvdXzRnIUkD6jTpQ2urOaWudC6FG_jR1g.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
sffe /
Resource Hash
f98dfc777edad439af757cd19c85240fa8d3a50daeace696b9d0ba146fe34758
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 19:36:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
230029
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15918
x-xss-protection
0
last-modified
Tue, 27 Sep 2022 16:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 28 Sep 2023 19:36:04 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame DDAF 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
6780
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 01 Oct 2022 09:36:53 GMT
expires
Sun, 01 Oct 2023 09:36:53 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
cm.g.doubleclick.net/ Frame ADF9
Redirect Chain
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEExNAypDvUrNiceOZ4NyWsk&google_cver=1&google_push=AZmPxg81s1PYViBOky2K_prGo94U3FRNwIub1Opc3fef3SllZb1hHyI6to...
  • https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=B765081F39B1F7&google_push=AZmPxg81s1PYViBOky2K_prGo94U3FRNwIub1Opc3fef3SllZb1hHyI6toQPcWitC2oKmror1fSq64NBOAlCg2yT_Xj_6rSh5OSetpU_wyb9QESZOZEer...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=B765081F39B1F7&google_push=AZmPxg81s1PYViBOky2K_prGo94U3FRNwIub1Opc3fef3SllZb1hHyI6toQPcWitC2oKmror1fSq64NBOAlCg2yT_Xj_6rSh5OSetpU_wyb9QESZOZEerrq7yKPfEaRkTz1ngiXYj8X0_uiZlbQExgn-pjA&google_hm=bpOdv-eLNpBJ9sjJN1D9dA
Requested by
Host: eae788224dba35857150c6163776964a.safeframe.googlesyndication.com
URL: https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.253.118.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 11:29:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=B765081F39B1F7&google_push=AZmPxg81s1PYViBOky2K_prGo94U3FRNwIub1Opc3fef3SllZb1hHyI6toQPcWitC2oKmror1fSq64NBOAlCg2yT_Xj_6rSh5OSetpU_wyb9QESZOZEerrq7yKPfEaRkTz1ngiXYj8X0_uiZlbQExgn-pjA&google_hm=bpOdv-eLNpBJ9sjJN1D9dA
pragma
no-cache
date
Sat, 01 Oct 2022 11:29:53 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
strict-transport-security
max-age=86400
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame ADF9
Redirect Chain
  • https://ipac.ctnsnet.com/int/cm?exc=1&acc=crimtan_au&google_gid=CAESEES2FtrR1s9AQtG9nC0u9vQ&google_cver=1&google_push=AZmPxg8Q33gNcCJOcMT3PCfBPV3wQ9pRXZUtAZllASWm4O3cRM4MjzG8JU_E1dynFFQhPYfVrw0GzFU...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AZmPxg8Q33gNcCJOcMT3PCfBPV3wQ9pRXZUtAZllASWm4O3cRM4MjzG8JU_E1dynFFQhPYfVrw0GzFUU5vzuuww71xJs854SCXHUQW3_5hZ-B2ZeiTYhW85bGruwf_Ij...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AZmPxg8Q33gNcCJOcMT3PCfBPV3wQ9pRXZUtAZllASWm4O3cRM4MjzG8JU_E1dynFFQhPYfVrw0GzFUU5vzuuww71xJs854SCXHUQW3_5hZ-B2ZeiTYhW85bGruwf_IjFXYBLnvw8J4ZGBtFUAQ_xqwHyOY&google_hm=EAIJzB8sS3OH7gFiK2AF6m8
Requested by
Host: eae788224dba35857150c6163776964a.safeframe.googlesyndication.com
URL: https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.253.118.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 11:29:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 01 Oct 2022 11:29:52 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AZmPxg8Q33gNcCJOcMT3PCfBPV3wQ9pRXZUtAZllASWm4O3cRM4MjzG8JU_E1dynFFQhPYfVrw0GzFUU5vzuuww71xJs854SCXHUQW3_5hZ-B2ZeiTYhW85bGruwf_IjFXYBLnvw8J4ZGBtFUAQ_xqwHyOY&google_hm=EAIJzB8sS3OH7gFiK2AF6m8
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame ADF9
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEPPW5WgxpBInZhBmagY9rDo&google_cver=1&google_push=AZmPxg-MgENWLrwe1bpQdF0RxkrrUD6X1VKFWoxHR22WZltIJz8173SygX9RzfiDwf1CRwnfS4s7we7d...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTQwMTQ2NDIxMjIyNTAxMzQ0MA&google_push=AZmPxg-MgENWLrwe1bpQdF0RxkrrUD6X1VKFWoxHR22WZltIJz8173SygX9RzfiDwf1CRwnfS4s7we...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTQwMTQ2NDIxMjIyNTAxMzQ0MA&google_push=AZmPxg-MgENWLrwe1bpQdF0RxkrrUD6X1VKFWoxHR22WZltIJz8173SygX9RzfiDwf1CRwnfS4s7we7dqCgGrtXaki_7XcCDcfQs3Ntgz6iT49J0y4p7RHogcFGWEUzOBNU2OtI7xmWb7TQJus0sm3FY7Qs
Requested by
Host: eae788224dba35857150c6163776964a.safeframe.googlesyndication.com
URL: https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.253.118.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 11:29:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 01 Oct 2022 11:29:53 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTQwMTQ2NDIxMjIyNTAxMzQ0MA&google_push=AZmPxg-MgENWLrwe1bpQdF0RxkrrUD6X1VKFWoxHR22WZltIJz8173SygX9RzfiDwf1CRwnfS4s7we7dqCgGrtXaki_7XcCDcfQs3Ntgz6iT49J0y4p7RHogcFGWEUzOBNU2OtI7xmWb7TQJus0sm3FY7Qs
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame ADF9
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEPq4ZEhTrIewBhEOrzm0VP0&google_cver=1&google_push=AZmPxg9Ya5lTTPwxzDdxS2b_Or5NVH74Stn7aVuuNcNQq0TXnZD6GVX0fbsNPRGWzVHQyWhLRYYslBRaZJ3BK...
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AZmPxg9Ya5lTTPwxzDdxS2b_Or5NVH74Stn7aVuuNcNQq0TXnZD6GVX0fbsNPRGWzVHQyWhLRYYslBRaZJ3BKJyRCEYCXQRVl_pihXVIEXRlZ4cmO551JoImn8J6kyvtFhd...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AZmPxg9Ya5lTTPwxzDdxS2b_Or5NVH74Stn7aVuuNcNQq0TXnZD6GVX0fbsNPRGWzVHQyWhLRYYslBRaZJ3BKJyRCEYCXQRVl_pihXVIEXRlZ4cmO551JoImn8J6kyvtFhdijr2EApVL5fNceVSCkPPDqOU&google_hm=Z1U0NGFLb0lZZGNnUkptU3Q2cmk=
Requested by
Host: eae788224dba35857150c6163776964a.safeframe.googlesyndication.com
URL: https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.253.118.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 11:29:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 01 Oct 2022 11:29:53 GMT
Content-Type
text/html; charset=utf-8
Location
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AZmPxg9Ya5lTTPwxzDdxS2b_Or5NVH74Stn7aVuuNcNQq0TXnZD6GVX0fbsNPRGWzVHQyWhLRYYslBRaZJ3BKJyRCEYCXQRVl_pihXVIEXRlZ4cmO551JoImn8J6kyvtFhdijr2EApVL5fNceVSCkPPDqOU&google_hm=Z1U0NGFLb0lZZGNnUkptU3Q2cmk=
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
291
Expires
Thu, 01 Dec 1994 16:00:00 GMT
spacer.gif
an.yandex.ru/resource/ Frame ADF9
Redirect Chain
  • https://an.yandex.ru/mapuid/google/CAESEJKca8EJ0_RDS4L-n3Pq6u4?ext-param=AZmPxg8dHi1nQYBjKyKeqxovO9c_pstKKA6bF_9NpkdlbStME5fIjj4VEyJE3nG-hBmb9w0ai8g0CeeL520Q9J1UCcGMZWyNWrDEmmFCW7TtHDUGYUhpyNVKlJKO...
  • https://an.yandex.ru/mapuid/google/CAESEJKca8EJ0_RDS4L-n3Pq6u4?redir-setuniq=1&ext-param=AZmPxg8dHi1nQYBjKyKeqxovO9c_pstKKA6bF_9NpkdlbStME5fIjj4VEyJE3nG-hBmb9w0ai8g0CeeL520Q9J1UCcGMZWyNWrDEmmFCW7Tt...
  • https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEJKca8EJ0_RDS4L-n3Pq6u4&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
  • https://an.yandex.ru/resource/spacer.gif
43 B
168 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/resource/spacer.gif
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qiang-ni-dai-pu-nan-shen-ji-lao-13sui-ke-neng-yuan-yin-pu-guang.html
Protocol
H2
Server
213.180.193.90 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
bs.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 11:29:55 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Wed, 18 Apr 2001 10:28:03 GMT
content-type
image/gif
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Sat, 16 Sep 2023 11:29:55 GMT

Redirect headers

pragma
no-cache
date
Sat, 01 Oct 2022 11:29:55 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://an.yandex.ru/resource/spacer.gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
237
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame ADF9 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IqdRXpmIkIZgLI-8vMBigcia0tumAjDYhT0FFRXNtUv51J2ZbnL46CBkxV
Requested by
Host: eae788224dba35857150c6163776964a.safeframe.googlesyndication.com
URL: https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 11:29:53 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
generate_204
tpc.googlesyndication.com/ Frame 960C 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?G32M3A
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qiang-ni-dai-pu-nan-shen-ji-lao-13sui-ke-neng-yuan-yin-pu-guang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 11:29:53 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
generate_204
tpc.googlesyndication.com/ Frame 0794 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?s-0b8Q
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qiang-ni-dai-pu-nan-shen-ji-lao-13sui-ke-neng-yuan-yin-pu-guang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 11:29:53 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 0E5D 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsudIk2MICUF9sMaIObHr3RnBt1LTSsAq63ueX8rGrgOVgjoIvZPA1A6qbkDTgLkx4HUOQ_JtajVm7c5zTb534apdgYN&sig=Cg0ArKJSzNqnA1KRsPV9EAE&cid=CAASFeRosrKgBiy44oOgL1icIXVltT-UkA&id=lidar2&mcvt=1011&p=0,0,254,250&mtos=0,1011,1011,1011,1011&tos=0,1011,0,0,0&v=20220928&bin=7&avms=nio&bs=0,0&mc=0.98&if=1&vu=1&app=0&itpl=20&adk=3314916115&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1664623790137&rpt=2281&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 11:29:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
-Y38d37a1DmvdXzRnIUkD6jTpQ2urOaWudC6FG_jR1g.js
pagead2.googlesyndication.com/bg/ Frame DDAF 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/-Y38d37a1DmvdXzRnIUkD6jTpQ2urOaWudC6FG_jR1g.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
sffe /
Resource Hash
f98dfc777edad439af757cd19c85240fa8d3a50daeace696b9d0ba146fe34758
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 19:36:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
230029
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15918
x-xss-protection
0
last-modified
Tue, 27 Sep 2022 16:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 28 Sep 2023 19:36:04 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B744 		0
25 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BSstOsCQ4Y-emGIj2vwSfibr4BwAAAAA4AeAEAg&bg=!MTKlMnbNAAYQgTJdMIE7ACkAdvg8WuAyx0-V-Aigu8O_6uRZizDQaIUThD4vNXmvqcGEopRkzt624AIAAAC4UgAAAAJoAQeZAu6rMlSQKh5cWuDoeCda-G52nug7FQaTREMauBtqzp4L-Ure0MQzeKsdayqEox9X9dv5-J_VoneTvxlnoOstv5Ix1qYkSlHE53iDJ3-z47kvwoHQkXbwYtORP86mQ6Fkoe-zY77nfP9j2HBWeMBHwVZxAe472_kpSKJjvg6a2g6eno138WFIyVvUcL05b9O8KGxlufTkUhrMByvtbk6TlPEwoGFn872LCSDz00rEpEVfXcCnSssp-OpXyp9VBYMMtOKJRRYRT7cBmlmtqJgvWV7CG7SadlHX2meBQtDUt8T0gL9UfzdzHsLibbucN_o3LjZd8ceJYN2vqDM174bizcDnzig8Zk4ZV8LxVNtGz7uptJfdAO1Ql9Fy2Hat3IOgopxb9c_zEceRf9tDK6WVOgTKqEJTJCbcYgruFN4IZkGQCU9uFd0o_iMRNgbKnMy-eMeCuCnxaiT_24u7YnGC3g9KW7FNlLEmv97lNZKGYcyJ6HcOEFy4CltVM06OLYgCcQqMa6pPQGP9yde5RytFUn8Qk8MoPv3Av1mQN7OBWawyyIFTsO_C0NJtGHU5Y-eoepArAruUkD_aS0Y4LCBGHhkAq7CrI5Nq5DYaW8fpanVHLi9G-id1XbL2TVsEteE8ez6cCVaxf4gV_LkTbSPlYR6PEykAawiEbLSwotHu4ad2wPQU7SZm-duqp-O4GowVOhKxIgR9BjtwlswSs4vovBZIIlhk4Npf7Mk57QBlYWXtN3KSkjWQpK_DbBERAoW8k1-0-FcqS5Ql96QsDoGL2ioFFfdThBGBIIPdy4vpAKvrGRhUuba69I7uQd_gS92EG-pyUS-NHEeicgGccbUcBpc99qaTEkaCXIqq-rlpq7ByKI4NpEugct2PGR85AZb1L3WUkr4q-XwjrnXA45hYwusEbkEBneQpNZcB4oSxqyAvCd9-zQSWLrpNp1qj-PZ_D4-2T8Z7miEdr4X4g6VQ_ZYtYqSJnzHpfyag5AdG4hI
Requested by
Host: eae788224dba35857150c6163776964a.safeframe.googlesyndication.com
URL: https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 11:29:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame B5E3 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?pl2XmA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qiang-ni-dai-pu-nan-shen-ji-lao-13sui-ke-neng-yuan-yin-pu-guang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 11:29:53 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
generate_204
tpc.googlesyndication.com/ Frame A544 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?2AoaYA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qiang-ni-dai-pu-nan-shen-ji-lao-13sui-ke-neng-yuan-yin-pu-guang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 11:29:53 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
index_120x600_google.html
s0.2mdn.net/sadbundle/4942068020373019979/ Frame 3EE4 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/4942068020373019979/index_120x600_google.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f148.1e100.net
Software
sffe /
Resource Hash
3c739ccbfad2a264757c1608cb342f9829a077fad87b0cc079540ab03aeb2412
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
2200
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Sat, 01 Oct 2022 11:29:54 GMT
expires
Sun, 01 Oct 2023 11:29:54 GMT
last-modified
Mon, 05 Sep 2022 15:11:23 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 87CF 		0
613 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsug_NAgU4ZWbe8kv0bgXEtxlhbtMsyVPGAZHG-RthP67AP-3AB7tuvKv79R6hTTkrsj7_0UXFtHvCT09kPJrchXfQwkVFGr6Nc7xXbQLUvwoLaCEMmG7hB_f9LM-abWHt34ql1B_IIC8c0BEW9V6w7IIKG6X2c64fHp5aljglPP5NyLSXglJC98k-Jseli9axDJS7R-U2jQjKT0hvNOfmfWBvMDD3eUDRqYRwOMYZqmWxn54v_OhZHQJXZzfwRKmO68t3admsiPU80-LYUl_jqX_RvvS-jHMMTN0FwqeblGbOtQtH9XuHjCbGFB-zz1WxcpxmE3WVSOPLg28GfbfqcV1XJreI53bH2Xqg-yq8BuItyxVh196wqKrwh2Dxh3yYf09uUIAzRtTzXwaxLUi87yz-XGbrgXAjxeMEYoMo-SjTtf2khAi2UF7JVrfTQ8B9cD4U2jbkr6uDmEbNGvlRqckTa9OFYZ3LZyzemh1NqTOXv9XvkUXBB1-UTCVxEN-6pm6-JJfQ8w_I380o8K_Ek1wtWCAN2GnCcmW6DrY0p51oIr3X_gJ0bfrsL2MzrYbTS8Jr7vwd8Y9jH8Q_y-8xtkiQfD_acBHn1OZzwIsQuky6gbMqbY5MVuvYPPpxPqSvYro8ttB-h-sreqETJEqDHVE9-XUMDdOOsujJtH_V2PWYlAXJA2uzV_GIXdtjDg_KmDGjM08PDaXe6wv1IikfXbeCugDSdMvcW51m_0YFaqTjMiq8xWv1QZUpT6UL-WLWMmEcJkvJEUKHXsAPL-znx4LpvXjtl-KfL6dpZczG_2HDE0rxmRAVk4bvgClV6eW2teEefby33cpR-LWLMNRfUDZfi0gw5zFUgWXEkRlhLRPSxwbJvktwNC8dAPudRlJd_fyWI_zFQhl6JzIH-3e2IEgTfuuZmI3jl9Ty7aBtsjPUnfTZlyssJOONC9ShUY_emzRqXL1TY1qSp1zLmIiP87NUQWTNhD3R4azfW5RikWn8G_eIUA5fs_nFWk9kLZ97_QSFPucjhSOBz0ygX5De1apeA1Sh9jKhfEGbdKZrOEobcvwr8PaiiwTRcmsSkaE7VdIAHGQ-BOl7l5arHukeDSZrpuH1lVkqm3tAC9YUmmBUF7U5vAyiF3Jg4ecvsahhiB0iznuVr34gXglaCpYUv3_hgskZecLbVQx_ooUVdpgwi0ZFAFjFFhte7lKOQqDkQXuYkN3FZ_OKg-aIc2mmbLV-nbGiQKy2fsr409w4PnRsl5-qUh7460fWZMgnyq06vGk_3wg4q1GWo9ttEXIigjR5fX6FKMLPtaChtLXANV3rtinFyv4YKpat8vbr-8mg&sai=AMfl-YRs3vP7-2GF6khrMW8HBvUsxKIVCOBKDSkEYOmhWgKpSGVYoXwsdQ_DoYySjHe9hfqjm7I3QKukcQWEhqYsIayLioWGQc8IenBI7NV0gc4qiO6BsgXBeKvCGl-tdj5jHKt44iUyjFYkbEtH5izm-oeh-uPVwcK4FEHGaW0RLfhh4onI0y8mkAlHbNZSSeQupwp21W0j5rh980r0BVNv0L-a&sig=Cg0ArKJSzD7HUISMLPLfEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=855&cbvp=1&cstd=852&cisv=r20220928.10089&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qiang-ni-dai-pu-nan-shen-ji-lao-13sui-ke-neng-yuan-yin-pu-guang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f154.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sat, 01 Oct 2022 11:29:54 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
img;adv=11122207570744;ec=11122226302456;adv.a=6266241;c.a=28466995;s.a=3213511;p.a=345598515;a.a=537242143;cache=1779220074;
ad.atdmt.com/i/ Frame 87CF 		0
0
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.bg3.co
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Sat, 01 Oct 2022 11:29:53 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
526663
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
json
gum.criteo.com/sid/ 		344 B
649 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&cw=1&pbt=1&lsw=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
a38dfd96a98abb4bab17b72abc5451de3c9049d112f49f6cbb981b34b2b20dc6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 11:29:53 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
744994
expires
0
rid
match.adsrvr.org/track/ 		108 B
646 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
cdf163c0556d874f8f7114a11a4ffea5859d081dc12cdbbb756ddd9e1e190935

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 01 Oct 2022 11:29:53 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
108
expires
Mon, 31 Oct 2022 11:29:53 GMT
ixmatch.html
js-sec.indexww.com/um/ Frame 6AF6 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.44.1.2 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-44-1-2.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1387
Content-Type
text/html; charset=UTF-8
Date
Sat, 01 Oct 2022 11:29:54 GMT
ETag
"e20015-b68-5e4a60c97afb7"
Last-Modified
Mon, 25 Jul 2022 19:18:30 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server
Apache
Vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame DF52 		281 B
573 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.15.148.136 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-15-148-136.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 01 Oct 2022 11:29:54 GMT
ETag
"40014-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Unused62
8096267
Vary
Accept-Encoding
pd
u.openx.net/w/1.0/ Frame 405E 		533 B
640 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
2e052e0ae4262e73b88b5ab9095a78feee72951a25f3f57ab84c81d1a7841965

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
327
content-type
text/html
date
Sat, 01 Oct 2022 11:29:53 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
isyn
prebid.a-mo.net/ Frame 5312 		2 KB
764 B 		Document
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.88.5 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
062b1602ee83e62da1e80a3b9fd51f3da905787ca18512843b7708c32b527dae

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
content-encoding
gzip
content-length
675
content-type
text/html; charset=utf-8
date
Sat, 01 Oct 2022 11:29:53 GMT
server
envoy
vary
accept-encoding
x-envoy-upstream-service-time
1
sync.html
public.servenobid.com/ Frame A483 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://public.servenobid.com/sync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.45.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-45-7.mrs52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7efdca1ce8a8ee4fb50887d9f88bdace1026e0f76ea1e64a802b97402d825a79

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
59694
cache-control
max-age=86400
content-encoding
gzip
content-type
text/html
date
Fri, 30 Sep 2022 18:55:01 GMT
etag
W/"3b058e9cd661ca6990301a82cf5d448f"
last-modified
Wed, 17 Aug 2022 23:23:08 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 e6714c863ae63bdaa0cc735ee5878378.cloudfront.net (CloudFront)
x-amz-cf-id
_2g_Kc72qfJZ7khUS-IYHn_aWcd511nVinBBQ7mD40T6vEAnGF2mEg==
x-amz-cf-pop
MRS52-P1
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:us-east-1:559734745816:build/adserver-public-prod:049b4e88-3480-44ce-bc71-9207efe847a1
x-amz-meta-codebuild-content-md5
77e8f986028c7819a018b65a51e4d1c5
x-amz-meta-codebuild-content-sha256
4cf0411e60b9185dacd3ae0196e3adabe45eed1b64ea27e89ed58c43c33d4297
x-cache
Hit from cloudfront
/
onetag-sys.com/usync/ Frame 5C3B 		2 KB
863 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1664623788228
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.79.234.101 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-51-79-234.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
checksync.php
contextual.media.net/ Frame 5E05 		36 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.25.220.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-220-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
71456dbfbeaae91e6b16e5e116a17873e3be7cab776a756df4789a46e1aae83f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
11837
content-type
text/html; charset=UTF-8
date
Sat, 01 Oct 2022 11:29:53 GMT
expires
Mon, 03 Oct 2022 11:29:53 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
sync
eb2.3lift.com/ Frame 0FB7 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
668fa45c3464bd338becaa929e58d375220b16a16af35768f2fa8045325e3ac8

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-length
458
content-type
text/html; charset=utf-8
date
Sat, 01 Oct 2022 11:29:53 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
async_usersync.html
acdn.adnxs.com/dmp/ Frame B8CD 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.44.0.183 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-44-0-183.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sat, 01 Oct 2022 11:29:54 GMT
ETag
"623de86a-cf34"
Expires
Sun, 02 Oct 2022 11:29:56 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
firstevent
adobe.demdex.net/ Frame EBCF
Redirect Chain
  • https://adobe.demdex.net/event?d_stuff=1&d_rtbd=json&d_cb=fltk
  • https://adobe.demdex.net/firstevent?d_stuff=1&d_rtbd=json&d_cb=fltk
102 B
1007 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adobe.demdex.net/firstevent?d_stuff=1&d_rtbd=json&d_cb=fltk
Requested by
Host: eae788224dba35857150c6163776964a.safeframe.googlesyndication.com
URL: https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Server
54.69.10.121 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-69-10-121.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
072d26f5111bcf3fee58d188404c62bf1891f012825cfbb39e2590e7b1c79f93
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS
dcs-prod-usw2-1-v040-082931735.edge-usw2.demdex.com 5 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
axasgDhYQ3o=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
application/javascript;charset=utf-8
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
125
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-usw2-2-v040-055ec9a58.edge-usw2.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
eyfjHGEVRIU=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://adobe.demdex.net/firstevent?d_stuff=1&d_rtbd=json&d_cb=fltk
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
firstevent
adobe.demdex.net/ Frame 3777
Redirect Chain
  • https://adobe.demdex.net/event?d_stuff=1&d_rtbd=json&d_cb=fltk
  • https://adobe.demdex.net/firstevent?d_stuff=1&d_rtbd=json&d_cb=fltk
102 B
1007 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adobe.demdex.net/firstevent?d_stuff=1&d_rtbd=json&d_cb=fltk
Requested by
Host: eae788224dba35857150c6163776964a.safeframe.googlesyndication.com
URL: https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Server
54.69.10.121 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-69-10-121.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
fad42c0216700bfaad06e635ef9c821d454f775372ec6c4b2c76a35740dba318
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS
dcs-prod-usw2-2-v040-0f1919184.edge-usw2.demdex.com 6 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
GwWOJkiLTOs=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
application/javascript;charset=utf-8
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
125
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-usw2-2-v040-057b9e236.edge-usw2.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
Ev5jRFGQQsI=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://adobe.demdex.net/firstevent?d_stuff=1&d_rtbd=json&d_cb=fltk
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6151 		0
25 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BInjfsCQ4Y8XpGJDiowO5io2oCQAAAAA4AeAEAg&bg=!lJell9PNAAYQgTJdMIE7ACkAdvg8WqfiwWEZzbiyuAYraD8MYUTRBLWWraw9zLm1tvTFHB7a17cIBQIAAADMUgAAAAJoAQeZAv5ImeT3ET6WQN08SVcYIGD78CUoBHvkWA90xW7mDZvcbN5rS5so2QVaPZfI2WKtKeknf3dx9EBy-kHrf0-VtqWYU6-9mp9e4BcuU5QWdPD8EjNo0MHoow9njW8YifNYVzn7mqgLzTvpZe8fS6hMFO3XfwY7MHFdEOdTvHt52n9eVZyQrjKAigB0kzxyQ-e6vvg9U2LNYSvVzGvxJtgjlUhEkD1FxxZ2udecQIgi6I4I9msPTBN9GJ2kaILq-CgbaqxklhXqj0rYX2EgsJve_N2MlX_EMq2bsraRH6Q3QLbkrG2hApYjB1XWfdTRe3Znil4-rrxVsxJnpt972Zchwvi9CNa_TkaXE9d4BT2BQtpuHrs2XRoyPOPdTqLsUv8fqbrBJQa0TCO3Hv_nLnQadLZ7sfApcL5_b5g6kwCbn-TkYwQI4W3ZHDAbbnuTYJWIC5lQqjAQYvHOXB405AVdHswbuwxUCWsSzVfzKQFvMZYunQ0Okz4b3gFSeBO4QYcF2rTVqq5MTjQX3KkopYAmgu3At803yc0FszNUfTLFvqF4TdlAlAV2uGjxtgZJynfQOZENxfgRLiBpmtA3bENetiw1iqgDxrE_KyDI8B7jkpfBcUg18LuxpBWdb0XXNjChGu_eogXaZH96BFRfyM7dYdkrhuBmLc-ZsVcDcxdDlX07jRvQhiYNcP6GdnNp5oBsHbtSxapNz_rwR-adqT1mI6HgTY0naAaEIIMm-iG6qSnw8zUyYVQPC7sgITy-tqhcDVvHnMkb8G5LpTvI3GGUM_AfLFpeUZHIisRaVGUsKsshyNhkLuf7YKy-h1NgjyWsmdtprLUAPXU9sxygRyCM49KZBOZmgTPCmta-EKw27wxFH26FCdURfKv2BriLw2KZ6D6SaVaWDOjQpNBDZikLoWkLL2lGtECbXuIxzY9OZ7d7oamMT3JO2a7bEYu2hj9E0apJHHRDo1sEfoQLu8K_Is1jKredgRw7sUh1bntfTSDh2iQXtlwCkH7mKtJ_jZcF
Requested by
Host: eae788224dba35857150c6163776964a.safeframe.googlesyndication.com
URL: https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 11:29:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame DDAF 		0
25 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bctm8sCQ4Y8O3GY-kz7sP05WB2AkAAAAAOAHgBAI&bg=!xMelx4PNAAYQgTJdMIE7ACkAdvg8WvwPmh2iVOqf5Uv_DuBqvJC1Csi43Dt4cIJ5bMqw0_OpseT7qgIAAABSUgAAAAFoAQcKAHb7Amm5Z307REEFH6lvksiZbqVPffsx_VoRtkE4FIKcVNe9KSQovyRhnh_sanYUXaFD86W0IQaTNhJ0kqtVu6U0HedRlVInxOg_ggKF3TqBdm4lo7dytFBUlRTiPTY2zmH71pUW348_DMUEgPLFl-8B7xg3PDvzmQLwnrBdABiDTiWZDkLDcLqbbcIJktMS1xTKhsd8oWaPJhCPO-4IspzUCMqkM699K0jjLPs5irZhBjronT9s2C_xUgf7NNH8bAuxz2WIb_qTIqVBiVZFRiIIrKX5VVcYPMeCLiRbtyacsIP0u5EKQiuoCdkmbyUtl8sITK2sAzf6Tjnd65WkOtMiPtsG_MbKQIwNyOTRt8JdJLmm3QgLGBRR_QYE98xuovBE3o_YPstWo7gF1Z1xjExkf12t6LoDv2ZFkLmpCFpbBRKN7MajT9zfJEfKOqzr0Ov9f-dOKmAAoCVTK0Oy9JDZ5oftYblhloP6dobu-5S5K9yZn-H4ZmJCoSeMgprVXRptjToFi2oeqWLkWIsI7wYhnnQEcV6g88DlwiU46WJX8PA2-12n2FAAnqYOIx6qHXxuT53Ht3ZvSOSEZEGFVFS23U0fIc5tfLbWEBa_X1F3yuImIfVs1xTdJBLtSRS7JwvhuXdC3q7q3lF1b-4eaM_wewuVP_gJqCunM6Un-9NTqSShYsk4NhDy0tylEd2J-ifwHsAOKgUMC48-5XeCD1ErzfMmD2pTAe73ySa04Cq_5Yer8qk2AcBnFAiuLMD1pvgglIJSUrCo9xRp1PzGBk9bCD54PoYprwuxJlxidEtyAlfaKFQZi7o2ZCuQ87SOOXtpqJnxr1XxFMAbCrzWgYXL28pIhIvKAq5X7MsST1OlhB0g-WiiJpeVcGMQh7LYBGjnt7P--yccsvX13biA4zCbNOTch6zUl-KJXjnqzETCdddxVPVIsHm7odgt_xHo4pnh2pt0jz_dvz4intRmnMCXNPBjIEPaMGGCTUgd9_bDY8Oti_64MCBTpMtrTH0twIH2zwLEe6JtGc9MbWYhzhQAqQznH47TSNBA7KPfnikHrU3lH2VmjDaUznAgcw9lBlEd31i1ORdbsYhGOQ3AyI2xE760_Jpw1ksBH2E4JGEy79036lcYnqxPihsQ4cfEOTNcrpyteo_1S9E
Requested by
Host: eae788224dba35857150c6163776964a.safeframe.googlesyndication.com
URL: https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 11:29:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 405E
Redirect Chain
  • https://ad.turn.com/r/cs?pid=9&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=9043219101811047819&gdpr=0&gdpr_consent=&us_privacy=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073061&val=9043219101811047819&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 11:29:54 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537073061&val=9043219101811047819&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Sat, 01 Oct 2022 11:29:53 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
sd
us-u.openx.net/w/1.0/ Frame 405E
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=6f12351c-6cf2-7cf4-efc0-3187af7ab201&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=94fe3cf1-3e44-4ca9-b31e-4d20824c3f42&ttd_puid=6f12351c-6cf2-7cf4-efc0-3187af7ab201&gdpr=0&gdpr_consent=
43 B
257 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=94fe3cf1-3e44-4ca9-b31e-4d20824c3f42&ttd_puid=6f12351c-6cf2-7cf4-efc0-3187af7ab201&gdpr=0&gdpr_consent=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 11:29:54 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 01 Oct 2022 11:29:53 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=94fe3cf1-3e44-4ca9-b31e-4d20824c3f42&ttd_puid=6f12351c-6cf2-7cf4-efc0-3187af7ab201&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
335
sd
jp-u.openx.net/w/1.0/ Frame 405E
Redirect Chain
  • https://tg.socdm.com/rtb/sync_before?proto=openx
  • https://jp-u.openx.net/w/1.0/sd?id=537072335&val=YzgksMCo8X8AAG-4u3UAAAAA
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=YzgksMCo8X8AAG-4u3UAAAAA
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 11:29:54 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Sat, 01 Oct 2022 11:29:54 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync_before?proto=openx","cluster_id":9,"gdpr":false,"ipv4":"173.245.209.111","key":"YzgksMCo8X8AAG-4u3UAAAAA","privacy_sensitive":false,"uid":"YzgksMCo8X8AAG-4u3UAAAAA","upstream_id":"m-ad169"}
X-SO-Key
YzgksMCo8X8AAG-4u3UAAAAA
X-SO-Upstream-ID
m-ad169
P3P
CP="See also http://www.scaleout.jp/privacy/"
X-SO-HostName
m-ad169.dc4p.scaleout.jp
X-SO-UID
YzgksMCo8X8AAG-4u3UAAAAA
Connection
keep-alive
Content-Length
0
X-SO-IP
173.245.209.111
X-SO-Cluster-ID
9
Server
nginx
Location
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=YzgksMCo8X8AAG-4u3UAAAAA
Cache-Control
private
X-SO-Ads-Time
5
X-SO-LB-Hostname
m-tgng27.dc4p.scaleout.jp
sd
jp-u.openx.net/w/1.0/ Frame 405E
Redirect Chain
  • https://cr-p3.ladsp.com/cookiesender/3
  • https://cr-p3.ladsp.com/cookiesender/3?cr=true
  • https://jp-u.openx.net/w/1.0/sd?id=537072451&val=ASSSSk06WigZks8ADsWuJsLBaM8AAAGDk09aEw
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=ASSSSk06WigZks8ADsWuJsLBaM8AAAGDk09aEw
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 11:29:54 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 01 Oct 2022 11:29:54 GMT
via
1.1 80432223a109fcf584967597d286e714.cloudfront.net (CloudFront)
server
Logicad
x-amz-cf-pop
SIN2-P2
x-cache
Miss from cloudfront
p3p
CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
location
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=ASSSSk06WigZks8ADsWuJsLBaM8AAAGDk09aEw
cache-control
no-cache
content-length
0
x-amz-cf-id
46yXUjO01Z3jIlcyZ1CW-SGOIgId2dk5M1ra3YjMT_fCnrwbFMofEw==
expires
-1
pixel
cm.g.doubleclick.net/ Frame 405E 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NDM3ZGU2ZDYtYTU4NS0yMjUwLWZhMjAtNmIzZTY1OTg3YzYx
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 11:29:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 405E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEONs6oxGsIsxLHLNZCrJ3g8&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEONs6oxGsIsxLHLNZCrJ3g8&google_cver=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 11:29:54 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 01 Oct 2022 11:29:53 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEONs6oxGsIsxLHLNZCrJ3g8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 0FB7
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3658&xuid=94fe3cf1-3e44-4ca9-b31e-4d20824c3f42&dongle=0cfd
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3658&xuid=94fe3cf1-3e44-4ca9-b31e-4d20824c3f42&dongle=0cfd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
date
Sat, 01 Oct 2022 11:29:54 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Sat, 01 Oct 2022 11:29:53 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://eb2.3lift.com/xuid?mid=3658&xuid=94fe3cf1-3e44-4ca9-b31e-4d20824c3f42&dongle=0cfd
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
209
ebda
eb2.3lift.com/ Frame 0FB7
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjkzOTkxMjM4NjIyODM2NDgyNTY2Mw%3D%3D
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 11:29:54 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sat, 01 Oct 2022 11:29:54 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
248
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 0FB7
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEF1l9f906jnexPATSM-Z3Ik&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEF1l9f906jnexPATSM-Z3Ik&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
date
Sat, 01 Oct 2022 11:29:54 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Sat, 01 Oct 2022 11:29:54 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEF1l9f906jnexPATSM-Z3Ik&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 0FB7
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjkzOTkxMjM4NjIyODM2NDgyNTY2Mw%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjkzOTkxMjM4NjIyODM2NDgyNTY2Mw%3D%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H3
Server
172.253.118.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 11:29:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjkzOTkxMjM4NjIyODM2NDgyNTY2Mw%3D%3D
date
Sat, 01 Oct 2022 11:29:53 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
p.adsymptotic.com/d/px/ Frame 0FB7
Redirect Chain
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=2939912386228364825663&dbredirect=true&gdpr=0&consent=
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=2939912386228364825663&dbredirect=true&gdpr=0&consent=&cookiesTest=true
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=08b872fc-32a5-438d-9e82-08ec3ee4e122&_noobservation=1
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=08b872fc-32a5-438d-9e82-08ec3ee4e122&_noobservation=1&_expected_cookie=0b25cb0...
43 B
141 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=08b872fc-32a5-438d-9e82-08ec3ee4e122&_noobservation=1&_expected_cookie=0b25cb0ccd6565e8e3c5612e3139cebe
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
104.18.102.194 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p
CP='NON DSP COR CONi OUR BUS CNT'
date
Sat, 01 Oct 2022 11:29:55 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7534dd005acdaabb-SYD
content-length
43
content-type
image/gif

Redirect headers

location
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=08b872fc-32a5-438d-9e82-08ec3ee4e122&_noobservation=1&_expected_cookie=0b25cb0ccd6565e8e3c5612e3139cebe
date
Sat, 01 Oct 2022 11:29:55 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7534dcfee994aabb-SYD
content-length
0
xuid
eb2.3lift.com/ Frame 0FB7
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=2939912386228364825663&gdpr=0&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=triplelift
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=5401464212225013440&ssp=triplelift
  • https://eb2.3lift.com/xuid?mid=2409&xuid=c517c859-213d-4ae2-834e-1c2a02286ba3&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2409&xuid=c517c859-213d-4ae2-834e-1c2a02286ba3&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
date
Sat, 01 Oct 2022 11:29:55 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
//eb2.3lift.com/xuid?mid=2409&xuid=c517c859-213d-4ae2-834e-1c2a02286ba3&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Date
Sat, 01 Oct 2022 11:29:54 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
xuid
eb2.3lift.com/ Frame 0FB7
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/2939912386228364825663?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-xuoMfetE2oSoX1Ot.7xxmMl.sYlXbn62Gar.UOB.2A--~A&dongle=0883
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-xuoMfetE2oSoX1Ot.7xxmMl.sYlXbn62Gar.UOB.2A--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
date
Sat, 01 Oct 2022 11:29:54 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Sat, 01 Oct 2022 11:29:54 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-xuoMfetE2oSoX1Ot.7xxmMl.sYlXbn62Gar.UOB.2A--~A&dongle=0883
content-length
0
iu3
s.amazon-adsystem.com/ Frame 0FB7
Redirect Chain
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=2939912386228364825663
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=2939912386228364825663&dcc=t
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=2939912386228364825663&dcc=t
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
Date
Sat, 01 Oct 2022 11:29:54 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
GPKZ6NTBNT8MJS3T168G
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=2939912386228364825663&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
c.gif
c.bing.com/ Frame 0FB7 		42 B
668 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=2939912386228364825663&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0001.a-msedge.net
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 11:29:53 GMT
last-modified
Tue, 13 Sep 2022 03:22:00 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 12C248E689634DE895594B290F9F6C1A Ref B: SYD03EDGE1517 Ref C: 2022-10-01T11:29:54Z
etag
"8766f3fc1fc7d81:0"
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-type
image/gif
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42
xuid
eb2.3lift.com/ Frame 0FB7
Redirect Chain
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent=
  • https://stags.bluekai.com/site/23178?id=gU44aKoIYdcgRJmSt6ri&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLE...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5M5KTINDBJNXUS...
  • https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=gU44aKoIYdcgRJmSt6ri
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=gU44aKoIYdcgRJmSt6ri
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
date
Sat, 01 Oct 2022 11:29:55 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma
no-cache
Date
Sat, 01 Oct 2022 11:29:55 GMT
Content-Type
text/html; charset=utf-8
Location
https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=gU44aKoIYdcgRJmSt6ri
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
115
Expires
Thu, 01 Dec 1994 16:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 71E3 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220928&jk=1158264308673769&bg=!7O-l76vNAAYQgTJdMIE7ACkAdvg8Wqs8IMCde1dibYQLEZL5vj4L1PQDMT_NwHOhhB8gQjpgBA9LpAIAAAEXUgAAAANoAQcKACGAZrSskmyPUlY7X1YsiugsAIo5VUZ-osvrOfvzxu-P7tmZAtv6ss6mZIJazdly0dgASwUQnlzyRcW1k7IVuFY8IpaYPNSbpBG_htt-qSsoaX5fGYMkVZ2PVnacbuvyLB_ezWxdZI2GpJzuo2gvbQYuQXc122WdqyO7woBgX5yKV3Cy2-PYIMDLZ2Wy5Nz_aLZqRyvmqhrPicDwRVUtV7RzwVO1Hoj97vkYplfd3Ra_ENJHkLMrN0_Wgrt2biE7c-g5XTHYDxmwhmKJ8fzVizSAYcfgvMdp-Pbz_FWIAKaZzbxNPJNN5ggTcwprmXNBiKZiy1JRN2eYhzfgd0M4RE2scyUnAy57AUCJpOUkjhGJvKGmBcVRuWaUSvF3hmGqq86ZJkRA5ME7RAArokDRBXRKVrBVIaLFO0fdR27oT5_NbaFzEU2g5EHIlgrvr820NJkxdxGGDncJ62IzDsOrDZz4XmkhEZbXQKimRtJCghmYZ3rXGJMSFpW9sqXk2BwuuDukYJUsI9sxa3IoDEOzuPCDbwBFRJUMJMbUltBhTU5ZIqetfKJ5myqwVhNgBb-oYPkYGISXaE4q6Sw42_zGr3D1tl6h1Hqx9M8S-eYwPUFe5WtsJEgxq2HP2Lkb0psdjEe8Hix0PksS2HBvt028JkRrd9bonQhyZe-TZ82lQIh5m_JW5MYaCXCT3kw31A4weGRMbKvvxpy9Q7RPI_u63A8KHXSNR2DMibV2byaa2admqYEAV_mPzba8XAkNodGqPiSU5KFngrMr0MOHqr-f_1NNjsl3CCDB6rls8OLc031BsWZ9vlboL-P1JsfedWLMuvSJJnFU7mvUnxT_A9QyETegC4TSVqinfOB73Z1CN-01tCX9sE1TSjqShC0CcAjelXXeETrOFqcAOkkqBWU-9V6eJyFhxcXxCpEI2rWjhC5jlDlu5GGjXsRTZjSgKnpOhmGe_GOU8KOA0LSfwVSA7R6DEafiqtK4VsDOK1Vaokk2fAdNuW0CtC1Lr7NE-g616A
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qiang-ni-dai-pu-nan-shen-ji-lao-13sui-ke-neng-yuan-yin-pu-guang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sync
gum.criteo.com/ Frame 5E05 		61 B
300 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?r=2&c=321&gdpr=0&gdpr_pd=0&gdpr_consent=&us_privacy=&j=window.advBidxc.mnetRtusId
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
f77f47058428a1c21dad5a75ac13fbfdeb9858947218fee2112fded5972a0b5d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 11:29:53 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
608616
expires
60
usync.html
eus.rubiconproject.com/ Frame DFF7
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=medianet
  • https://eus.rubiconproject.com/usync.html?p=medianet
281 B
573 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=medianet
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.15.148.136 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-15-148-136.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 01 Oct 2022 11:29:54 GMT
ETag
"40014-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Unused62
8096267
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sat, 01 Oct 2022 11:29:54 GMT
location
https://eus.rubiconproject.com/usync.html?p=medianet
server
AkamaiGHost
cksync.html
contextual.media.net/ Frame 0C5C
Redirect Chain
  • https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3076253916830339000V10%26type%3Drkt%26refUrl%3D%26vid%3D462379394130762539168303390...
  • https://contextual.media.net/cksync.html?cs=8&vsid=3076253916830339000V10&type=rkt&refUrl=&vid=46237939413076253916830339000V10&ovsid=1973209965569779391
219 B
651 B 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/cksync.html?cs=8&vsid=3076253916830339000V10&type=rkt&refUrl=&vid=46237939413076253916830339000V10&ovsid=1973209965569779391
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.25.220.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-220-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
85af3052d288ffd9157258dfe4daf5309f0b64d0067ab8221cd0c62909c18419
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-length
219
content-type
text/html;charset=UTF-8
date
Sat, 01 Oct 2022 11:29:55 GMT
expires
Sat, 01 Oct 2022 11:29:55 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
pragma
no-cache
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E

Redirect headers

Content-Length
0
Date
Sat, 01 Oct 2022 11:29:54 GMT
Location
https://contextual.media.net/cksync.html?cs=8&vsid=3076253916830339000V10&type=rkt&refUrl=&vid=46237939413076253916830339000V10&ovsid=1973209965569779391
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.3.29.v20201019)
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame A1CC 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3076253916830339000V10%26type%3Dpba%26refUrl%3D%26vid%3D46237939413076253916830339000V10%26ovsid%3DPM_UID
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.44.0.196 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-44-0-196.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=120043
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Sat, 01 Oct 2022 11:29:54 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Sun, 02 Oct 2022 20:50:37 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
cksync.php
contextual.media.net/ Frame 5E05
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3076253916830339000V10%26type%3Dapx%26refUrl%3D%26vid%3D46237939413076253916830339000V10%26ovsid%3D%24UID
  • https://contextual.media.net/cksync.php?cs=8&vsid=3076253916830339000V10&type=apx&refUrl=&vid=46237939413076253916830339000V10&ovsid=2072648366779668424
45 B
452 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3076253916830339000V10&type=apx&refUrl=&vid=46237939413076253916830339000V10&ovsid=2072648366779668424
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
184.25.220.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-220-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Sat, 01 Oct 2022 11:29:54 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Sat, 01 Oct 2022 11:29:54 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 01 Oct 2022 11:29:54 GMT
AN-X-Request-Uuid
4f3f04bc-1b7c-430c-ba06-45a62d4c8150
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://contextual.media.net/cksync.php?cs=8&vsid=3076253916830339000V10&type=apx&refUrl=&vid=46237939413076253916830339000V10&ovsid=2072648366779668424
Connection
keep-alive
X-Proxy-Origin
173.245.209.111; 173.245.209.111; 897.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cksync.html
contextual.media.net/ Frame 5E05
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3076253916830339...
  • https://contextual.media.net/cksync.html?cs=8&vsid=3076253916830339000V10&type=opx&refUrl=&vid=46237939413076253916830339000V10&ovsid=a73e5c83-c7f2-4614-8c8f-4fe91d9520dd
219 B
219 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.html?cs=8&vsid=3076253916830339000V10&type=opx&refUrl=&vid=46237939413076253916830339000V10&ovsid=a73e5c83-c7f2-4614-8c8f-4fe91d9520dd
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
184.25.220.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-220-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Sat, 01 Oct 2022 11:29:54 GMT
server
Apache
vary
Accept-Encoding
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
text/html;charset=UTF-8
cache-control
max-age=0, no-cache, no-store
content-length
219
x-mnet-hl2
E
expires
Sat, 01 Oct 2022 11:29:54 GMT

Redirect headers

date
Sat, 01 Oct 2022 11:29:54 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://contextual.media.net/cksync.html?cs=8&vsid=3076253916830339000V10&type=opx&refUrl=&vid=46237939413076253916830339000V10&ovsid=a73e5c83-c7f2-4614-8c8f-4fe91d9520dd
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cksync.php
contextual.media.net/ Frame 5E05
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=64&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3076253916830339000V10%26type%3Dmma%26refUrl%3D%26vid%3D462379394130762539168303...
  • https://contextual.media.net/cksync.php?cs=8&vsid=3076253916830339000V10&type=mma&refUrl=&vid=46237939413076253916830339000V10&ovsid=76ed6338-24b0-4800-bca5-671c290429af
45 B
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3076253916830339000V10&type=mma&refUrl=&vid=46237939413076253916830339000V10&ovsid=76ed6338-24b0-4800-bca5-671c290429af
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
184.25.220.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-220-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Sat, 01 Oct 2022 11:29:54 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Sat, 01 Oct 2022 11:29:54 GMT

Redirect headers

Date
Sat, 01 Oct 2022 11:29:54 GMT
Server
MT3 4525 e1952b7 master hkg-pixel-x4 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://contextual.media.net/cksync.php?cs=8&vsid=3076253916830339000V10&type=mma&refUrl=&vid=46237939413076253916830339000V10&ovsid=76ed6338-24b0-4800-bca5-671c290429af
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Sat, 01 Oct 2022 11:29:53 GMT
cksync.php
contextual.media.net/ Frame 5E05
Redirect Chain
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3076253916830339000V10%26type%3Dr1%26refUrl%3D%26vid%3D46237939413076253916...
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&zcc=1&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3076253916830339000V10%26type%3Dr1%26refUrl%3D%26vid%3D46237939413076...
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1607245332
  • https://sync.1rx.io/usersync/tradedesk/94fe3cf1-3e44-4ca9-b31e-4d20824c3f42
  • https://sync.targeting.unrulymedia.com/csync/RX-399b6623-35a5-47a7-9e2f-fda9227d4571-004?redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3076253916830339000V10%26type%3Dr1%2...
  • https://contextual.media.net/cksync.php?cs=8&vsid=3076253916830339000V10&type=r1&refUrl=&vid=46237939413076253916830339000V10&ovsid=RX-399b6623-35a5-47a7-9e2f-fda9227d4571-004
45 B
471 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3076253916830339000V10&type=r1&refUrl=&vid=46237939413076253916830339000V10&ovsid=RX-399b6623-35a5-47a7-9e2f-fda9227d4571-004
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
184.25.220.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-220-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Sat, 01 Oct 2022 11:29:55 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Sat, 01 Oct 2022 11:29:55 GMT

Redirect headers

location
https://contextual.media.net/cksync.php?cs=8&vsid=3076253916830339000V10&type=r1&refUrl=&vid=46237939413076253916830339000V10&ovsid=RX-399b6623-35a5-47a7-9e2f-fda9227d4571-004
date
Sat, 01 Oct 2022 11:29:55 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX399b662335a547a79e2ffda9227d4571004
content-type
text/html
cksync.php
contextual.media.net/ Frame 5E05
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3076253916830339000V10%26type%3Ddxu%26refUrl%3D%26vid%3D46237939413076253916830...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3076253916830339000V10%26type%3Ddxu%26refUrl%3D%26vid%3D46237939413076253...
  • https://contextual.media.net/cksync.php?cs=8&vsid=3076253916830339000V10&type=dxu&refUrl=&vid=46237939413076253916830339000V10&ovsid=FYSE5HS21OEAGS5
45 B
452 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3076253916830339000V10&type=dxu&refUrl=&vid=46237939413076253916830339000V10&ovsid=FYSE5HS21OEAGS5
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
184.25.220.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-220-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Sat, 01 Oct 2022 11:29:55 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Sat, 01 Oct 2022 11:29:55 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 01 Oct 2022 11:29:54 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/5cd8a5d#5cd8a5dae4649c563ed7e6eb1dd90a4f2423ff29 i-061340171d1604405@ap-southeast-1a@dxedge-app-ap-southeast-1-prod-asg
Location
https://contextual.media.net/cksync.php?cs=8&vsid=3076253916830339000V10&type=dxu&refUrl=&vid=46237939413076253916830339000V10&ovsid=FYSE5HS21OEAGS5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
usersync.aspx
dis.criteo.com/dis/ Frame 5E05 		43 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=115&p=259&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.146 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 11:29:53 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
334170
expires
Sat, 01 Oct 2022 00:00:00 GMT
cksync.php
contextual.media.net/ Frame 5E05
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1
  • https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Dmedianet%26bsw_param%3Dc517c859-213d-4ae2-834e-1c2a02286b...
  • https://x.bidswitch.net/sync?dsp_id=80&user_id=76ed6338-24b0-4800-bca5-671c290429af&expires=30&ssp=medianet&bsw_param=c517c859-213d-4ae2-834e-1c2a02286ba3&gdpr=0&gdpr_consent=
  • https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=c517c859-213d-4ae2-834e-1c2a02286ba3&gdpr=0&gdpr_consent=&gdpr_pd=
45 B
464 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=c517c859-213d-4ae2-834e-1c2a02286ba3&gdpr=0&gdpr_consent=&gdpr_pd=
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
184.25.220.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-220-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Sat, 01 Oct 2022 11:29:55 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Sat, 01 Oct 2022 11:29:55 GMT

Redirect headers

Location
//contextual.media.net/cksync.php?cs=1&type=bs&ovsid=c517c859-213d-4ae2-834e-1c2a02286ba3&gdpr=0&gdpr_consent=&gdpr_pd=
Date
Sat, 01 Oct 2022 11:29:54 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
cksync.php
contextual.media.net/ Frame 5E05
Redirect Chain
  • https://b1sync.zemanta.com/usersync/medianet/?cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3076253916830339000V10%26type%3Dzem%26refUrl%3D%26vid%3D46237939413076253916830339...
  • https://stags.bluekai.com/site/23178?id=gU44aKoIYdcgRJmSt6ri&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TD...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPLHKU2DIYKLN5EVSZDDM5JEU3KTOQ3HE...
  • https://contextual.media.net/cksync.php?cs=8&ovsid=gU44aKoIYdcgRJmSt6ri&refUrl=&type=zem&vid=46237939413076253916830339000V10&vsid=3076253916830339000V10
45 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&ovsid=gU44aKoIYdcgRJmSt6ri&refUrl=&type=zem&vid=46237939413076253916830339000V10&vsid=3076253916830339000V10
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
184.25.220.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-220-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Sat, 01 Oct 2022 11:29:55 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Sat, 01 Oct 2022 11:29:55 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 01 Oct 2022 11:29:55 GMT
Content-Type
text/html; charset=utf-8
Location
https://contextual.media.net/cksync.php?cs=8&ovsid=gU44aKoIYdcgRJmSt6ri&refUrl=&type=zem&vid=46237939413076253916830339000V10&vsid=3076253916830339000V10
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
196
Expires
Thu, 01 Dec 1994 16:00:00 GMT
cksync.php
contextual.media.net/ Frame 5E05
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=3076253916830339000V10
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=medianet&ssp_user_id=3076253916830339000V10
  • https://contextual.media.net/cksync.php?type=mf&ovsid=0884cce6-0a2a-4aaf-b0b2-bb7e3f84e41e&cs=1
45 B
464 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?type=mf&ovsid=0884cce6-0a2a-4aaf-b0b2-bb7e3f84e41e&cs=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
184.25.220.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-220-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Sat, 01 Oct 2022 11:29:56 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Sat, 01 Oct 2022 11:29:56 GMT

Redirect headers

Location
//contextual.media.net/cksync.php?type=mf&ovsid=0884cce6-0a2a-4aaf-b0b2-bb7e3f84e41e&cs=1
Date
Sat, 01 Oct 2022 11:29:55 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
um
cs.emxdgt.com/ Frame 5E05 		0
67 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.emxdgt.com/um?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3076253916830339000V10%26type%3Demx%26refUrl%3D%26vid%3D46237939413076253916830339000V10%26ovsid%3D%24UID
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.16.238.86 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-16-238-86.compute-1.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 11:29:55 GMT
server
awselb/2.0
content-length
0
content-type
text/plain; charset=utf-8
sodar
pagead2.googlesyndication.com/pagead/ Frame 0282 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220928&jk=2049278595715717&bg=!LyylLGjNAAYQgTJdMIE7ACkAdvg8Wj89c4gnGMOwambcOLHU9oxDpSv6T5DwVsxDZxI1_j8-KYAsbgIAAADpUgAAAAJoAQcKAE_jjWxQfkIMvlY_R7tq4mWBsV2twcjXNeuKb8l4XSesLoxIToYmtsefsExr0H2L9BUc4J0Jjm3jZYIJjKaJ8NcqPiaN7HN9hko6Xbg0pY7KmQK_FHCvt_ytRfY2DsXS5BDbSKWkIWiteOFIuJb1h28S3gIaNdSZWV2vHFcHcFMnK_8m2kX7tVb9PVOrlF8crTMXlLvGxm9BAjnsPrpkEQd-sb0wmUpx37DJ2ee1iIZgy-uiopZYKR2_9UvYC1Pa0SHE2mjxi2AYM9ksUaEq3_qnS-qKdyzs6JG36al5FK0wC5DAIsTc1-M1ffD2lE89-IoWwyXMKQ1yIUnnIUZSXkkaEFLPBSpVwKDgoYCKsBU58hCs-5atBTfqNsVH6RipNcnJHwHlypYHg1rjHelUb_h593UACZhjfOmF9Y4GmxEiffGf3Ey-S0fr51s8_piv0WX3jRSlRby0v2lnBMtzSGGZg3vUcOPp7ivJJjXBbjpo02sR79dxH7rC-K4WE1JN46fAFqYKntIv0W5jS230-HpBShZLdYO0zTEiY9J6m4VpeSVsAuz55g-BfOmtKrECvx_pwVhlIHcLayWGi-pW6Xkv9KmCWxc5mAfnMP4wGqAoiQgm_uyYwvF_Ts6cWntytCvAllJAVKQ_DorUDqCHH_HB9VP3sricA6U2m9mNsgtW1ZqBycYtKOw6wIVRtYzMfyVnkmS_MIp81X0lZCCGt-J5-zQGBCwiiqjKtL891jVz7ATax9GRTdTFLERrl9XvhGiOJUkMQymKSea2dzhi_QgYMjHhrzp2No_IgcQZ1xb_87SntmX2okXPXl8LHRc0LJ8d7rjTjUqlN7691UiI5UResWDrw_yTrSI3FAJwdvLG1FC0pNjTF3Q05CaWR65q-LBxiljTlpgZlLWqbmGn40tV0xhNj2W807DdWxa6_jacFYaFrAXyv1EPb1zbxlRUg1zmW1LK1USE3gU_kn8CVC2FkbH-F1wp5lIxC9yB9RYtauS4pmNPsCi99Q7Wg7rY__uQdUQnikTG0sku7apT1OF8Kw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qiang-ni-dai-pu-nan-shen-ji-lao-13sui-ke-neng-yuan-yin-pu-guang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
cframe.js
assets.a-mo.net/js/ Frame 5312 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.a-mo.net/js/cframe.js
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.19.158.19 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
068fc24eba7d06f7991b4b97da0a20abcb585b8a9e3947b1ef55de06566b93b3

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 11:29:54 GMT
via
1.1 2a6cd2383f2f70d74f5acfbb719135b8.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
x-amz-cf-pop
SYD62-P2
age
521
x-cache
Hit from cloudfront
last-modified
Tue, 16 Aug 2022 15:29:37 GMT
server
cloudflare
etag
W/"b5a666dd0f7ba9330dd36461c34df0c8"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
cf-ray
7534dcfa2e68ab02-SYD
x-amz-cf-id
0NgEX79IrBY8z_evvJAbf73nx6wCvl1K630vQVy8xlezYW9QnLDeng==
expires
Sat, 01 Oct 2022 12:29:54 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 478C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220928&jk=3982342905089135&bg=!V1SlVBDNAAYQgTJdMIE7ACkAdvg8WnfmSloioUQ6ZMI6Xxk0KC9BezlcfXuJQAInpxbJ0iksMG0X1gIAAADEUgAAAAFoAQcKAGCK3YjQSMQvV_ThfULbIo0YgeNv7mlCsZcXGuUCTNX-ZWZvhIwB8UDU9HwwD6Hj79FyXfr4yJvEA5X21489KgISuoHvzKcFuOW62NAvLOcc5g_juTLfK4XbUWJdy8rvWQGZAtT7SPS8uliMW44drV8qMf43XS-fIuczo3X3Jy8Iv_DdcgZyeycH4DOxsMbOotcvx9JXN5yJTin4Tgta8DNgKGQWZ_MA3QtQZffqGc8crdFwe7PEvKJFocT-ihR_0IaACeWaLJBvpGGZCF2zq4370sW4FdHX9UIMUqkzN8M7qJd84Lyxy_sRDhns0RVlcTLe82LyNUVUwGUbcXxXZ6-QQoMMryWihL11zFXEaR3_ZmDxLaRLE3HmGEXyCuuInIA4PqPOvHMrsUtXC7ifxfYOhHcdVqMzUqRkycm3RNO2g_m821CatmKCmHm0jDGfx6u4fvA2V86zUtlFh-aSa4lCcAO64PHcjgleqnFLGSIhBODLNLZtCEBSn-WmEG2KHGcQF12GrlHFmYpq0QCOK8BrFFGBwFoxmXFFmCuirvF6eHYgHEaz6rlGqRca3YTq-tKdH0mVx8Do1ma-JGj7YIg3cUXrVHXFBsNzK_brZko9WZ4P_bvi-CbgAqsXa3wOfBbHUqyw2aptOv9j_rXql2S_obCJwv377zW4HhkAKFry1IIHKKbX0xjJJNG5u8zNxPVaTAfmi-G8xSUUUB2wRA4VNps3XVhlX0QOH6N6IBpct9C06pJjH9GBVLJjHURhTSzjQ432YFP37mMZmu7jUYQOe8K77Z8-fh-8M2ySKI9Sb_sSj5cdX0WJZfU_8m4FvOV2mmTEBaXcyp1-lL6ECiKzD_3f3Rwzo_ofhsyQB_8aacirY1VSpuhzZ9xLNjnyO-eVlLFwO8bSQ7r9akHg2rdL7eyHyDjB2ZN0Ts7BGKid9_zYqEEf_jPMfUH4em3KA-5TTkarrwO-t-wiUgFb-Q9CLtVc9BAgcvDlcqPjdI_6SioiCodMLPAcvfg5TAv7doj-UovobJycoGY1ajMFHma6G3ObR5V25LF-T8-LCIpZeplJDt6mQbmsgua2-q27OUl57PJ3Ccgt
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qiang-ni-dai-pu-nan-shen-ji-lao-13sui-ke-neng-yuan-yin-pu-guang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 80EF 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220928&jk=914639876695818&bg=!WFulWx_NAAYQgTJdMIE7ACkAdvg8WhFktFKqZSg0XZdV4UX0EQkVyVW4r29Y1JpvIkLzRfGu6Y9uVwIAAADEUgAAAAFoAQeZAqQX-c6SgdNaD4ZAGw6jZhJn5nciRvEbqtLKNxUNDzFlmpTw193QUlKGpGu6kho8GitY_-kDrV4ThVaC_pDvSWWKwfxChN08eSqU46HK9_UgM0m-RcPk8evGVgz_NW7wjZSzGF2xFRf3C60kUJOQMuxqrmKQsZGJhoAH57j9jA_CYNAh5iY82L3KdUUSkFhbLkkN1iBEikhaykoLPBeJKxVa-0aHKrt3uLjgb-FBn_Lzgy4bvVcF48T3VAhd1U5WWKQs-C5B7us1B2gmzZs7IDx18SvmtEhvUFH_CpuBFwmK5e9dFZdIU_RZHyIV1n2rYJtE8bQf1dB1DqCKPDHYn5-MDqYKQRnbhM2clkoBECCmZDKBhcMJrkYJ7O7IPGR4TsBaPOWS4N3hwJ5pjfJaFzjzBCkIg2Z29Lh-ge8ndPo2XMLY309yG2PHSCcKSqOEJpeXh3yKPOE3i9L14w6nABLDDYAm29h6ooJTLezB5jangDEPNyHD170ySzm-cXQdDb-eh3DuMN3ZELwb-D85OLVr_R_CBKBcmowAk27GpmPmx6aOcn6cFKVHf_T6ZFjEHiGvKfX70qxLYhFvF5usc8AzibbqcINa1zz-6i88g489zss9g7icGL-402dlsiy4FNw7wUWRklNuioqZpuYmySfNfIRtF5ZSpwuDf0E8wd0GOcnnAeBEWVrRrPY1YX9yyTh4Ao8T15lkMBri6d936a_h8pfk07xwQF-JoDO3q7cjVpMrBZSrRxMFvInBtORCPP7gkAB_VJ7V4SZEvrahNRosegjQ3MDZSW2gxI63zrzbgRMMEH4hGVqGL3l9tzyPW9ADVSVIWmAXYdze5VAVPiLB2srB9yt22CAYr9EWDFqWJw6-sV9m_94Z8YoxtF6vjj5z3omi
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qiang-ni-dai-pu-nan-shen-ji-lao-13sui-ke-neng-yuan-yin-pu-guang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
tweenmax_1.18.0_499ba64a23378545748ff12d372e59e9_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 3EE4 		105 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_1.18.0_499ba64a23378545748ff12d372e59e9_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4942068020373019979/index_120x600_google.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f148.1e100.net
Software
sffe /
Resource Hash
001acbb15d9c69510c0817e6dde361bff098406fad182ab3c367f86ff3da8343
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4942068020373019979/index_120x600_google.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 11:29:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35824
x-xss-protection
0
last-modified
Fri, 09 Oct 2015 14:01:28 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 01 Oct 2022 11:29:54 GMT
easeljs_1.0.0_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 3EE4 		125 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/easeljs_1.0.0_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4942068020373019979/index_120x600_google.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f148.1e100.net
Software
sffe /
Resource Hash
25c06c024bfb192f5418b39ce069ebe46fda94e38b25ae781cc753fce98a2a24
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4942068020373019979/index_120x600_google.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 11:29:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36116
x-xss-protection
0
last-modified
Tue, 19 Nov 2019 16:51:38 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 01 Oct 2022 11:29:54 GMT
createjs_2019.11.15_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 3EE4 		236 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4942068020373019979/index_120x600_google.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f148.1e100.net
Software
sffe /
Resource Hash
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4942068020373019979/index_120x600_google.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 11:29:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
64275
x-xss-protection
0
last-modified
Fri, 15 Nov 2019 19:16:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 01 Oct 2022 11:29:54 GMT
index_120x600_google.js
s0.2mdn.net/sadbundle/4942068020373019979/ Frame 3EE4 		50 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/4942068020373019979/index_120x600_google.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4942068020373019979/index_120x600_google.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f148.1e100.net
Software
sffe /
Resource Hash
f9524d8f1807bf488171ae337a05fd08898c2acfab1408df2e33b700f80ed9f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4942068020373019979/index_120x600_google.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 11:29:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 05 Sep 2022 15:11:23 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 01 Oct 2023 11:29:54 GMT
usync
id.a-mx.com/ Frame 5312 		0
508 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.a-mx.com/usync?uid=73a14bd1-6a49-4cf4-8290-591dcce62202&gdpr_consent=
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.41.253 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 11:29:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-l1
AU
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VS5DxaatFKCb81z1I%2B6lBOCllbuhuXxPaGb254z4lZjZg%2B9OqLP2u2X4ljVhsTeZhn7g3nAuSc7pjuZB14Y1mBZ3EUj4jTtP7n5N2SJA1nn2SggZXu3F8SDdDvn8Xg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
private,max-age=0
cf-ray
7534dcfc2811aaf3-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
sync
x.bidswitch.net/ Frame 5312
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=adaptmx&user_id=73a14bd1-6a49-4cf4-8290-591dcce62202&gdpr=0&gdpr_consent=&us_privacy=
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=c517c859-213d-4ae2-834e-1c2a02286ba3&ssp=adaptmx&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10524419749888161839&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.vi...
  • https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=a1b328e9-f147-491b-836f-9bdb746f7b7d&ssp=adaptmx&gdpr_consent=&gdpr=0
  • https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=10524419749888161839&ssp=adaptmx&gdpr=0&gdpr_consent=
  • https://odr.mookie1.com/t/v2?tagid=V2_785409&src.visitorId=209610804291002756681&ssp=adaptmx&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10524419749888161839&ssp=adaptmx&gdpr=0&gdpr_consent=
43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=419&user_id=10524419749888161839&ssp=adaptmx&gdpr=0&gdpr_consent=
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
HTTP/1.1
Server
35.213.12.39 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
39.12.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 01 Oct 2022 11:29:56 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Sat, 01 Oct 2022 11:29:55 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
location
https://x.bidswitch.net/sync?dsp_id=419&user_id=10524419749888161839&ssp=adaptmx&gdpr=0&gdpr_consent=
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
yahoo
prebid.a-mo.net/setuid/ Frame 5312
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58570/occ?gdpr=0&gdpr_consent=&uid=73a14bd1-6a49-4cf4-8290-591dcce62202
  • https://ups.analytics.yahoo.com/ups/58570/occ?gdpr=0&gdpr_consent=&uid=73a14bd1-6a49-4cf4-8290-591dcce62202&verify=true
  • https://prebid.a-mo.net/setuid/yahoo?uid=y-BOn8z3dE2uHr36X3vjWjrskdvV_QUgrrT5j4dGY-~A&gdpr=0&gdpr_consent=
0
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid/yahoo?uid=y-BOn8z3dE2uHr36X3vjWjrskdvV_QUgrrT5j4dGY-~A&gdpr=0&gdpr_consent=
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Server
145.40.88.5 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 11:29:55 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
5
server
envoy
vary
Accept-Encoding

Redirect headers

location
https://prebid.a-mo.net/setuid/yahoo?uid=y-BOn8z3dE2uHr36X3vjWjrskdvV_QUgrrT5j4dGY-~A&gdpr=0&gdpr_consent=
date
Sat, 01 Oct 2022 11:29:55 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
magnite
prebid.a-mo.net/setuid/ Frame 5312
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&gdpr=0&gdpr_consent=&us_privacy=
  • https://prebid.a-mo.net/setuid/magnite?uid=L8PU0VI1-22-89WR&gdpr=0
0
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid/magnite?uid=L8PU0VI1-22-89WR&gdpr=0
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Server
145.40.88.5 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 11:29:54 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
5
server
envoy
vary
Accept-Encoding

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://prebid.a-mo.net/setuid/magnite?uid=L8PU0VI1-22-89WR&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
0d2bd05215470efb17ae41aff76c3f98
Expires
0
setuid
prebid.a-mo.net/ Frame 5312
Redirect Chain
  • https://cm.adform.net/cookie?gdpr=0&gdpr_consent=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D73a14bd1-6a49-4cf4-8290-591dcce62202%26bidder%3Dadform%26uid%3D%24UID
  • https://prebid.a-mo.net/setuid?A=73a14bd1-6a49-4cf4-8290-591dcce62202&bidder=adform&uid=5401464212225013440
0
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?A=73a14bd1-6a49-4cf4-8290-591dcce62202&bidder=adform&uid=5401464212225013440
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Server
145.40.88.5 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 11:29:54 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
6
server
envoy
vary
Accept-Encoding

Redirect headers

location
https://prebid.a-mo.net/setuid?A=73a14bd1-6a49-4cf4-8290-591dcce62202&bidder=adform&uid=5401464212225013440
date
Sat, 01 Oct 2022 11:29:55 GMT
server
nginx
content-length
0
content-type
text/plain
sync
x.bidswitch.net/ Frame 5312
Redirect Chain
  • https://ssp.disqus.com/redirectuser?partner=adaptmx&gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D73a14bd1-6a49-4cf4-8290-591dcce62202%26bidder%3Dzeta%26uid%3D%24UID
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D6%26r%3DCid1YS00NDA0OGJkNi1kMDM3LTM2MjItYTIzZS1hZWYzN2NlMjZjYjQqfWh0dHBzOi8vcHJl...
  • https://cm.adform.net/cookie?gdpr=1&gdpr_consent=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F4390%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26A%3D73a14bd1-6a49-4cf4-8290-591dcce62...
  • https://prebid.a-mo.net/cchain/0/4390?gdpr=0&gdpr_consent=&us_privacy=&A=73a14bd1-6a49-4cf4-8290-591dcce62202&bidder=adform&cbx=aHR0cHM6Ly9zc3AuZGlzcXVzLmNvbS9tYXRjaD9iaWRkZXI9NiZyPUNpZDFZUzAwTkRBM...
  • https://x.bidswitch.net/sync?ssp=adaptmx&user_id=73a14bd1-6a49-4cf4-8290-591dcce62202&gdpr=0&gdpr_consent=&us_privacy=
  • https://dis.criteo.com/dis/usersync.aspx?r=25&p=52&dis=0&gdpr=0&gdpr_consent=&url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D462%26ssp%3Dadaptmx%26user_id%3D%40%40CRITEO_USERID%40%40
  • https://x.bidswitch.net/sync?dsp_id=462&ssp=adaptmx&user_id=k-Yrzd2TSUeygVec3UzVomFT54PBKxUvW1JuDT7g&gdpr=0&gdpr_consent=
43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=462&ssp=adaptmx&user_id=k-Yrzd2TSUeygVec3UzVomFT54PBKxUvW1JuDT7g&gdpr=0&gdpr_consent=
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
HTTP/1.1
Server
35.213.12.39 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
39.12.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 01 Oct 2022 11:29:57 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Sat, 01 Oct 2022 11:29:56 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://x.bidswitch.net/sync?dsp_id=462&ssp=adaptmx&user_id=k-Yrzd2TSUeygVec3UzVomFT54PBKxUvW1JuDT7g&gdpr=0&gdpr_consent=
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1785927
content-length
0
expires
Sat, 01 Oct 2022 00:00:00 GMT
setuid
prebid.a-mo.net/ Frame 5312
Redirect Chain
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D73a14bd1-6a49-4cf4-8290-591dcce62202%26bidder%...
  • https://prebid.a-mo.net/setuid?A=73a14bd1-6a49-4cf4-8290-591dcce62202&bidder=smartadserver&uid=5912640572057858447
0
114 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?A=73a14bd1-6a49-4cf4-8290-591dcce62202&bidder=smartadserver&uid=5912640572057858447
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Server
145.40.88.5 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 11:29:54 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
0
server
envoy
vary
Accept-Encoding

Redirect headers

location
https://prebid.a-mo.net/setuid?A=73a14bd1-6a49-4cf4-8290-591dcce62202&bidder=smartadserver&uid=5912640572057858447
date
Sat, 01 Oct 2022 11:29:54 GMT
content-length
0
setuid
prebid.a-mo.net/ Frame 5312
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-mo....
  • https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-mo....
  • https://image4.pubmatic.com/AdServer/SPug?p=158355&pmc=1&pr=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D73a14bd1-6a49-4cf4-8290-591dcce62202%26bidder%3Dpubmatic%26uid%3D8D85E5DC-08FA-4FF0-A24B-850...
  • https://prebid.a-mo.net/setuid?A=73a14bd1-6a49-4cf4-8290-591dcce62202&bidder=pubmatic&uid=8D85E5DC-08FA-4FF0-A24B-85016B0F6E64
0
114 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?A=73a14bd1-6a49-4cf4-8290-591dcce62202&bidder=pubmatic&uid=8D85E5DC-08FA-4FF0-A24B-85016B0F6E64
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Server
145.40.88.5 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 11:29:55 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
7
server
envoy
vary
Accept-Encoding

Redirect headers

location
https://prebid.a-mo.net/setuid?A=73a14bd1-6a49-4cf4-8290-591dcce62202&bidder=pubmatic&uid=8D85E5DC-08FA-4FF0-A24B-85016B0F6E64
date
Sat, 01 Oct 2022 11:29:55 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
setuid
prebid.a-mo.net/ Frame 5312
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?s=191503&gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D73a14bd1-6a49-4cf4-8290-591dcce62202%26bidder%3Dindex_rtb%26uid%3D
  • https://prebid.a-mo.net/setuid?A=73a14bd1-6a49-4cf4-8290-591dcce62202&bidder=index_rtb&uid=YzgksIzwkGH2s7rQXrj5agAA%264758
0
150 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?A=73a14bd1-6a49-4cf4-8290-591dcce62202&bidder=index_rtb&uid=YzgksIzwkGH2s7rQXrj5agAA%264758
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Server
145.40.88.5 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 11:29:54 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
6
server
envoy
vary
Accept-Encoding

Redirect headers

pragma
no-cache
date
Sat, 01 Oct 2022 11:29:54 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qNZJ5qDhN4nZ9VsREd70ByBrXcBhegPWd5WQGk9ojH1W%2FMvDzf8ZVoX9NGfRoesIUH8z3xD5LVr0RuBJ8XdQqf6%2F4IGvN7mPbAf1wm1KkKVX8%2F%2BFqg8eBLY0VYKAV4dBi90wRv71"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://prebid.a-mo.net/setuid?A=73a14bd1-6a49-4cf4-8290-591dcce62202&bidder=index_rtb&uid=YzgksIzwkGH2s7rQXrj5agAA%264758
cache-control
no-cache
cf-ray
7534dcfc3938a8ca-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
setuid
prebid.a-mo.net/ Frame 5312
Redirect Chain
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D73a14bd1-6a49-4cf4-8290-591dcce62202%26bidder%3Dsovrn%26uid%3D%24UID
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D73a14bd1-6a49-4cf4-8290-591dcce62202%26bidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true
  • https://prebid.a-mo.net/setuid?A=73a14bd1-6a49-4cf4-8290-591dcce62202&bidder=sovrn&uid=FaGxDLZHI8kIY0jBSLeFhBZ7
0
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?A=73a14bd1-6a49-4cf4-8290-591dcce62202&bidder=sovrn&uid=FaGxDLZHI8kIY0jBSLeFhBZ7
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Server
145.40.88.5 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 11:29:55 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
5
server
envoy
vary
Accept-Encoding

Redirect headers

Date
Sat, 01 Oct 2022 11:29:55 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://prebid.a-mo.net/setuid?A=73a14bd1-6a49-4cf4-8290-591dcce62202&bidder=sovrn&uid=FaGxDLZHI8kIY0jBSLeFhBZ7
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap3sfo1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
setuid
prebid.a-mo.net/ Frame 5312
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D73a14bd1-6a49-4cf4-8290-591dcce62202%26bidder%3Dappnexus%26uid%3D%24UID
  • https://prebid.a-mo.net/setuid?A=73a14bd1-6a49-4cf4-8290-591dcce62202&bidder=appnexus&uid=2072648366779668424
0
138 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?A=73a14bd1-6a49-4cf4-8290-591dcce62202&bidder=appnexus&uid=2072648366779668424
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Server
145.40.88.5 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 11:29:55 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
5
server
envoy
vary
Accept-Encoding

Redirect headers

Pragma
no-cache
Date
Sat, 01 Oct 2022 11:29:54 GMT
AN-X-Request-Uuid
4161dc51-341d-4a4f-b975-b30c6441ecaa
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://prebid.a-mo.net/setuid?A=73a14bd1-6a49-4cf4-8290-591dcce62202&bidder=appnexus&uid=2072648366779668424
Connection
keep-alive
X-Proxy-Origin
173.245.209.111; 173.245.209.111; 897.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
ib.adnxs.com/prebid/ Frame 5312 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=amx&uid=73a14bd1-6a49-4cf4-8290-591dcce62202
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.151.36 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
897.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 01 Oct 2022 11:29:55 GMT
AN-X-Request-Uuid
a51a10d0-fbbc-4ccf-93ad-8e4e19710ca4
Server
nginx/1.21.3
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
173.245.209.111; 173.245.209.111; 897.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ADMX
c.deployads.com/cs/ Frame 5312 		43 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.deployads.com/cs/ADMX?b=73a14bd1-6a49-4cf4-8290-591dcce62202
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.209.60.98 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-60-98.eu-west-1.compute.amazonaws.com
Software
SortableCactus/1.0 /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
date
Sat, 01 Oct 2022 11:29:56 GMT
cache-control
no-cache
server
SortableCactus/1.0
content-type
image/gif
setuid
ow.pubmatic.com/ Frame 5312 		86 B
500 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ow.pubmatic.com/setuid?bidder=amx&uid=73a14bd1-6a49-4cf4-8290-591dcce62202
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.77 Los Angeles, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 01 Oct 2022 11:29:56 GMT
Content-Length
86
Content-Type
image/png
setuid
pb-server.ezoic.com/ Frame 5312 		86 B
454 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pb-server.ezoic.com/setuid?bidder=amx&uid=73a14bd1-6a49-4cf4-8290-591dcce62202
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.137.211.219 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-46-137-211-219.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/png
pragma
no-cache
date
Sat, 01 Oct 2022 11:29:55 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
86
vary
Origin
expires
0
setuid
pb.vuukle.com/ Frame 5312 		86 B
471 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pb.vuukle.com/setuid?bidder=amx&uid=73a14bd1-6a49-4cf4-8290-591dcce62202
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.198.114.225 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 11:29:56 GMT
server
nginx
vary
Origin
content-type
image/png, text/html
cache-control
no-cache, no-store, must-revalidate
content-length
86
expires
0
setuid
pbs.nextmillmedia.com/ Frame 5312 		86 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.nextmillmedia.com/setuid?bidder=amx&uid=73a14bd1-6a49-4cf4-8290-591dcce62202
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.71.39 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-71-39.compute-1.amazonaws.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/png
pragma
no-cache
date
Sat, 01 Oct 2022 11:29:56 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
86
vary
Origin
expires
0
setuid
prebid-server.rubiconproject.com/ Frame 5312 		86 B
697 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-server.rubiconproject.com/setuid?bidder=amx&uid=73a14bd1-6a49-4cf4-8290-591dcce62202
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.112.222.132 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-112-222-132.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/png
pragma
no-cache
date
Sat, 01 Oct 2022 11:29:54 GMT
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
expires
0
usync.js
eus.rubiconproject.com/ Frame DF52 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.15.148.136 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-15-148-136.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
b3e685b257930d612f6c533ada3f062bfca487b3297a3af03e4f9f5478ccbf36

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 01 Oct 2022 11:29:54 GMT
Content-Encoding
gzip
Last-Modified
Thu, 15 Sep 2022 22:38:47 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=25053
Connection
keep-alive
Content-Length
9421
Expires
Sat, 01 Oct 2022 18:27:27 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 5FC2 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.18.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
010f899056cef7e818c05ac09694977ca3f46ef565b1cadf682313efe761c53b

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
7534dcfd2ba9a80b-SYD
content-encoding
br
content-type
text/html
date
Sat, 01 Oct 2022 11:29:55 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7Xjy%2B22lPevqCrMgUORQrC9Rdf5lXkCLNYVEc5DyJkn9EReZqgiIkxbFCiCuj4fLYWmXHQlJGwMmY6eTrSXA5wkcnafJiYDQm%2F3CRTryIGjCNs2HgWQn7UxNmCDWuY9H%2BtiYJUmvwVdDQA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
async_usersync
ib.adnxs.com/ Frame B8CD 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.151.36 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
897.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 01 Oct 2022 11:29:54 GMT
AN-X-Request-Uuid
d766b2e3-cc43-47ba-a923-6ef32b11d4a9
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
173.245.209.111; 173.245.209.111; 897.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame A1CC 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=20312840&p=159463&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3076253916830339000V10%26type%3Dpba%26refUrl%3D%26vid%3D46237939413076253916830339000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.81 Los Angeles, United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
dd8f713d63f116362513cc6076ff43e88645605ef40a3c906a8af327f36f616f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Sat, 01 Oct 2022 11:29:55 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
activeview
pagead2.googlesyndication.com/pcs/ Frame 87CF 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvF_qsRBqceARdi5LIbjEyk8jeAmfLMV6AjcBggbXZG1LT9TaPpyRK1ZX02kicAxVnjn8HEXEXwLX7rB9XpYbb_qB_5jyXljFFVLi9rvKfrgSCfYo-rMmQLbSVxd_FdNhbBxWU&sai=AMfl-YQ4dw7gSRq5tDXUmnZYGt8r8p0fmSpkc3cpGzu02XoXu1AKQquCE2IGrOOXTigPq2HwHDj5PuuZlyrnCwGI7KvMPjP2zByGe02S-9ENAW6NII0ip8OSxpdIWPGkgw&sig=Cg0ArKJSzJf2Vzgn12-lEAE&cid=CAASJORoCCybkWVWDY_jmweXhTgjYuonvaCJLchaE_SNBFmTPtlZJw&id=lidar2&mcvt=1000&p=300,84,340,125&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220928&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=4082231052&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1664623792075&rpt=946&isd=0&lsd=0&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 11:29:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame DF52
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/hpAEjV6zzg0WyMzyQSVCLcn5EUdSAgOZEtemQ7w0kco?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=406110106942714353
42 B
677 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=406110106942714353
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qiang-ni-dai-pu-nan-shen-ji-lao-13sui-ke-neng-yuan-yin-pu-guang.html
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
f60a7260b0ebb7a40a81234af4a9e826
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Sat, 01 Oct 2022 11:29:55 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=406110106942714353
content-length
0
ecm3
s.amazon-adsystem.com/ Frame DF52
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=Yr6RNLOoTYO7Aaa-xyqIcw&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=Yr6RNLOoTYO7Aaa-xyqIcw
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=Yr6RNLOoTYO7Aaa-xyqIcw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qiang-ni-dai-pu-nan-shen-ji-lao-13sui-ke-neng-yuan-yin-pu-guang.html
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 01 Oct 2022 11:29:56 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
FYY5CDC0N6HNZM2X18B7
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=Yr6RNLOoTYO7Aaa-xyqIcw
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4b9b5fe4fdc8ed94e0f7cdc225df187a
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame DF52
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhQVTBWSTEtMjItODlXUg==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhQVTBWSTEtMjItODlXUg==
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qiang-ni-dai-pu-nan-shen-ji-lao-13sui-ke-neng-yuan-yin-pu-guang.html
Protocol
H3
Server
172.253.118.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 11:29:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhQVTBWSTEtMjItODlXUg==
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
c80248407eff6cf595ce43a76c04e23f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame DF52
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=94fe3cf1-3e44-4ca9-b31e-4d20824c3f42&gdpr=0&gdpr_consent=&expires=30
42 B
677 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=94fe3cf1-3e44-4ca9-b31e-4d20824c3f42&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qiang-ni-dai-pu-nan-shen-ji-lao-13sui-ke-neng-yuan-yin-pu-guang.html
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
d335433bbbe0efeac67146df47932f6f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Sat, 01 Oct 2022 11:29:54 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=94fe3cf1-3e44-4ca9-b31e-4d20824c3f42&gdpr=0&gdpr_consent=&expires=30
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
289
tap.php
pixel.rubiconproject.com/ Frame DF52
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEKBMkUKTr5bSaTH2b7bebZY&google_cver=1
42 B
677 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEKBMkUKTr5bSaTH2b7bebZY&google_cver=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qiang-ni-dai-pu-nan-shen-ji-lao-13sui-ke-neng-yuan-yin-pu-guang.html
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
0d2bd05215470efb17ae41aff76c3f98
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Sat, 01 Oct 2022 11:29:54 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEKBMkUKTr5bSaTH2b7bebZY&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
px.ads.linkedin.com/ Frame DF52
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L8PU0VI1-22-89WR
0
144 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L8PU0VI1-22-89WR
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qiang-ni-dai-pu-nan-shen-ji-lao-13sui-ke-neng-yuan-yin-pu-guang.html
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 11:29:55 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: A250F1DF9DB8421D93EA777DDE39798B Ref B: SYD03EDGE1619 Ref C: 2022-10-01T11:29:55Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXp924IXfqd9uW7QYIDGQ==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L8PU0VI1-22-89WR
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
808ed95536e7f55d8adbcb9fc76d309d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame DF52
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NDY0Y2YwOWYyNzg5NTE1NWY2ZjI1YTdmMWM3ZTQzNWNmMzQ1NmEwMQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NDY0Y2YwOWYyNzg5NTE1NWY2ZjI1YTdmMWM3ZTQzNWNmMzQ1NmEwMQ
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qiang-ni-dai-pu-nan-shen-ji-lao-13sui-ke-neng-yuan-yin-pu-guang.html
Protocol
H3
Server
172.253.118.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 11:29:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NDY0Y2YwOWYyNzg5NTE1NWY2ZjI1YTdmMWM3ZTQzNWNmMzQ1NmEwMQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
808ed95536e7f55d8adbcb9fc76d309d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
aax-eu.amazon-adsystem.com/s/ Frame DF52
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=cvjpomNeRyywGcF-p3popQ&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=cvjpomNeRyywGcF-p3popQ
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=cvjpomNeRyywGcF-p3popQ
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qiang-ni-dai-pu-nan-shen-ji-lao-13sui-ke-neng-yuan-yin-pu-guang.html
Protocol
HTTP/1.1
Server
52.95.126.160 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 01 Oct 2022 11:29:58 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
53AWJ330G1SV4BZEW8SX
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=cvjpomNeRyywGcF-p3popQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4b9b5fe4fdc8ed94e0f7cdc225df187a
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 5391 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.44.0.196 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-44-0-196.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=120043
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Sat, 01 Oct 2022 11:29:54 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Sun, 02 Oct 2022 20:50:37 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
13926
g2.gumgum.com/usync/ Frame F1E2 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.168.48.215 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-168-48-215.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1016eb418a00e0a7a7e68133b0119198d6ed79e5b48c3d3118af68159717f906

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Sat, 01 Oct 2022 11:29:55 GMT
etag
W/"01d018b37f5591495eeec85dea581443a"
server
nginx
timing-allow-origin
*
/
onetag-sys.com/usync/ Frame F7B5 		2 KB
863 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.79.234.101 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-51-79-234.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
sync
ssbsync.smartadserver.com/api/ Frame F29D 		871 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.106.127.52 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
e03de9e1486226dd627695c66b4752d8db63cf395ab33e804441b221b75a75ad

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

content-length
871
content-type
text/html
date
Sat, 01 Oct 2022 11:29:54 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 3D68 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.18.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
907340577a2237cf39b2d5c2451b83bdfc665f4e19cb2ec906c92cab2fea7fe0

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
7534dcfe7cefa80b-SYD
content-encoding
br
content-type
text/html
date
Sat, 01 Oct 2022 11:29:55 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R9Kd5RwezjUZ2CslHvHdi0bXYcDQrWq4CZdwdwdiUnjjOMuUOUWXUVsdJOaa5i7qiqYMRRVsg0ImN8KNqsb0GrpB72lMPLbzl5XJZPsJyhbDmsLdaW8dJv19czZ4MUrZQjw90iqYpx9lOA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame C23B
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
281 B
573 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.15.148.136 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-15-148-136.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 01 Oct 2022 11:29:55 GMT
ETag
"40014-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Unused62
8096267
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sat, 01 Oct 2022 11:29:55 GMT
location
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
server
AkamaiGHost
setuid
x.yieldlift.com/ Frame A483
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=13702&gdpr=0&gdpr_consent=&us_privacy=1YN-&
  • https://x.yieldlift.com/setuid?bidder=rubicon&uid=L8PU0VI1-22-89WR&gdpr=0&us_privacy=1YN-
0
240 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.yieldlift.com/setuid?bidder=rubicon&uid=L8PU0VI1-22-89WR&gdpr=0&us_privacy=1YN-
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Server
23.20.206.0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-20-206-0.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 01 Oct 2022 11:29:56 GMT
Connection
keep-alive
Content-Length
0
Vary
Origin

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://x.yieldlift.com/setuid?bidder=rubicon&uid=L8PU0VI1-22-89WR&gdpr=0&us_privacy=1YN-
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
6690dc791bf02dde8c4051a04cfd7bb8
Expires
0
sync
ads.servenobid.com/ Frame A483
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID
  • https://ads.servenobid.com/sync?pid=312&uid=2072648366779668424
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=312&uid=2072648366779668424
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
34.251.200.30 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-200-30.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 11:29:55 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
Date
Sat, 01 Oct 2022 11:29:55 GMT
AN-X-Request-Uuid
a38e36ab-4782-4a7c-b705-d95765240e5e
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://ads.servenobid.com/sync?pid=312&uid=2072648366779668424
Connection
keep-alive
X-Proxy-Origin
173.245.209.111; 173.245.209.111; 897.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ads.servenobid.com/ Frame A483
Redirect Chain
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1
  • https://ads.servenobid.com/sync?pid=310&uid=FaGxERZH5G4Rz8iZSgm50Jbs
0
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=310&uid=FaGxERZH5G4Rz8iZSgm50Jbs
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
34.251.200.30 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-200-30.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 11:29:56 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
Date
Sat, 01 Oct 2022 11:29:55 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ads.servenobid.com/sync?pid=310&uid=FaGxERZH5G4Rz8iZSgm50Jbs
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4sfo1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
sync
ads.servenobid.com/ Frame A483
Redirect Chain
  • https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID
  • https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID&sovrn_retry=true
  • https://ads.servenobid.com/sync?pid=310&uid=FaGxDLZHQg2R9Nq9RISCckhn
0
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=310&uid=FaGxDLZHQg2R9Nq9RISCckhn
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
34.251.200.30 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-200-30.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 11:29:56 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Date
Sat, 01 Oct 2022 11:29:55 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://ads.servenobid.com/sync?pid=310&uid=FaGxDLZHQg2R9Nq9RISCckhn
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap3sfo1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
sync
ads.servenobid.com/ Frame A483
Redirect Chain
  • https://x.yieldlift.com/getuid?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D314%26uid%3D%24UID
  • https://ads.servenobid.com/sync?pid=314&uid=dd81a6c3-1df1-4e88-a46c-87c04117c7db
0
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=314&uid=dd81a6c3-1df1-4e88-a46c-87c04117c7db
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
34.251.200.30 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-200-30.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 11:29:56 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Location
https://ads.servenobid.com/sync?pid=314&uid=dd81a6c3-1df1-4e88-a46c-87c04117c7db
Date
Sat, 01 Oct 2022 11:29:55 GMT
Connection
keep-alive
Content-Length
119
Vary
Origin
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame A483
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-399b6623-35a5-47a7-9e2f-fda9227d4571-004&rndcb=7056126096
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=adconductor&bsw_param=c517c859-213d-4ae2-834e-1c2a02286ba3&google_hm=YzUxN2M4NTktMjEzZC00YWUyLTgzNGUtMWMyYTAyMjg2...
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEFbkZIUM9xrON573cI9WSoA&google_cver=1&ssp=adconductor&bsw_param=c517c859-213d-4ae2-834e-1c2a02286ba3
  • https://sync.1rx.io/usersync/bidswitch/c517c859-213d-4ae2-834e-1c2a02286ba3?gdpr=&gdpr_consent=
  • https://sync.targeting.unrulymedia.com/csync/RX-399b6623-35a5-47a7-9e2f-fda9227d4571-004?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-399b6623-35a5-47a7-9e2f-fda9227d4571-004
  • https://usersync.gumgum.com/usersync?b=rhy&i=RX-399b6623-35a5-47a7-9e2f-fda9227d4571-004
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=rhy&i=RX-399b6623-35a5-47a7-9e2f-fda9227d4571-004
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Server
13.112.54.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sat, 01 Oct 2022 11:29:57 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=rhy&i=RX-399b6623-35a5-47a7-9e2f-fda9227d4571-004
date
Sat, 01 Oct 2022 11:29:56 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX399b662335a547a79e2ffda9227d4571004
content-type
text/html
sync
ads.servenobid.com/ Frame A483
Redirect Chain
  • https://p.rfihub.com/cm?pub=44007&in=1
  • https://ads.servenobid.com/sync?pid=324&uid=1973209965569779417
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=324&uid=1973209965569779417
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
34.251.200.30 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-200-30.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 11:29:55 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Location
https://ads.servenobid.com/sync?pid=324&uid=1973209965569779417
Date
Sat, 01 Oct 2022 11:29:55 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sync
ads.servenobid.com/ Frame A483
Redirect Chain
  • https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D
  • https://ads.servenobid.com/sync?pid=332&uid=f3206ff4-db54-4473-a11d-cc170a0d2c5f
0
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=332&uid=f3206ff4-db54-4473-a11d-cc170a0d2c5f
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
34.251.200.30 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-200-30.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 11:29:58 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
Date
Sat, 01 Oct 2022 11:29:57 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-lax-1-5-30
Content-Type
text/plain; charset=utf8
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://ads.servenobid.com/sync?pid=332&uid=f3206ff4-db54-4473-a11d-cc170a0d2c5f
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
sync
ads.servenobid.com/ Frame A483
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D
  • https://ssp.disqus.com/redirectuser?partner=adaptmx&gdpr=1&gdpr_consent=&us_privacy=1YN-&r=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F3639%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26A%3D7...
  • https://sync.go.sonobi.com/us?gdpr=0&gdpr_consent=&us_privacy=&loc=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D18%26buyeruid%3D%5BUID%5D%26r%3DCid1YS00NDA0OGJkNi1kMDM3LTM2MjItYTIzZS1hZWYzN2NlMj...
  • https://ssp.disqus.com/match?bidder=18&buyeruid=7ad4dd01-b844-4b04-a803-83a2bda545b5&r=Cid1YS00NDA0OGJkNi1kMDM3LTM2MjItYTIzZS1hZWYzN2NlMjZjYjQq7AFodHRwczovL3ByZWJpZC5hLW1vLm5ldC9jY2hhaW4vMC8zNjM5P2...
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D6%26r%3DCid1YS00NDA0OGJkNi1kMDM3LTM2MjItYTIzZS1hZWYzN2NlMjZjYjQq7AFodHRwczovL3By...
  • https://ssp.disqus.com/match?bidder=6&r=Cid1YS00NDA0OGJkNi1kMDM3LTM2MjItYTIzZS1hZWYzN2NlMjZjYjQq7AFodHRwczovL3ByZWJpZC5hLW1vLm5ldC9jY2hhaW4vMC8zNjM5P2dkcHI9MCZnZHByX2NvbnNlbnQ9JnVzX3ByaXZhY3k9MVlOL...
  • https://prebid.a-mo.net/cchain/0/3639?gdpr=0&gdpr_consent=&us_privacy=1YN-&A=73a14bd1-6a49-4cf4-8290-591dcce62202&bidder=zeta&cbx=aHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%3D&uid=...
  • https://ads.servenobid.com/sync?pid=327&uid=73a14bd1-6a49-4cf4-8290-591dcce62202&gdpr=0&gdpr_consent=&us_privacy=1YN-
0
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=327&uid=73a14bd1-6a49-4cf4-8290-591dcce62202&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
34.251.200.30 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-200-30.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 11:30:00 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=327&uid=73a14bd1-6a49-4cf4-8290-591dcce62202&gdpr=0&gdpr_consent=&us_privacy=1YN-
date
Sat, 01 Oct 2022 11:29:59 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
6
server
envoy
content-length
0
sync
ads.servenobid.com/ Frame A483
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58559/occ
  • https://ads.servenobid.com/sync?pid=337&uid=y-vdHtIrVE2uFcEGZjJs52xF2hrrLTWrBGTAGwAG4-~A
0
367 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=337&uid=y-vdHtIrVE2uFcEGZjJs52xF2hrrLTWrBGTAGwAG4-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
34.251.200.30 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-200-30.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 11:29:55 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=337&uid=y-vdHtIrVE2uFcEGZjJs52xF2hrrLTWrBGTAGwAG4-~A
date
Sat, 01 Oct 2022 11:29:55 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
ads.servenobid.com/ Frame A483
Redirect Chain
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D6%26r%3DCid1YS00NDA0OGJkNi1kMDM3LTM2MjItYTIzZS1hZWYzN2NlMjZjYjQqU2h0dHBzOi8vYWRz...
  • https://cm.adform.net/cookie?gdpr=1&gdpr_consent=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F4425%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26A%3D73a14bd1-6a49-4cf4-8290-591dcce62...
  • https://prebid.a-mo.net/cchain/0/4425?gdpr=0&gdpr_consent=&us_privacy=&A=73a14bd1-6a49-4cf4-8290-591dcce62202&bidder=adform&cbx=aHR0cHM6Ly9zc3AuZGlzcXVzLmNvbS9tYXRjaD9iaWRkZXI9NiZyPUNpZDFZUzAwTkRBM...
  • https://ssp.disqus.com/match?bidder=6&r=Cid1YS00NDA0OGJkNi1kMDM3LTM2MjItYTIzZS1hZWYzN2NlMjZjYjQqU2h0dHBzOi8vYWRzLnNlcnZlbm9iaWQuY29tL3N5bmM_cGlkPTM0NiZ1aWQ9dWEtNDQwNDhiZDYtZDAzNy0zNjIyLWEyM2UtYWVmM...
  • https://sync.go.sonobi.com/us?gdpr=0&gdpr_consent=&us_privacy=&loc=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D18%26buyeruid%3D%5BUID%5D%26r%3DCid1YS00NDA0OGJkNi1kMDM3LTM2MjItYTIzZS1hZWYzN2NlMj...
  • https://ssp.disqus.com/match?bidder=18&buyeruid=1f464d14-05ee-40ea-a166-3b91b9662be6&r=Cid1YS00NDA0OGJkNi1kMDM3LTM2MjItYTIzZS1hZWYzN2NlMjZjYjQqU2h0dHBzOi8vYWRzLnNlcnZlbm9iaWQuY29tL3N5bmM_cGlkPTM0Ni...
  • https://ads.servenobid.com/sync?pid=346&uid=ua-44048bd6-d037-3622-a23e-aef37ce26cb4
0
357 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=346&uid=ua-44048bd6-d037-3622-a23e-aef37ce26cb4
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
34.251.200.30 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-200-30.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 11:30:00 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=346&uid=ua-44048bd6-d037-3622-a23e-aef37ce26cb4
pragma
no-cache
date
Sat, 01 Oct 2022 11:30:00 GMT
cache-control
no-store
content-length
0
vary
origin
expires
0
sync
ads.servenobid.com/ Frame A483
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58632/occ
  • https://ads.servenobid.com/sync?pid=339&uid=y-vdHtIrVE2uFcEGZjJs52xF2hrrLTWrBGTAGwAG4-~A
0
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=339&uid=y-vdHtIrVE2uFcEGZjJs52xF2hrrLTWrBGTAGwAG4-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
34.251.200.30 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-200-30.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 11:29:55 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=339&uid=y-vdHtIrVE2uFcEGZjJs52xF2hrrLTWrBGTAGwAG4-~A
date
Sat, 01 Oct 2022 11:29:55 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
index_120x600_google_atlas_P_1.png
s0.2mdn.net/sadbundle/4942068020373019979/images/ Frame 3EE4 		62 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/4942068020373019979/images/index_120x600_google_atlas_P_1.png
Requested by
Host: eae788224dba35857150c6163776964a.safeframe.googlesyndication.com
URL: https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f148.1e100.net
Software
sffe /
Resource Hash
650b2e3c7f96518f35734bd65759ad5522702bea1cca8b5b658af9428c4c3f84
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4942068020373019979/index_120x600_google.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 11:29:55 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
63681
x-xss-protection
0
last-modified
Mon, 05 Sep 2022 15:11:23 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 01 Oct 2023 11:29:55 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 87CF 		0
63 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsug_NAgU4ZWbe8kv0bgXEtxlhbtMsyVPGAZHG-RthP67AP-3AB7tuvKv79R6hTTkrsj7_0UXFtHvCT09kPJrchXfQwkVFGr6Nc7xXbQLUvwoLaCEMmG7hB_f9LM-abWHt34ql1B_IIC8c0BEW9V6w7IIKG6X2c64fHp5aljglPP5NyLSXglJC98k-Jseli9axDJS7R-U2jQjKT0hvNOfmfWBvMDD3eUDRqYRwOMYZqmWxn54v_OhZHQJXZzfwRKmO68t3admsiPU80-LYUl_jqX_RvvS-jHMMTN0FwqeblGbOtQtH9XuHjCbGFB-zz1WxcpxmE3WVSOPLg28GfbfqcV1XJreI53bH2Xqg-yq8BuItyxVh196wqKrwh2Dxh3yYf09uUIAzRtTzXwaxLUi87yz-XGbrgXAjxeMEYoMo-SjTtf2khAi2UF7JVrfTQ8B9cD4U2jbkr6uDmEbNGvlRqckTa9OFYZ3LZyzemh1NqTOXv9XvkUXBB1-UTCVxEN-6pm6-JJfQ8w_I380o8K_Ek1wtWCAN2GnCcmW6DrY0p51oIr3X_gJ0bfrsL2MzrYbTS8Jr7vwd8Y9jH8Q_y-8xtkiQfD_acBHn1OZzwIsQuky6gbMqbY5MVuvYPPpxPqSvYro8ttB-h-sreqETJEqDHVE9-XUMDdOOsujJtH_V2PWYlAXJA2uzV_GIXdtjDg_KmDGjM08PDaXe6wv1IikfXbeCugDSdMvcW51m_0YFaqTjMiq8xWv1QZUpT6UL-WLWMmEcJkvJEUKHXsAPL-znx4LpvXjtl-KfL6dpZczG_2HDE0rxmRAVk4bvgClV6eW2teEefby33cpR-LWLMNRfUDZfi0gw5zFUgWXEkRlhLRPSxwbJvktwNC8dAPudRlJd_fyWI_zFQhl6JzIH-3e2IEgTfuuZmI3jl9Ty7aBtsjPUnfTZlyssJOONC9ShUY_emzRqXL1TY1qSp1zLmIiP87NUQWTNhD3R4azfW5RikWn8G_eIUA5fs_nFWk9kLZ97_QSFPucjhSOBz0ygX5De1apeA1Sh9jKhfEGbdKZrOEobcvwr8PaiiwTRcmsSkaE7VdIAHGQ-BOl7l5arHukeDSZrpuH1lVkqm3tAC9YUmmBUF7U5vAyiF3Jg4ecvsahhiB0iznuVr34gXglaCpYUv3_hgskZecLbVQx_ooUVdpgwi0ZFAFjFFhte7lKOQqDkQXuYkN3FZ_OKg-aIc2mmbLV-nbGiQKy2fsr409w4PnRsl5-qUh7460fWZMgnyq06vGk_3wg4q1GWo9ttEXIigjR5fX6FKMLPtaChtLXANV3rtinFyv4YKpat8vbr-8mg&sai=AMfl-YRs3vP7-2GF6khrMW8HBvUsxKIVCOBKDSkEYOmhWgKpSGVYoXwsdQ_DoYySjHe9hfqjm7I3QKukcQWEhqYsIayLioWGQc8IenBI7NV0gc4qiO6BsgXBeKvCGl-tdj5jHKt44iUyjFYkbEtH5izm-oeh-uPVwcK4FEHGaW0RLfhh4onI0y8mkAlHbNZSSeQupwp21W0j5rh980r0BVNv0L-a&sig=Cg0ArKJSzD7HUISMLPLfEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2103&vt=11&dtpt=1248&dett=3&cstd=852&cisv=r20220928.10089&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qiang-ni-dai-pu-nan-shen-ji-lao-13sui-ke-neng-yuan-yin-pu-guang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f154.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 11:29:55 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
usync.js
eus.rubiconproject.com/ Frame DFF7 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=medianet
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.15.148.136 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-15-148-136.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
b3e685b257930d612f6c533ada3f062bfca487b3297a3af03e4f9f5478ccbf36

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=medianet
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 01 Oct 2022 11:29:55 GMT
Content-Encoding
gzip
Last-Modified
Thu, 15 Sep 2022 22:38:47 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=25052
Connection
keep-alive
Content-Length
9421
Expires
Sat, 01 Oct 2022 18:27:27 GMT
rum
dsum-sec.casalemedia.com/ Frame 5FC2
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=94fe3cf1-3e44-4ca9-b31e-4d20824c3f42&expiration=1667215795&gdpr=0&gdpr_consent=
43 B
858 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=94fe3cf1-3e44-4ca9-b31e-4d20824c3f42&expiration=1667215795&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 11:29:55 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vqnHx9z3%2B%2FB%2BhhsQPyU%2BFi7Fvnzd%2BRU2yXsWsIcNry%2BiTxDqtr%2BO0P1Lwpy7vPVOHxG3m2I%2F%2B2pZvtUkP%2F2iXMoHqQ1o%2BmJ70P%2Fg61sKDI7XV%2BxILSRQhFG44LeoHSZB1uSd05I1Q9%2BhFA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
7534dd005eedaad1-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 01 Oct 2022 11:29:55 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=94fe3cf1-3e44-4ca9-b31e-4d20824c3f42&expiration=1667215795&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
323
usermatchredir
ssum-sec.casalemedia.com/ Frame 5FC2
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YzgksIzwkGH2s7rQXrj5agAAEpYAAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEBEAEWrcdoBl8MnuhyK5S1I&google_cver=1
43 B
876 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEBEAEWrcdoBl8MnuhyK5S1I&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.18.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 11:29:55 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n3qL4LYYyoMRVHkKJprJR9B0b9oWzfF1xq5p1lNF7H0ztt8lrL%2FyHQvUMgNohFHQXicYR8cJnVZAAHoyAYDxeYPl6%2ByVNowrMO0JzJ3iwsna2N4ZKUQ11JQdKK20Oi7XnSdk8NyGs5C75Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
7534dd019e71a835-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 01 Oct 2022 11:29:55 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEBEAEWrcdoBl8MnuhyK5S1I&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 5FC2 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YzgksIzwkGH2s7rQXrj5agAAEpYAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 01 Oct 2022 11:29:55 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
6HYPYNJ9PT5RWWGMQ61W
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
YzgksIzwkGH2s7rQXrj5agAAEpYAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 5FC2 		43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YzgksIzwkGH2s7rQXrj5agAAEpYAAAIB?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.142.166.252 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-142-166-252.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 11:29:55 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
YzgksIzwkGH2s7rQXrj5agAAEpYAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 5FC2
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YzgksIzwkGH2s7rQXrj5agAAEpYAAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://pr-bh.ybp.yahoo.com/sync/casale/YzgksIzwkGH2s7rQXrj5agAAEpYAAAIB
43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YzgksIzwkGH2s7rQXrj5agAAEpYAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
18.142.166.252 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-142-166-252.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 11:29:55 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/YzgksIzwkGH2s7rQXrj5agAAEpYAAAIB
date
Sat, 01 Oct 2022 11:29:55 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
tp_out
d.adroll.com/cm/index/ Frame 5FC2 		42 B
181 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.adroll.com/cm/index/tp_out?advertisable=3GMDZMBFQREVBC75SYYKWH
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.142.38.64 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-142-38-64.ap-southeast-1.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 11:29:55 GMT
cache-control
no-transform,public,max-age=300,s-maxage=900
server
nginx/1.20.0
content-length
42
vary
Cookie
content-type
image/gif
crum
dsum-sec.casalemedia.com/ Frame 5FC2
Redirect Chain
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=07030002_633824b3df0a1&knw=0
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=07030002_633824b3df0a1
43 B
837 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=07030002_633824b3df0a1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 11:29:56 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SCY47mcn9DDMk7Bbgngi0A35ltclU3zK3Xaf8hlf%2BzKXORp6OCkRskbEHI9VnJlICao1ssgUNLx0hchJVjlvIL7fePAzFM1Q1dwSG6gcxNGJHb9icQ0LdA2ywKPIJMWerOKTLdtu9abqUw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
7534dd074e1faad1-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Sat, 01 Oct 2022 11:29:56 GMT
server
nginx
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
access-control-allow-origin
*
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=07030002_633824b3df0a1
content-type
text/html; charset=UTF-8
cache-control
no-cache
keep-alive
timeout=10
access-control-allow-headers
Origin
crum
dsum-sec.casalemedia.com/ Frame 5FC2
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=76ed6338-24b0-4800-bca5-671c290429af
43 B
844 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=76ed6338-24b0-4800-bca5-671c290429af
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 11:29:55 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y6rKwhbLHF81Roycpa%2FAZ5YqhvBWd29HV4PtTR4HcF%2BQk6prLPHwc7XvLDNjYL%2FDS8swmuzUkyFQRwSTNf2D4nwozz6niek5WPCXyecgPzmtgjLtAUKwq2qvZ8KV%2FcfxXFD07InlLrmuiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
7534dd018847aad1-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Date
Sat, 01 Oct 2022 11:29:55 GMT
Server
MT3 4525 e1952b7 master hkg-pixel-x5 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=76ed6338-24b0-4800-bca5-671c290429af
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Sat, 01 Oct 2022 11:29:54 GMT
htw-pixel.gif
cdn.indexww.com/ht/ Frame 5FC2 		43 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?YzgksIzwkGH2s7rQXrj5agAA%264758
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.12.76 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 11:29:55 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
151
etag
"da1f1d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
7534dd010b6ca883-SYD
content-length
43
expires
Sat, 01 Oct 2022 15:29:55 GMT
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=2oe9s0&_p=1285&cid=2018508922.1664623790&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_z=ccd.v9B&_s=2&sid=1664623790&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fqiang-ni-dai-pu-nan-shen-ji-lao-13sui-ke-neng-yuan-yin-pu-guang.html&dt=%E5%BC%B7%E5%B0%BC%E6%88%B4%E6%99%AE%E7%94%B7%E7%A5%9E%E3%80%8C%E6%BF%80%E8%80%8113%E6%AD%B2%E3%80%8D%E3%80%80%E5%8F%AF%E8%83%BD%E5%8E%9F%E5%9B%A0%E6%9B%9D%E5%85%89%EF%BC%81%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_failed&_et=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f102.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 11:29:55 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
servedby.flashtalking.com/imp/8/115740;4168949;201;js;DV360;DV360FY20EDUBEHAffinityAUDSKBAN728x90/ Frame EBCF 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servedby.flashtalking.com/imp/8/115740;4168949;201;js;DV360;DV360FY20EDUBEHAffinityAUDSKBAN728x90/?ftx=&fty=&ftadz=&ftscw=&ft_custom=&ftOBA=1&ft_ifb=1&ft_domain=www.bg3.co&ft_agentEnv=0&ft_referrer=https%3A%2F%2Fwww.bg3.co%2F&ft_section=__56696422625813650822920993803629323163&cachebuster=232702.06925997572
Requested by
Host: eae788224dba35857150c6163776964a.safeframe.googlesyndication.com
URL: https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.197.3.19 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
vip0x013.map2.ssl.hwcdn.net
Software
prod-xre-app9.syd11 /
Resource Hash
ac2227e87edf050a6e16cf84350a83ce65e3758e0603d843d8df01e5165a40e2

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 01 Oct 2022 11:29:55 GMT
Server
prod-xre-app9.syd11
X-HW
1664623795.dop020.sy2.t,1664623795.cds201.sy2.shn,1664623795.dop020.sy2.t,1664623795.cds205.sy2.sc,1664623795.cds205.sy2.p
Content-Type
text/javascript;charset=ISO-8859-1
Cache-Control
no-cache, no-store
Connection
Keep-Alive
Content-Length
1503
Expires
Fri, 01 Jan 1990 00:00:00 GMT
index_120x600_google_atlas_NP_1.jpg
s0.2mdn.net/sadbundle/4942068020373019979/images/ Frame 3EE4 		68 KB
68 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/4942068020373019979/images/index_120x600_google_atlas_NP_1.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qiang-ni-dai-pu-nan-shen-ji-lao-13sui-ke-neng-yuan-yin-pu-guang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f148.1e100.net
Software
sffe /
Resource Hash
dfb214630e6f0052e27cfaaeaedf20b7014e06ddebc4ee50148b5bcc4d648a55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4942068020373019979/index_120x600_google.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 11:29:55 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
69447
x-xss-protection
0
last-modified
Mon, 05 Sep 2022 15:11:23 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 01 Oct 2023 11:29:55 GMT
/
servedby.flashtalking.com/imp/8/115740;4168947;201;js;DV360;DV360FY20EDUBEHAffinityAUDSKBAN300x250/ Frame 3777 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servedby.flashtalking.com/imp/8/115740;4168947;201;js;DV360;DV360FY20EDUBEHAffinityAUDSKBAN300x250/?ftx=&fty=&ftadz=&ftscw=&ft_custom=&ftOBA=1&ft_ifb=1&ft_domain=www.bg3.co&ft_agentEnv=0&ft_referrer=https%3A%2F%2Fwww.bg3.co%2F&ft_section=__56696422625813650822920993803629323163&cachebuster=77083.42391017053
Requested by
Host: eae788224dba35857150c6163776964a.safeframe.googlesyndication.com
URL: https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.197.3.19 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
vip0x013.map2.ssl.hwcdn.net
Software
prod-xre-app9.syd11 /
Resource Hash
a168042ba9f591623b31c57fa168fdaffc16eef612ef857bf51350d863755428

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 01 Oct 2022 11:29:55 GMT
Server
prod-xre-app9.syd11
X-HW
1664623795.dop020.sy2.t,1664623795.cds020.sy2.shn,1664623795.dop020.sy2.t,1664623795.cds206.sy2.sc,1664623795.cds206.sy2.p
Content-Type
text/javascript;charset=ISO-8859-1
Cache-Control
no-cache, no-store
Connection
Keep-Alive
Content-Length
1502
Expires
Fri, 01 Jan 1990 00:00:00 GMT
match
c1.adform.net/serving/cookie/ Frame B7DD 		35 B
467 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=8D85E5DC-08FA-4FF0-A24B-85016B0F6E64
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3076253916830339000V10%26type%3Dpba%26refUrl%3D%26vid%3D46237939413076253916830339000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.84.60.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Sat, 01 Oct 2022 11:29:55 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame C328
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:76ed6338-24b0-4800-bca5-671c290429af&gdpr=0&gdpr_consent=
42 B
325 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:76ed6338-24b0-4800-bca5-671c290429af&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3076253916830339000V10%26type%3Dpba%26refUrl%3D%26vid%3D46237939413076253916830339000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.86 Los Angeles, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 01 Oct 2022 11:29:55 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Sat, 01 Oct 2022 11:29:55 GMT
Expires
Sat, 01 Oct 2022 11:29:54 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 4525 e1952b7 master hkg-pixel-x7 config:1.0.0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:76ed6338-24b0-4800-bca5-671c290429af&gdpr=0&gdpr_consent=
b9pj45k4
sync-tm.everesttech.net/upi/pid/ Frame AE34 		0
178 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3076253916830339000V10%26type%3Dpba%26refUrl%3D%26vid%3D46237939413076253916830339000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Sat, 01 Oct 2022 11:29:55 GMT
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-syd10162-SYD
x-timer
S1664623795.437396,VS0,VE0
setuid
prebid.a-mo.net/ Frame 6F74
Redirect Chain
  • https://cm.ambientdsp.com/cm/send?vc=pmj
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=x9m1skr4q2s
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?p=158355&pmc=1&pr=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D73a14bd1-6a49-4cf4-8290-591dcce62202%26bidder%3Dpubmatic%26uid%3D8D85E5DC-08FA-4FF0-A24B-850...
  • https://prebid.a-mo.net/setuid?A=73a14bd1-6a49-4cf4-8290-591dcce62202&bidder=pubmatic&uid=8D85E5DC-08FA-4FF0-A24B-85016B0F6E64
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/setuid?A=73a14bd1-6a49-4cf4-8290-591dcce62202&bidder=pubmatic&uid=8D85E5DC-08FA-4FF0-A24B-85016B0F6E64
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3076253916830339000V10%26type%3Dpba%26refUrl%3D%26vid%3D46237939413076253916830339000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.88.5 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
date
Sat, 01 Oct 2022 11:29:55 GMT
server
envoy
vary
Accept-Encoding
x-envoy-upstream-service-time
7

Redirect headers

cache-control
no-store, no-cache, private
date
Sat, 01 Oct 2022 11:29:56 GMT
location
https://prebid.a-mo.net/setuid?A=73a14bd1-6a49-4cf4-8290-591dcce62202&bidder=pubmatic&uid=8D85E5DC-08FA-4FF0-A24B-85016B0F6E64
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
ImgSync
image8.pubmatic.com/AdServer/ Frame 141D
Redirect Chain
  • https://gocm.c.appier.net/pubmatic
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=kxcGQtQEBBSXnUDcsyQ4Yw
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3076253916830339000V10%26type%3Dpba%26refUrl%3D%26vid%3D46237939413076253916830339000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.197 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
private,max-age=86400
date
Sat, 01 Oct 2022 11:29:56 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Sat, 01 Oct 2022 11:29:56 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
send
sync-dsp.ad-m.asia/dsp/api/sync/ Frame A000 		43 B
243 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=pubmatic&rd=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw%26piggybackCookie%3D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3076253916830339000V10%26type%3Dpba%26refUrl%3D%26vid%3D46237939413076253916830339000V10%26ovsid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
202.131.200.84 , Japan, ASN17941 (BIT-ISLE Equinix Japan Enterprise K.K., JP),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
no-store,no-cache
Connection
close
Content-Length
43
Content-Type
image/gif
Date
Sat, 01 Oct 2022 11:29:55 GMT
Pragma
no-cache
Server
nginx
expires
-1
usersync.aspx
dis.criteo.com/dis/ Frame B758 		43 B
362 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3076253916830339000V10%26type%3Dpba%26refUrl%3D%26vid%3D46237939413076253916830339000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.146 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-cache
content-type
image/gif
cross-origin-resource-policy
cross-origin
date
Sat, 01 Oct 2022 11:29:55 GMT
expires
Sat, 01 Oct 2022 00:00:00 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
340221
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
Pug
simage2.pubmatic.com/AdServer/ Frame F9DB
Redirect Chain
  • https://ipac.ctnsnet.com/int/cm?exc=14&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA%3D%26piggybackCookie%3D%5Buser_id%5D
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=100209cc1f2c4b7387ee01622b6005ea
42 B
254 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=100209cc1f2c4b7387ee01622b6005ea
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3076253916830339000V10%26type%3Dpba%26refUrl%3D%26vid%3D46237939413076253916830339000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.86 Los Angeles, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 01 Oct 2022 11:29:55 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html;charset=UTF-8
date
Sat, 01 Oct 2022 11:29:54 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=100209cc1f2c4b7387ee01622b6005ea
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
status
302
via
1.1 google
x-xss-protection
1; mode=block
pxd
dps.jp.cinarra.com/ Frame A1B8 		95 B
220 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dps.jp.cinarra.com/pxd?PLATFORM_ID=D&USER_ID=8D85E5DC-08FA-4FF0-A24B-85016B0F6E64
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3076253916830339000V10%26type%3Dpba%26refUrl%3D%26vid%3D46237939413076253916830339000V10%26ovsid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.176.32.10 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-176-32-10.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Connection
keep-alive
Content-Length
95
Content-Type
image/png
Date
Sat, 01 Oct 2022 11:29:56 GMT
RX-399b6623-35a5-47a7-9e2f-fda9227d4571-004
sync.targeting.unrulymedia.com/csync/ Frame A8E6
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-399b6623-35a5-47a7-9e2f-fda9227d4571-004&rndcb=1317240197
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=adconductor
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=adconductor
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=2758cffc-5454-4779-a5c9-09a00ea249e1&ssp=adconductor
  • https://sync.1rx.io/usersync/bidswitch/c517c859-213d-4ae2-834e-1c2a02286ba3?gdpr=&gdpr_consent=
  • https://sync.targeting.unrulymedia.com/csync/RX-399b6623-35a5-47a7-9e2f-fda9227d4571-004
43 B
377 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.targeting.unrulymedia.com/csync/RX-399b6623-35a5-47a7-9e2f-fda9227d4571-004
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3076253916830339000V10%26type%3Dpba%26refUrl%3D%26vid%3D46237939413076253916830339000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
74.118.186.45 Serangoon, Singapore, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

content-length
43
date
Sat, 01 Oct 2022 11:29:57 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html
date
Sat, 01 Oct 2022 11:29:57 GMT
expires
0
location
https://sync.targeting.unrulymedia.com/csync/RX-399b6623-35a5-47a7-9e2f-fda9227d4571-004
pragma
no-cache
Pug
simage2.pubmatic.com/AdServer/ Frame C2D8
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:FYSE5HS21OEAGS5&gdpr=0&gdpr_consent=
42 B
196 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:FYSE5HS21OEAGS5&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3076253916830339000V10%26type%3Dpba%26refUrl%3D%26vid%3D46237939413076253916830339000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.86 Los Angeles, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 01 Oct 2022 11:29:55 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Sat, 01 Oct 2022 11:29:54 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:FYSE5HS21OEAGS5&gdpr=0&gdpr_consent=
Pragma
no-cache
Server
PingMatch/5cd8a5d#5cd8a5dae4649c563ed7e6eb1dd90a4f2423ff29 i-061340171d1604405@ap-southeast-1a@dxedge-app-ap-southeast-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
setuid
prebid.a-mo.net/ Frame E68B
Redirect Chain
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=5fc2e776-417c-11ed-8ed9-1f1deff20cfe
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?p=158355&pmc=1&pr=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D73a14bd1-6a49-4cf4-8290-591dcce62202%26bidder%3Dpubmatic%26uid%3D8D85E5DC-08FA-4FF0-A24B-850...
  • https://prebid.a-mo.net/setuid?A=73a14bd1-6a49-4cf4-8290-591dcce62202&bidder=pubmatic&uid=8D85E5DC-08FA-4FF0-A24B-85016B0F6E64
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/setuid?A=73a14bd1-6a49-4cf4-8290-591dcce62202&bidder=pubmatic&uid=8D85E5DC-08FA-4FF0-A24B-85016B0F6E64
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3076253916830339000V10%26type%3Dpba%26refUrl%3D%26vid%3D46237939413076253916830339000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.88.5 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
date
Sat, 01 Oct 2022 11:29:56 GMT
server
envoy
vary
Accept-Encoding
x-envoy-upstream-service-time
2

Redirect headers

cache-control
no-store, no-cache, private
date
Sat, 01 Oct 2022 11:29:56 GMT
location
https://prebid.a-mo.net/setuid?A=73a14bd1-6a49-4cf4-8290-591dcce62202&bidder=pubmatic&uid=8D85E5DC-08FA-4FF0-A24B-85016B0F6E64
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
rtb-h
match.taboola.com/sg/pubmatic-ssp-network/1/ Frame 4FDC
Redirect Chain
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=378a9188-a731-45f0-a73e-e5f9f5b7b9bd-tucta31aa33&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdSe...
0
55 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=378a9188-a731-45f0-a73e-e5f9f5b7b9bd-tucta31aa33&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3076253916830339000V10%26type%3Dpba%26refUrl%3D%26vid%3D46237939413076253916830339000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
content-length
0
date
Sat, 01 Oct 2022 11:29:55 GMT
server
nginx
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-syd10166-SYD
x-timer
S1664623796.642896,VS0,VE133

Redirect headers

accept-ranges
bytes
content-length
0
date
Sat, 01 Oct 2022 11:29:55 GMT
location
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=378a9188-a731-45f0-a73e-e5f9f5b7b9bd-tucta31aa33&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
server
nginx
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-syd10166-SYD
x-timer
S1664623795.445013,VS0,VE95
x-vcl-time-ms
95
i.match
s.tribalfusion.com/z/ Frame A370
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
416 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3076253916830339000V10%26type%3Dpba%26refUrl%3D%26vid%3D46237939413076253916830339000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.35.11 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
7534dd034deca876-SYD
content-length
43
content-type
image/gif; charset=utf-8
date
Sat, 01 Oct 2022 11:29:55 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
7534dd018c91a876-SYD
content-type
text/html
date
Sat, 01 Oct 2022 11:29:55 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
206
x-reuse-index
514
cookiesync
core.iprom.net/ Frame 6BA3 		43 B
277 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3076253916830339000V10%26type%3Dpba%26refUrl%3D%26vid%3D46237939413076253916830339000V10%26ovsid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Sat, 01 Oct 2022 11:29:56 GMT
Vary
Accept-Encoding
X-adserver-worker
komodo-ce6190366d4a@version_1.527
X-core-time
0ms
X-server-arch
v2
/
csync.loopme.me/ Frame 4380 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3076253916830339000V10%26type%3Dpba%26refUrl%3D%26vid%3D46237939413076253916830339000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.172.108 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7534dd018adbab0b-SYD
date
Sat, 01 Oct 2022 11:29:55 GMT
server
cloudflare
141
match.deepintent.com/usersync/ Frame FA31 		0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3076253916830339000V10%26type%3Dpba%26refUrl%3D%26vid%3D46237939413076253916830339000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.8 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

content-length
0
date
Sat, 01 Oct 2022 11:29:55 GMT
server
a
cksync.php
contextual.media.net/ Frame A48F 		45 B
468 B 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3076253916830339000V10&type=pba&refUrl=&vid=46237939413076253916830339000V10&ovsid=8D85E5DC-08FA-4FF0-A24B-85016B0F6E64
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3076253916830339000V10%26type%3Dpba%26refUrl%3D%26vid%3D46237939413076253916830339000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.25.220.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-220-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-length
45
content-type
image/gif
date
Sat, 01 Oct 2022 11:29:55 GMT
expires
Sat, 01 Oct 2022 11:29:55 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
pragma
no-cache
server
Apache
strict-transport-security
max-age=31536000
x-mnet-hl2
E
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame A1CC
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=jYXl3Aj6T_CiS4UBaw9uZA%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3076253916830339000V10%26type%3Dpba%26refUrl%3D%26vid%3D46237939413076253916830339000V10%26ovsid%3DPM_UID
Protocol
H2
Server
23.44.0.196 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-44-0-196.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 11:29:55 GMT
content-encoding
gzip
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
server
Apache
etag
"1300708-3de4-5d6ef246ef4cf"
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=120042
accept-ranges
bytes
content-length
5549
expires
Sun, 02 Oct 2022 20:50:37 GMT

Redirect headers

pragma
no-cache
date
Sat, 01 Oct 2022 11:29:55 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
458249.gif
idsync.rlcdn.com/ Frame A1CC
Redirect Chain
  • https://idsync.rlcdn.com/420486.gif?partner_uid=8D85E5DC-08FA-4FF0-A24B-85016B0F6E64
  • https://idsync.rlcdn.com/1000.gif?memo=CIbVGRIwCiwIARCMowEaJDhEODVFNURDLTA4RkEtNEZGMC1BMjRCLTg1MDE2QjBGNkU2NBAAGg0Is8ngmQYSBQjoBxAAQgBKAA
  • https://pippio.com/api/sync?pid=5324&it=1&iv=71230d1174ee7b3cbccd39b09523df4bb88beede8e34d363a5f688161a89d0ad791426b5417dce21&_=2
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlA3MTIzMGQxMTc0ZWU3YjNjYmNjZDM5YjA5NTIzZGY0YmI4OGJlZWRlOGUzNGQzNjNhNWY2ODgxNjFhODlkMGFkNzkxNDI2YjU...
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlA3MTIzMGQxMTc0ZWU3YjNjYmNjZDM5YjA5NTIzZGY0YmI4OGJlZWRlOGUzNGQzNjNhNWY2ODgxNjFhODlkMGFkNzkxNDI2YjU0MTdkY2UyMRAAGgwItMngmQYSBAgCEABCAEoA&goog...
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3=
  • https://idsync.rlcdn.com/458249.gif?partner_uid=e0193312-ab58-4b1d-9c17-87147c76a43f
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/458249.gif?partner_uid=e0193312-ab58-4b1d-9c17-87147c76a43f
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3076253916830339000V10%26type%3Dpba%26refUrl%3D%26vid%3D46237939413076253916830339000V10%26ovsid%3DPM_UID
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 11:29:57 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

location
https://idsync.rlcdn.com/458249.gif?partner_uid=e0193312-ab58-4b1d-9c17-87147c76a43f
date
Sat, 01 Oct 2022 11:29:57 GMT
via
1.1 google
x-samesite
secure
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
111
content-type
text/html; charset=utf-8
SPug
image4.pubmatic.com/AdServer/ Frame A1CC
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=76ed6338-24b0-4800-bca5-671c290429af
0
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=76ed6338-24b0-4800-bca5-671c290429af
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3076253916830339000V10%26type%3Dpba%26refUrl%3D%26vid%3D46237939413076253916830339000V10%26ovsid%3DPM_UID
Protocol
H2
Server
67.199.150.85 Los Angeles, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 11:29:55 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Sat, 01 Oct 2022 11:29:55 GMT
Server
MT3 4525 e1952b7 master hkg-pixel-x6 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=76ed6338-24b0-4800-bca5-671c290429af
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Sat, 01 Oct 2022 11:29:54 GMT
Pug
image2.pubmatic.com/AdServer/ Frame A1CC
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OEQ4NUU1REMtMDhGQS00RkYwLUEyNEItODUwMTZCMEY2RTY0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3076253916830339000V10%26type%3Dpba%26refUrl%3D%26vid%3D46237939413076253916830339000V10%26ovsid%3DPM_UID
Protocol
H2
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sat, 01 Oct 2022 11:29:56 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sat, 01 Oct 2022 11:29:55 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame A1CC
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEBozjSKqMhSVECGeGEc5VPY&google_cver=1
42 B
380 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEBozjSKqMhSVECGeGEc5VPY&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3076253916830339000V10%26type%3Dpba%26refUrl%3D%26vid%3D46237939413076253916830339000V10%26ovsid%3DPM_UID
Protocol
H2
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sat, 01 Oct 2022 11:29:56 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sat, 01 Oct 2022 11:29:55 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEBozjSKqMhSVECGeGEc5VPY&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ImgSync
image8.pubmatic.com/AdServer/ Frame A1CC
Redirect Chain
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:97D47A47F6B9400A97521DB78B233043
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3076253916830339000V10%26type%3Dpba%26refUrl%3D%26vid%3D46237939413076253916830339000V10%26ovsid%3DPM_UID
Protocol
H2
Server
103.231.98.197 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 11:29:56 GMT
cache-control
private,max-age=86400
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
date
Sat, 01 Oct 2022 11:29:56 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
8D85E5DC-08FA-4FF0-A24B-85016B0F6E64
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame A1CC 		43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/8D85E5DC-08FA-4FF0-A24B-85016B0F6E64?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3076253916830339000V10%26type%3Dpba%26refUrl%3D%26vid%3D46237939413076253916830339000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.142.166.252 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-142-166-252.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 11:29:55 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
Pug
simage2.pubmatic.com/AdServer/ Frame A1CC
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=94fe3cf1-3e44-4ca9-b31e-4d20824c3f42
42 B
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=94fe3cf1-3e44-4ca9-b31e-4d20824c3f42
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3076253916830339000V10%26type%3Dpba%26refUrl%3D%26vid%3D46237939413076253916830339000V10%26ovsid%3DPM_UID
Protocol
H2
Server
67.199.150.86 Los Angeles, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sat, 01 Oct 2022 11:29:55 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sat, 01 Oct 2022 11:29:55 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=94fe3cf1-3e44-4ca9-b31e-4d20824c3f42
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
313
Pug
image2.pubmatic.com/AdServer/ Frame A1CC
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=MGQa3jRjSIUrMRuENG4E0DNhGNMrYU3RNTQ2eBxi
42 B
342 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=MGQa3jRjSIUrMRuENG4E0DNhGNMrYU3RNTQ2eBxi
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3076253916830339000V10%26type%3Dpba%26refUrl%3D%26vid%3D46237939413076253916830339000V10%26ovsid%3DPM_UID
Protocol
H2
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sat, 01 Oct 2022 11:29:56 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sat, 01 Oct 2022 11:29:55 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=MGQa3jRjSIUrMRuENG4E0DNhGNMrYU3RNTQ2eBxi
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame A1CC
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2072648366779668424&gdpr=0&gdpr_consent=
42 B
218 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2072648366779668424&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3076253916830339000V10%26type%3Dpba%26refUrl%3D%26vid%3D46237939413076253916830339000V10%26ovsid%3DPM_UID
Protocol
H2
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sat, 01 Oct 2022 11:29:56 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Sat, 01 Oct 2022 11:29:55 GMT
AN-X-Request-Uuid
f54d0228-4520-47df-aeba-5ca4a9f92299
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2072648366779668424&gdpr=0&gdpr_consent=
Connection
keep-alive
X-Proxy-Origin
173.245.209.111; 173.245.209.111; 897.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ImgSync
image8.pubmatic.com/AdServer/ Frame A1CC
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=6c560b16-36bc-46be-983e-654602179631&ssp=pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=c517c859-213d-4ae2-834e-1c2a02286ba3&gdpr=&gdpr_consent=&gdpr_pd=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
161 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3076253916830339000V10%26type%3Dpba%26refUrl%3D%26vid%3D46237939413076253916830339000V10%26ovsid%3DPM_UID
Protocol
H2
Server
103.231.98.197 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 11:29:57 GMT
cache-control
private,max-age=86400
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
date
Sat, 01 Oct 2022 11:29:57 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
SPug
image4.pubmatic.com/AdServer/ Frame A1CC
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=8D85E5DC-08FA-4FF0-A24B-85016B0F6E64&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-ZR71t1xE2uXOLhQCOLSnF1GolXtQOrg-~A&gdpr=0&gdpr_consent=
0
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-ZR71t1xE2uXOLhQCOLSnF1GolXtQOrg-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3076253916830339000V10%26type%3Dpba%26refUrl%3D%26vid%3D46237939413076253916830339000V10%26ovsid%3DPM_UID
Protocol
H2
Server
67.199.150.85 Los Angeles, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 11:29:55 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-ZR71t1xE2uXOLhQCOLSnF1GolXtQOrg-~A&gdpr=0&gdpr_consent=
date
Sat, 01 Oct 2022 11:29:55 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
setuid
prebid.a-mo.net/ Frame A1CC
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=5401464212225013440
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?p=158355&pmc=1&pr=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D73a14bd1-6a49-4cf4-8290-591dcce62202%26bidder%3Dpubmatic%26uid%3D8D85E5DC-08FA-4FF0-A24B-850...
  • https://prebid.a-mo.net/setuid?A=73a14bd1-6a49-4cf4-8290-591dcce62202&bidder=pubmatic&uid=8D85E5DC-08FA-4FF0-A24B-85016B0F6E64
0
135 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?A=73a14bd1-6a49-4cf4-8290-591dcce62202&bidder=pubmatic&uid=8D85E5DC-08FA-4FF0-A24B-85016B0F6E64
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3076253916830339000V10%26type%3Dpba%26refUrl%3D%26vid%3D46237939413076253916830339000V10%26ovsid%3DPM_UID
Protocol
H2
Server
145.40.88.5 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 11:29:56 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
5
server
envoy
vary
Accept-Encoding

Redirect headers

location
https://prebid.a-mo.net/setuid?A=73a14bd1-6a49-4cf4-8290-591dcce62202&bidder=pubmatic&uid=8D85E5DC-08FA-4FF0-A24B-85016B0F6E64
date
Sat, 01 Oct 2022 11:29:56 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Pug
simage2.pubmatic.com/AdServer/ Frame A1CC
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=9043219101811047819&gdpr=0&gdpr_consent=&us_privacy=
1 B
272 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=9043219101811047819&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3076253916830339000V10%26type%3Dpba%26refUrl%3D%26vid%3D46237939413076253916830339000V10%26ovsid%3DPM_UID
Protocol
H2
Server
67.199.150.86 Los Angeles, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Sat, 01 Oct 2022 11:29:55 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=9043219101811047819&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Sat, 01 Oct 2022 11:29:54 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame A1CC
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=2072648366779668424
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=2072648366779668424
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3076253916830339000V10%26type%3Dpba%26refUrl%3D%26vid%3D46237939413076253916830339000V10%26ovsid%3DPM_UID
Protocol
H2
Server
67.199.150.86 Los Angeles, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sat, 01 Oct 2022 11:29:56 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Sat, 01 Oct 2022 11:29:56 GMT
AN-X-Request-Uuid
cfd0e029-c7a6-42b6-af95-0543bd0f4280
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=2072648366779668424
Connection
keep-alive
X-Proxy-Origin
173.245.209.111; 173.245.209.111; 907.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame A1CC
Redirect Chain
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=8D85E5DC-08FA-4FF0-A24B-85016B0F6E64&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=1798968b8481b22&is_secure=true&networkId=17100&version=1&nuid=8D85E5DC-08FA-4FF0-A24B-85016B0F6E64&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAJo70hm_7_NAMDUFRTAAAAAAA&expiration=1664710196&nuid=8D85E5DC-08FA-4FF0-A24B-85016B0F6E64&...
42 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAJo70hm_7_NAMDUFRTAAAAAAA&expiration=1664710196&nuid=8D85E5DC-08FA-4FF0-A24B-85016B0F6E64&is_secure=true&gdpr_consent=&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3076253916830339000V10%26type%3Dpba%26refUrl%3D%26vid%3D46237939413076253916830339000V10%26ovsid%3DPM_UID
Protocol
H2
Server
67.199.150.86 Los Angeles, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sat, 01 Oct 2022 11:29:55 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sat, 01 Oct 2022 11:29:56 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAJo70hm_7_NAMDUFRTAAAAAAA&expiration=1664710196&nuid=8D85E5DC-08FA-4FF0-A24B-85016B0F6E64&is_secure=true&gdpr_consent=&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
d1ba4609
rtb.gumgum.com/getuid/ Frame A1CC 		35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3076253916830339000V10%26type%3Dpba%26refUrl%3D%26vid%3D46237939413076253916830339000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.168.48.215 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-168-48-215.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 11:29:55 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0
crum
dsum-sec.casalemedia.com/ Frame 3D68
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=2072648366779668424
43 B
846 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=2072648366779668424
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H3
Server
104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 11:29:56 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jzJ18%2BntFHSVA114QcAVkbDg6BHd3FaVo1m1uKgDMVNxHQKKZ7tUV63fevlkhaiQQJiutZzUl%2BE7EECApcP4zkgXKY%2B984WuKwSMvUcmjri0oTEsKdSiW%2F3Ih9xGZNzPPfBQTOn%2BO7Qt%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
7534dd052bfcaad1-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Pragma
no-cache
Date
Sat, 01 Oct 2022 11:29:55 GMT
AN-X-Request-Uuid
9453ba18-2118-405e-b2a2-78550d8c3a91
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=2072648366779668424
Connection
keep-alive
X-Proxy-Origin
173.245.209.111; 173.245.209.111; 907.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 3D68
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie
  • https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAZXNk7GcEkAAB9PjJRaeA&expiration=1665833396
43 B
844 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAZXNk7GcEkAAB9PjJRaeA&expiration=1665833396
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H3
Server
104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 11:29:56 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ka9RgWVwUxLPG%2FWr1KVitfXZ0xq7mV8UDgt3gOiiUNjrwZOiSmNQNcuvT8f%2Fo1C2YfXpzVMSvWymZLOvyxBGloG2a%2BR7vH3%2FALy6NpJH8g9mGMfPkdScdH7b4d5hZPvaS818NAG6OcTRBw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
7534dd091fa1aad1-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAZXNk7GcEkAAB9PjJRaeA&expiration=1665833396
Date
Sat, 01 Oct 2022 11:29:56 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
ZMAwryCI
sync-tm.everesttech.net/upi/pid/ Frame 3D68 		0
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-cache-hits
0
pragma
no-cache
date
Sat, 01 Oct 2022 11:29:55 GMT
via
1.1 varnish
server
Varnish
x-timer
S1664623795.437534,VS0,VE0
x-cache
MISS
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-served-by
cache-syd10162-SYD
rum
dsum-sec.casalemedia.com/ Frame 3D68
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=9043219101811047819
43 B
843 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=9043219101811047819
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H3
Server
104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 11:29:55 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wYWSG7kg9NBQmEPbrcyAyixPuFm08jTUIKgT9b7NZdV6%2Bh7DDJNQfxe3fQGi4ePC4IV%2FJuVqK2r1sHsk%2BmuOodKTSaSQaGiR6buFk0WA1mVT1pbrC60NlOJEm5hmkKzJc2y1UQb%2FBPFQWA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
7534dd02592daad1-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=9043219101811047819
pragma
no-cache
date
Sat, 01 Oct 2022 11:29:54 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame 3D68
Redirect Chain
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent=
  • https://stags.bluekai.com/site/23178?id=gU44aKoIYdcgRJmSt6ri&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3S...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3SOVWT6Y3NL5SHG4C7NFSD2MJXEZSXQY3IMFXGOZJ5NFXGIZLYEZSXQ5DFOJXGC3C7OVZWK4S7NFSD2Z2VGQ2GC...
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=gU44aKoIYdcgRJmSt6ri
43 B
843 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=gU44aKoIYdcgRJmSt6ri
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H3
Server
104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 11:29:56 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bI%2B4kVGZapaCXAkme8GhGvL%2F%2FCcU7iVGWAfkKxbGv5a2kmhXJy2BbPXJKc%2Bz5hfwOJIn4ARHGE5nvJRabaxX4tOkeintomejz16FWHMxexVaOk0KtC6MqlVwxliVPiD20KiEMFytrxpN1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
7534dd073e0faad1-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Pragma
no-cache
Date
Sat, 01 Oct 2022 11:29:56 GMT
Content-Type
text/html; charset=utf-8
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=gU44aKoIYdcgRJmSt6ri
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
115
Expires
Thu, 01 Dec 1994 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 3D68
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=94fe3cf1-3e44-4ca9-b31e-4d20824c3f42&expiration=1667215795&gdpr=0&gdpr_consent=
43 B
846 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=94fe3cf1-3e44-4ca9-b31e-4d20824c3f42&expiration=1667215795&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H3
Server
104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 11:29:55 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YYc2AOYB5oX2QO0wC2j6W5C6VRHxDbeSTWqje05OYB1pFAjsJT5nlYvQ2Uwpltv8p%2Bs0u7kHHYvUBiTh3H%2B8St0CW%2Fgynsu9xmhSqvClyz%2F%2Fgr%2Fq55OZLKifGVBVi7erIlIqmElD7rpCsw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
7534dd012fdbaad1-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 01 Oct 2022 11:29:55 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=94fe3cf1-3e44-4ca9-b31e-4d20824c3f42&expiration=1667215795&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
323
ibs:dpid=23728&dpuuid=YzgksIzwkGH2s7rQXrj5agAA%264758
dpm.demdex.net/ Frame 3D68 		42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=YzgksIzwkGH2s7rQXrj5agAA%264758?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.186.254.183 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-186-254-183.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS
dcs-prod-usw2-1-v040-0e6fde70a.edge-usw2.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
0+gGopQcR1w=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC
crum
dsum.casalemedia.com/ Frame 3D68
Redirect Chain
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=2072648366779668424
43 B
876 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=2072648366779668424
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Server
104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 11:29:55 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xXJWwvBgz2VcDxt%2B%2B7TjTmHOe0Axw9KH7bwBXAAx%2FE%2FPe1B6vinQ9uKqFet4rmIuRuWtP%2F1gYa1RiCNwexk%2BElFvrs1I0h%2BCkBRxAoZA7LueWv2pBCa0edrjFu%2BIltFBtcus1G7P"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
7534dd039cf7aacf-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Pragma
no-cache
Date
Sat, 01 Oct 2022 11:29:55 GMT
AN-X-Request-Uuid
5889d1de-30c8-403d-a7c3-342ebe8713a4
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=2072648366779668424
Connection
keep-alive
X-Proxy-Origin
173.245.209.111; 173.245.209.111; 897.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ads.servenobid.com/ Frame 3D68 		0
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=333&uid=YzgksIzwkGH2s7rQXrj5agAAEpYAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.251.200.30 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-200-30.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 11:29:55 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
cksync.php
contextual.media.net/ Frame DFF7
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=medianet&khaos=L8PU0VI1-22-89WR
  • https://contextual.media.net/cksync.php?type=rbcn&ovsid=L8PU0VI1-22-89WR
45 B
451 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?type=rbcn&ovsid=L8PU0VI1-22-89WR
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=medianet
Protocol
H2
Server
184.25.220.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-220-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Sat, 01 Oct 2022 11:29:55 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Sat, 01 Oct 2022 11:29:55 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://contextual.media.net/cksync.php?type=rbcn&ovsid=L8PU0VI1-22-89WR
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4b9b5fe4fdc8ed94e0f7cdc225df187a
Expires
0
usync.js
eus.rubiconproject.com/ Frame C23B 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.15.148.136 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-15-148-136.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
b3e685b257930d612f6c533ada3f062bfca487b3297a3af03e4f9f5478ccbf36

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 01 Oct 2022 11:29:55 GMT
Content-Encoding
gzip
Last-Modified
Thu, 15 Sep 2022 22:38:47 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=25052
Connection
keep-alive
Content-Length
9421
Expires
Sat, 01 Oct 2022 18:27:27 GMT
sync
ads.servenobid.com/ Frame F29D 		0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=317&uid=6873485177772978593&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.251.200.30 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-200-30.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 11:29:59 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
/
rtb-csync.smartadserver.com/redir/ Frame F29D
Redirect Chain
  • https://cs.admanmedia.com/sync/smartadserver?us_privacy=&coppa=&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?partnerid=130&partneruserid=57d42d5a-3fb3-4787-96a7-4ebf0bd6fe55
43 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=130&partneruserid=57d42d5a-3fb3-4787-96a7-4ebf0bd6fe55
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Server
23.106.127.52 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 01 Oct 2022 11:29:55 GMT
cache-control
no-cache,no-store
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

Pragma
no-cache
Date
Sat, 01 Oct 2022 11:29:56 GMT
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Server
nginx
Transfer-Encoding
chunked
X-Frame-Options
DENY
Location
https://rtb-csync.smartadserver.com/redir/?partnerid=130&partneruserid=57d42d5a-3fb3-4787-96a7-4ebf0bd6fe55
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Expires
0
/
csync.loopme.me/ Frame F29D 		0
32 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://csync.loopme.me/?redirect=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D124%26partneruserid%3D%7Bdevice_id%7D&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.172.108 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 11:29:55 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7534dd025bc5ab0b-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
v1
match.sharethrough.com/sync/ Frame F29D
Redirect Chain
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=139&partneruserid=0&redirurl=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3D98KUz37ype9D3X2sf9ovgeTt%26source_user_id%3DS...
  • https://match.sharethrough.com/sync/v1?source_id=98KUz37ype9D3X2sf9ovgeTt&source_user_id=6873485177772978593&gdpr=0&gdpr_consent=
68 B
280 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=98KUz37ype9D3X2sf9ovgeTt&source_user_id=6873485177772978593&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Server
52.220.40.119 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-220-40-119.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 11:29:56 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

location
https://match.sharethrough.com/sync/v1?source_id=98KUz37ype9D3X2sf9ovgeTt&source_user_id=6873485177772978593&gdpr=0&gdpr_consent=
pragma
no-cache
date
Sat, 01 Oct 2022 11:29:54 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
gjIEMT18
sync-tm.everesttech.net/upi/pid/ Frame F29D 		0
59 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-tm.everesttech.net/upi/pid/gjIEMT18?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D94%26partneruserid%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-cache-hits
0
pragma
no-cache
date
Sat, 01 Oct 2022 11:29:55 GMT
via
1.1 varnish
server
Varnish
x-timer
S1664623796.574182,VS0,VE0
x-cache
MISS
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-served-by
cache-syd10162-SYD
async_usersync
ib.adnxs.com/ Frame B8CD 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.151.36 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
897.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 01 Oct 2022 11:29:55 GMT
AN-X-Request-Uuid
53d980c7-574a-40ef-936a-301e0a7e0f78
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
173.245.209.111; 173.245.209.111; 897.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
j-4168949-3972320.js
cdn.flashtalking.com/xre/416/4168949/3972320/js/ Frame EBCF 		93 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.flashtalking.com/xre/416/4168949/3972320/js/j-4168949-3972320.js
Requested by
Host: servedby.flashtalking.com
URL: https://servedby.flashtalking.com/imp/8/115740;4168949;201;js;DV360;DV360FY20EDUBEHAffinityAUDSKBAN728x90/?ftx=&fty=&ftadz=&ftscw=&ft_custom=&ftOBA=1&ft_ifb=1&ft_domain=www.bg3.co&ft_agentEnv=0&ft_referrer=https%3A%2F%2Fwww.bg3.co%2F&ft_section=__56696422625813650822920993803629323163&cachebuster=232702.06925997572
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
13c48bf924bd5e2b83788394183c974a9b6d05ab89d7949e20f5d053b93258a6

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 01 Oct 2022 11:29:55 GMT
Content-Encoding
gzip
x-amz-request-id
YXT5PJWNVKDZBVQ5
Connection
Keep-Alive
Content-Length
24445
x-amz-id-2
AvkTaolAWS5m8jF1oD4JR6ULGGbO5h/PruWAPwboHb11gvOy9kF9W0PxgxXXkz/3zf4VVUeySFk=
Last-Modified
Mon, 18 Jul 2022 22:37:13 GMT
ETag
W/"11f1b0624045926206456b99b610bac9"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
*
X-HW
1664623795.dop020.sy2.t,1664623795.cds206.sy2.shn,1664623795.cds206.sy2.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=740
Accept-Ranges
bytes
j-4168947-3972322.js
cdn.flashtalking.com/xre/416/4168947/3972322/js/ Frame 3777 		93 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.flashtalking.com/xre/416/4168947/3972322/js/j-4168947-3972322.js
Requested by
Host: servedby.flashtalking.com
URL: https://servedby.flashtalking.com/imp/8/115740;4168947;201;js;DV360;DV360FY20EDUBEHAffinityAUDSKBAN300x250/?ftx=&fty=&ftadz=&ftscw=&ft_custom=&ftOBA=1&ft_ifb=1&ft_domain=www.bg3.co&ft_agentEnv=0&ft_referrer=https%3A%2F%2Fwww.bg3.co%2F&ft_section=__56696422625813650822920993803629323163&cachebuster=77083.42391017053
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
837945ba8481c74c635f622d9a07572ad7c231493893bde3996a9c5c7ff3aeec

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 01 Oct 2022 11:29:55 GMT
Content-Encoding
gzip
x-amz-request-id
6H1DN11R507M83PH
Connection
Keep-Alive
Content-Length
24447
x-amz-id-2
Hy5MeTBwL0SvfzUnl2Xx6rt+6MlUKckFldopcJDXzuGj1kp82VpcgI1llh45L4I6DeByh9ubRTA=
Last-Modified
Mon, 18 Jul 2022 22:37:26 GMT
ETag
W/"36a2190c7ad710c4e47fe53073703ec2"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
*
X-HW
1664623795.dop020.sy2.t,1664623795.cds024.sy2.shn,1664623795.dop020.sy2.t,1664623795.cds207.sy2.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=687
Accept-Ranges
bytes
usersync
usersync.gumgum.com/ Frame F1E2
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=2072648366779668424
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=2072648366779668424
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
13.112.54.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sat, 01 Oct 2022 11:29:57 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Sat, 01 Oct 2022 11:29:56 GMT
AN-X-Request-Uuid
a2b485cf-e43c-46fb-a4a0-05014983a60b
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://usersync.gumgum.com/usersync?b=apn&i=2072648366779668424
Connection
keep-alive
X-Proxy-Origin
173.245.209.111; 173.245.209.111; 907.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame F1E2
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=a_715bfe67-7186-4deb-a640-bcd6732ed31b&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=6c560b16-36bc-46be-983e-654602179631&ssp=gumgum2
  • https://usersync.gumgum.com/usersync?b=bsw&i=c517c859-213d-4ae2-834e-1c2a02286ba3
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=bsw&i=c517c859-213d-4ae2-834e-1c2a02286ba3
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
13.112.54.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sat, 01 Oct 2022 11:29:57 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
//usersync.gumgum.com/usersync?b=bsw&i=c517c859-213d-4ae2-834e-1c2a02286ba3
Date
Sat, 01 Oct 2022 11:29:57 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
usermatchredir
ssum-sec.casalemedia.com/ Frame F1E2
Redirect Chain
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobR...
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28ksct2HXYPINH6VGfAHaQhdBo8tR6AqLHh7G0fFcf4inAO-wxAEAfYEmKJWT4AZHy%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%...
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=a_715bfe67-7186-4deb-a640-bcd6732ed31b&obuid=ENC(ksct2HXYPINH6VGfAHaQhdBo8tR6AqLHh7G0fFcf4inAO-wxAEAfYEmKJWT4AZHy)
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51
  • https://ssum-sec.casalemedia.com/usermatchredir?s=193091&cb=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dindxexcg%26uid%3D%24%7BUSER%7D%26obUid%3Dksct2HXYPINH6VGfAHaQhdBo8tR6AqLHh7G0fFcf4inA...
43 B
845 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=193091&cb=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dindxexcg%26uid%3D%24%7BUSER%7D%26obUid%3Dksct2HXYPINH6VGfAHaQhdBo8tR6AqLHh7G0fFcf4inAO-wxAEAfYEmKJWT4AZHy%26gdpr%3D%24GDPR_APPLIES%26gdpr_consent%3D%24CONSNT_STRING%26us_privacy%3D%24CCPA%0A
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H3
Server
104.18.18.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 11:29:58 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TsFBVzdTioifkQqVi6AyXnPO3HUD%2Frh%2FaKpOz9n5dIB5VW%2Fx9FcxHdStYcsk7JoKy73gL8YH17yP%2B%2FY0bI0R4VcIbDCbWKanc%2Bzqcm9kjLrPvgcyYfMnLoeBMk14Nhz2k4oOLzfIM43jdg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
7534dd10ee71a835-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Location
https://ssum-sec.casalemedia.com/usermatchredir?s=193091&cb=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dindxexcg%26uid%3D%24%7BUSER%7D%26obUid%3Dksct2HXYPINH6VGfAHaQhdBo8tR6AqLHh7G0fFcf4inAO-wxAEAfYEmKJWT4AZHy%26gdpr%3D%24GDPR_APPLIES%26gdpr_consent%3D%24CONSNT_STRING%26us_privacy%3D%24CCPA%0A
Date
Sat, 01 Oct 2022 11:29:57 GMT
X-TraceId
d96383247cebf241f4463c4051fe0cab
Content-Length
0
usersync
usersync.gumgum.com/ Frame F1E2
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=982f916c-44e7-44a2-88bb-216a672ab347
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=opx&i=982f916c-44e7-44a2-88bb-216a672ab347
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
13.112.54.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sat, 01 Oct 2022 11:29:56 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Sat, 01 Oct 2022 11:29:55 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://usersync.gumgum.com/usersync?b=opx&i=982f916c-44e7-44a2-88bb-216a672ab347
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usersync
usersync.gumgum.com/ Frame F1E2
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-3faf5242-7290-400b-68fb-4b2ccf8c152f$ip$173.245.209.111
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-3faf5242-7290-400b-68fb-4b2ccf8c152f$ip$173.245.209.111
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
13.112.54.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sat, 01 Oct 2022 11:29:57 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-3faf5242-7290-400b-68fb-4b2ccf8c152f$ip$173.245.209.111
Date
Sat, 01 Oct 2022 11:29:56 GMT
Connection
keep-alive
Content-Length
129
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame F1E2
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=oth&i=y-xB2.bghE2pcvNboM7lXJeIuKYfbxU8IioDNH~A
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=oth&i=y-xB2.bghE2pcvNboM7lXJeIuKYfbxU8IioDNH~A
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
13.112.54.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sat, 01 Oct 2022 11:29:57 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Sat, 01 Oct 2022 11:29:55 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://usersync.gumgum.com/usersync?b=oth&i=y-xB2.bghE2pcvNboM7lXJeIuKYfbxU8IioDNH~A
content-length
0
usersync
usersync.gumgum.com/ Frame F1E2
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fuser...
  • https://usersync.gumgum.com/usersync?b=vnt&i=9da30d26-9013-47a7-947b-a84377667183
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=vnt&i=9da30d26-9013-47a7-947b-a84377667183
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
13.112.54.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sat, 01 Oct 2022 11:29:57 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=vnt&i=9da30d26-9013-47a7-947b-a84377667183
Date
Sat, 01 Oct 2022 11:29:56 GMT
Connection
keep-alive
X-CI-RTID
9d627668-ae35-455c-9fde-79360885e44b
Content-Length
108
Content-Type
text/html; charset=utf-8
services
sync.technoratimedia.com/ Frame F1E2 		0
293 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
150.136.26.45 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 11:29:56 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
848840040
access-control-allow-origin
https://g2.gumgum.com/
access-control-allow-credentials
true
142
match.deepintent.com/usersync/ Frame F1E2 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.8 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 11:29:55 GMT
content-length
0
server
a
usersync
usersync.gumgum.com/ Frame F1E2
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=a_715bfe67-7186-4deb-a640-bcd6732ed31b&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
  • https://stags.bluekai.com/site/23178?id=gU44aKoIYdcgRJmSt6ri&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LO...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2Z2VGQ2GCS3PJFMWIY3HKJFG2U3UGZZGS...
  • https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=gU44aKoIYdcgRJmSt6ri&us_privacy=1---
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=gU44aKoIYdcgRJmSt6ri&us_privacy=1---
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
13.112.54.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sat, 01 Oct 2022 11:29:57 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Sat, 01 Oct 2022 11:29:56 GMT
Content-Type
text/html; charset=utf-8
Location
https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=gU44aKoIYdcgRJmSt6ri&us_privacy=1---
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
123
Expires
Thu, 01 Dec 1994 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame F1E2
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://usersync.gumgum.com/usersync?b=idi&i=90e3369f-9787-4a86-846e-f09c73e2c0d6
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=idi&i=90e3369f-9787-4a86-846e-f09c73e2c0d6
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
13.112.54.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sat, 01 Oct 2022 11:29:56 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=idi&i=90e3369f-9787-4a86-846e-f09c73e2c0d6
access-control-allow-origin
*
date
Sat, 01 Oct 2022 11:29:55 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
RX-399b6623-35a5-47a7-9e2f-fda9227d4571-004
sync.targeting.unrulymedia.com/csync/ Frame F1E2
Redirect Chain
  • https://sync.1rx.io/usersync2/floor6?gdpr=0&gdpr_consent=&dspret=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-399b6623-35a5-47a7-9e2f-fda9227d4571-004&rndcb=4871731470
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=adconductor&bsw_custom_parameter=c517c859-213d-4ae2-834e-1c2a02286ba3
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=adconductor&bsw_custom_parameter=c517c859-213d-4ae2-834e-1c2a02286ba3
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=994fa61a-1762-4b77-8d61-a867ac0d54bc&user_group=1&ssp=adconductor&bsw_param=c517c859-213d-4ae2-834e-1c2a02286ba3
  • https://sync.1rx.io/usersync/bidswitch/c517c859-213d-4ae2-834e-1c2a02286ba3?gdpr=&gdpr_consent=
  • https://sync.targeting.unrulymedia.com/csync/RX-399b6623-35a5-47a7-9e2f-fda9227d4571-004
43 B
377 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.targeting.unrulymedia.com/csync/RX-399b6623-35a5-47a7-9e2f-fda9227d4571-004
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
74.118.186.45 Serangoon, Singapore, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 11:29:58 GMT
content-length
43
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

location
https://sync.targeting.unrulymedia.com/csync/RX-399b6623-35a5-47a7-9e2f-fda9227d4571-004
pragma
no-cache
date
Sat, 01 Oct 2022 11:29:58 GMT
cache-control
no-store, no-cache, must-revalidate
expires
0
content-type
text/html
usersync
usersync.gumgum.com/ Frame F1E2
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://usersync.gumgum.com/usersync?b=pln&i=KZDgWR6Ir1kd&ev=1&pid=558355
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=pln&i=KZDgWR6Ir1kd&ev=1&pid=558355
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
13.112.54.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sat, 01 Oct 2022 11:29:57 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
location
https://usersync.gumgum.com/usersync?b=pln&i=KZDgWR6Ir1kd&ev=1&pid=558355
content-language
en-AU
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-554bd45949-fgw9h
expires
-1
usersync
usersync.gumgum.com/ Frame F1E2
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sad&i=6873485177772978593
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sad&i=6873485177772978593
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
13.112.54.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sat, 01 Oct 2022 11:29:56 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=sad&i=6873485177772978593
date
Sat, 01 Oct 2022 11:29:55 GMT
content-length
0
sync
ads.servenobid.com/ Frame F1E2 		0
357 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=309&uid=a_715bfe67-7186-4deb-a640-bcd6732ed31b
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.251.200.30 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-200-30.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 11:29:55 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
usersync
usersync.gumgum.com/ Frame 8013
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
  • https://usersync.gumgum.com/usersync?b=mmh&i=76ed6338-24b0-4800-bca5-671c290429af&gdpr=0&gdpr_consent=
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=mmh&i=76ed6338-24b0-4800-bca5-671c290429af&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.112.54.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sat, 01 Oct 2022 11:29:56 GMT
Expires
0
Pragma
no-cache

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Sat, 01 Oct 2022 11:29:55 GMT
Expires
Sat, 01 Oct 2022 11:29:54 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 4525 e1952b7 master hkg-pixel-x21 config:1.0.0
location
https://usersync.gumgum.com/usersync?b=mmh&i=76ed6338-24b0-4800-bca5-671c290429af&gdpr=0&gdpr_consent=
URnmbSKM
sync-tm.everesttech.net/upi/pid/ Frame 591C 		0
60 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Sat, 01 Oct 2022 11:29:55 GMT
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-syd10162-SYD
x-timer
S1664623796.735858,VS0,VE0
pixel
cm.g.doubleclick.net/ Frame 2363 		170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=YV83MTViZmU2Ny03MTg2LTRkZWItYTY0MC1iY2Q2NzMyZWQzMWI=&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Sat, 01 Oct 2022 11:29:55 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 4225 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.44.0.196 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-44-0-196.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=120042
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Sat, 01 Oct 2022 11:29:55 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Sun, 02 Oct 2022 20:50:37 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usersync
usersync.gumgum.com/ Frame 2923
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=ttd&i=94fe3cf1-3e44-4ca9-b31e-4d20824c3f42
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=ttd&i=94fe3cf1-3e44-4ca9-b31e-4d20824c3f42
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.112.54.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sat, 01 Oct 2022 11:29:56 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
private,no-cache, must-revalidate
content-length
193
content-type
text/html
date
Sat, 01 Oct 2022 11:29:55 GMT
location
https://usersync.gumgum.com/usersync?b=ttd&i=94fe3cf1-3e44-4ca9-b31e-4d20824c3f42
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
um
cs.emxdgt.com/ Frame 3AAF 		0
66 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.16.238.86 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-16-238-86.compute-1.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

content-length
0
content-type
text/plain; charset=utf-8
date
Sat, 01 Oct 2022 11:29:55 GMT
server
awselb/2.0
usersync
usersync.gumgum.com/ Frame 8D8D
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=YzgksMCo8X8AAG-4u3UAAAAA
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=sus&i=YzgksMCo8X8AAG-4u3UAAAAA
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.112.54.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sat, 01 Oct 2022 11:29:56 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Sat, 01 Oct 2022 11:29:55 GMT
Location
https://usersync.gumgum.com/usersync?b=sus&i=YzgksMCo8X8AAG-4u3UAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
2
X-SO-Cluster-ID
9
X-SO-HostName
m-ad169.dc4p.scaleout.jp
X-SO-IP
173.245.209.111
X-SO-Key
YzgksMCo8X8AAG-4u3UAAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":9,"gdpr":false,"ipv4":"173.245.209.111","key":"YzgksMCo8X8AAG-4u3UAAAAA","privacy_sensitive":false,"uid":"YzgksMCo8X8AAG-4u3UAAAAA","upstream_id":"m-ad169"}
X-SO-LB-Hostname
m-tgng27.dc4p.scaleout.jp
X-SO-UID
YzgksMCo8X8AAG-4u3UAAAAA
X-SO-Upstream-ID
m-ad169
usersync
usersync.gumgum.com/ Frame 2F06
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D
  • https://usersync.gumgum.com/usersync?b=iex&i=YzgksIzwkGH2s7rQXrj5agAA%264758
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=iex&i=YzgksIzwkGH2s7rQXrj5agAA%264758
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.112.54.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sat, 01 Oct 2022 11:29:56 GMT
Expires
0
Pragma
no-cache

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
7534dd036839a835-SYD
content-length
0
date
Sat, 01 Oct 2022 11:29:55 GMT
expires
0
location
https://usersync.gumgum.com/usersync?b=iex&i=YzgksIzwkGH2s7rQXrj5agAA%264758
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IWHOvwHebHcqDS8csXn%2Bpmv2mlN0FlwSBxvWyzJ8c0wVHFHr13MjcgqvRihW1zep8QnMhCMoakaSqyu3ZJNNPvCVdF5xYeYQw807ctBalyrI8Tlblwo5wKh2wSvYozhhiwI8A7wx8fmljw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usersync
usersync.gumgum.com/ Frame 6D4C
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://usersync.gumgum.com/usersync?b=rth&i=pxcF2x64uoLiTLWnoEml&pi=gumgum&tc=1
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=pxcF2x64uoLiTLWnoEml&pi=gumgum&tc=1
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.112.54.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sat, 01 Oct 2022 11:29:57 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Sat, 01 Oct 2022 11:29:57 GMT Sat, 01 Oct 2022 11:29:57 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=pxcF2x64uoLiTLWnoEml&pi=gumgum&tc=1
pragma
no-cache
usync.html
eus.rubiconproject.com/ Frame 6590
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
573 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.15.148.136 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-15-148-136.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 01 Oct 2022 11:29:56 GMT
ETag
"40014-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Unused62
8096267
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sat, 01 Oct 2022 11:29:55 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
sync
ads.servenobid.com/ Frame C23B
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=duration_media&khaos=L8PU0VI1-22-89WR
  • https://ads.servenobid.com/sync?pid=323&uid=L8PU0VI1-22-89WR
0
343 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=323&uid=L8PU0VI1-22-89WR
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
H2
Server
34.251.200.30 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-200-30.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 11:29:57 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ads.servenobid.com/sync?pid=323&uid=L8PU0VI1-22-89WR
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
e1bddfc34a927e97bda010c0d8a62b62
Expires
0
ads
googleads.g.doubleclick.net/pagead/ Frame 958B 		103 KB
33 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=1600x250&w=1600&h=250&ptt=12&adk=2733026255&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-328203967645347522&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=470780615&nhd=0&adx=0&ady=4465&oid=2&is_amp=5&amp_v=2209142312000&d_imp=1&c=1001285&ga_cid=amp-lfEJphMrir-y-H01hMFB_A&ga_hid=1285&dt=1664623786810&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fqiang-ni-dai-pu-nan-shen-ji-lao-13sui-ke-neng-yuan-yin-pu-guang.html&bdt=2473&dtd=457&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012209142312000/v0/amp-ad-0.1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
cafe /
Resource Hash
d8e22455bbcacff9efa92b641e802640b6292cf6e2cfc86d64430340edad5051
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
33573
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 01 Oct 2022 11:29:56 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
d9core
d9.flashtalking.com/ Frame EBCF 		11 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d9.flashtalking.com/d9core
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/xre/416/4168949/3972320/js/j-4168949-3972320.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.136.78.69 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-136-78-69.ap-southeast-1.compute.amazonaws.com
Software
Apache/2.4.52 () OpenSSL/1.0.2k-fips /
Resource Hash
9fcc897197316a84c3d467aef4a6ed8f6e984729e6f1e10c3b8a3c919147fd6b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 01 Oct 2022 11:29:56 GMT
Server
Apache/2.4.52 () OpenSSL/1.0.2k-fips
ETag
5bc31bf7d4a298e1bef9d35fce222bfc
Access-Control-Allow-Methods
GET,POST,SERVER
P3P
policyref="localhost/w3c/D9_p3p_.xml", CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Access-Control-Allow-Origin
d9.flashtalking.com
Content-Type
application/javascript;charset=utf-8
Cache-Control
private, must-revalidate, proxy-revalidate, max-age=172800
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
10814
index.html
cdn.flashtalking.com/155251/3972320/ Frame DA81 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.flashtalking.com/155251/3972320/index.html
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/xre/416/4168949/3972320/js/j-4168949-3972320.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
f02c5bfd1552e5ae37ca5c520f5ba626ce7c63338edda5ef59b0a3576579be4a

Request headers

Referer
https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Access-Control-Max-Age
3000
Cache-Control
max-age=352
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
1672
Content-Type
text/html
Date
Sat, 01 Oct 2022 11:29:56 GMT
ETag
W/"009a3715fa515186ae0c7f8b6cab0909"
Last-Modified
Tue, 05 Jul 2022 17:22:28 GMT
X-HW
1664623795.dop020.sy2.t,1664623795.cds024.sy2.shn,1664623796.dop020.sy2.t,1664623796.cds023.sy2.c
x-amz-id-2
Shlzhb2D9M1ViocKugfxQR3f9PK7MVMmtwZT/kPhAjH8JjEXGeJP8j4u6ryGU5VvLqaSsLJY1WY=
x-amz-request-id
3GP6TKZH3D06HMRR
dvtp_src.js
cdn.doubleverify.com/ Frame EBCF 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvtp_src.js?ctx=1828362&cmp=115740&sid=18330&plc=4168949&num=&adid=&advid=&adsrv=29&btreg=4168949&btadsrv=flashtalking&crt=3972320&crtname=&chnl=&unit=&pid=&uid=&dvtagver=6.1.src&dvp_ftimpid=4B52E36A-6A99-2CF5-890A-5A90A7AFBA67&auevent=&63634328
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/xre/416/4168949/3972320/js/j-4168949-3972320.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.25.249.212 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-249-212.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 /
Resource Hash
9dc99a92f9d68c0bb47cf55e03971e0f068090465859bd483c97bf9c6fdd32e3

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 01 Oct 2022 11:29:56 GMT
Content-Encoding
gzip
Last-Modified
Mon, 19 Sep 2022 15:59:20 GMT
Server
Microsoft-IIS/10.0
ETag
"0fc3bc740ccd81:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3314
iconc.png
secure.flashtalking.com/oba/icon/ Frame EBCF 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.flashtalking.com/oba/icon/iconc.png?EDAA_icon=y
Requested by
Host: eae788224dba35857150c6163776964a.safeframe.googlesyndication.com
URL: https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.25.220.49 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-220-49.deploy.static.akamaitechnologies.com
Software
Flashtalking (AKA) /
Resource Hash
f75ada33b07cb31e16a0a0d3325961a22dc9526edb49bff04c31d7b7611f7025

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 01 Oct 2022 11:29:56 GMT
Last-Modified
Sat, 12 Apr 2014 19:14:31 GMT
Server
Flashtalking (AKA)
ETag
W/"db320ef6f3c45ab5c90887ef618de2bb"
X-FT-Origin
us
X-Varnish
21059154 9594529
Content-Type
image/png
Cache-Control
max-age=982531
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1308
Expires
Wed, 12 Oct 2022 20:25:27 GMT
d9core
d9.flashtalking.com/ Frame 3777 		11 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d9.flashtalking.com/d9core
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/xre/416/4168947/3972322/js/j-4168947-3972322.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.136.78.69 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-136-78-69.ap-southeast-1.compute.amazonaws.com
Software
Apache/2.4.52 () OpenSSL/1.0.2k-fips /
Resource Hash
0e43d251a2b34d28c2cf166a8d2a91c216bb48f3263bebe0e7d272721a5e7032

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 01 Oct 2022 11:29:56 GMT
Server
Apache/2.4.52 () OpenSSL/1.0.2k-fips
ETag
5bc31bf7d4a298e1bef9d35fce222bfc
Access-Control-Allow-Methods
GET,POST,SERVER
P3P
policyref="localhost/w3c/D9_p3p_.xml", CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Access-Control-Allow-Origin
d9.flashtalking.com
Content-Type
application/javascript;charset=utf-8
Cache-Control
private, must-revalidate, proxy-revalidate, max-age=172800
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
10814
index.html
cdn.flashtalking.com/155251/3972322/ Frame 5C5A 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.flashtalking.com/155251/3972322/index.html
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/xre/416/4168947/3972322/js/j-4168947-3972322.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
d74da575f4e334741bcbfe7a2ac482930ced39399e1801e20311a60074cbc9d1

Request headers

Referer
https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Access-Control-Max-Age
3000
Cache-Control
max-age=45
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
1673
Content-Type
text/html
Date
Sat, 01 Oct 2022 11:29:56 GMT
ETag
W/"8e057901d7913a3f365f531c4eeec7bf"
Last-Modified
Tue, 05 Jul 2022 17:22:31 GMT
X-HW
1664623795.dop020.sy2.t,1664623796.cds206.sy2.shn,1664623796.dop020.sy2.t,1664623796.cds201.sy2.c
x-amz-id-2
bsrSX8SOh05UaNFcoFLC/gABYBFr9rvMU2fidNZyK0b8ljDam+MVRcUby2Q+3Jqg4PE6B+PeMog=
x-amz-request-id
XP1KCE38TKQXEYAP
dvtp_src.js
cdn.doubleverify.com/ Frame 3777 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvtp_src.js?ctx=1828362&cmp=115740&sid=18330&plc=4168947&num=&adid=&advid=&adsrv=29&btreg=4168947&btadsrv=flashtalking&crt=3972322&crtname=&chnl=&unit=&pid=&uid=&dvtagver=6.1.src&dvp_ftimpid=CA37A905-B4C6-5693-F348-A56CD1A7E8CF&auevent=&718808733
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/xre/416/4168947/3972322/js/j-4168947-3972322.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.25.249.212 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-249-212.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 /
Resource Hash
9dc99a92f9d68c0bb47cf55e03971e0f068090465859bd483c97bf9c6fdd32e3

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 01 Oct 2022 11:29:56 GMT
Content-Encoding
gzip
Last-Modified
Mon, 19 Sep 2022 15:59:20 GMT
Server
Microsoft-IIS/10.0
ETag
"0fc3bc740ccd81:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3314
iconc.png
secure.flashtalking.com/oba/icon/ Frame 3777 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.flashtalking.com/oba/icon/iconc.png?EDAA_icon=y
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/xre/416/4168947/3972322/js/j-4168947-3972322.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.25.220.49 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-220-49.deploy.static.akamaitechnologies.com
Software
Flashtalking (AKA) /
Resource Hash
f75ada33b07cb31e16a0a0d3325961a22dc9526edb49bff04c31d7b7611f7025

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 01 Oct 2022 11:29:56 GMT
Last-Modified
Sat, 12 Apr 2014 19:14:31 GMT
Server
Flashtalking (AKA)
ETag
W/"db320ef6f3c45ab5c90887ef618de2bb"
X-FT-Origin
us
X-Varnish
21059154 9594529
Content-Type
image/png
Cache-Control
max-age=982531
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1308
Expires
Wed, 12 Oct 2022 20:25:27 GMT
dv-measurements3094.js
cdn.doubleverify.com/ Frame B629 		545 KB
105 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dv-measurements3094.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qiang-ni-dai-pu-nan-shen-ji-lao-13sui-ke-neng-yuan-yin-pu-guang.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.25.249.212 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-249-212.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 /
Resource Hash
540f48245870c99b467d8171b70e0fac699be40281033d7d90e4a70eb4666f0b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 01 Oct 2022 11:29:56 GMT
Content-Encoding
gzip
Last-Modified
Sun, 18 Sep 2022 19:04:54 GMT
Server
Microsoft-IIS/10.0
ETag
"0cf338991cbd81:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=946080900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
106974
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 66E8 		1 KB
755 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: eae788224dba35857150c6163776964a.safeframe.googlesyndication.com
URL: https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
60655
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 30 Sep 2022 18:39:01 GMT
etag
48472445140208031
expires
Sat, 01 Oct 2022 18:39:01 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
dv-measurements3094.js
cdn.doubleverify.com/ Frame D699 		545 KB
105 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dv-measurements3094.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qiang-ni-dai-pu-nan-shen-ji-lao-13sui-ke-neng-yuan-yin-pu-guang.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.25.249.212 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-249-212.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 /
Resource Hash
540f48245870c99b467d8171b70e0fac699be40281033d7d90e4a70eb4666f0b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 01 Oct 2022 11:29:56 GMT
Content-Encoding
gzip
Last-Modified
Sun, 18 Sep 2022 19:04:54 GMT
Server
Microsoft-IIS/10.0
ETag
"0cf338991cbd81:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=946080900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
106974
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame AB20 		1 KB
755 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: eae788224dba35857150c6163776964a.safeframe.googlesyndication.com
URL: https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
60655
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 30 Sep 2022 18:39:01 GMT
etag
48472445140208031
expires
Sat, 01 Oct 2022 18:39:01 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 3777 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
98a65e9ad41e5e4582d6013091bac9d7cdfe8c93cd3454437ff75df748fe509e

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame EBCF 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
efea86161d7be5a95315a2ef8adb1551a064063f3272a3319746d8ac3e380bde

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
createjs.min.js
cdn.flashtalking.com/frameworks/js/createjs/1.0.0/ Frame DA81 		236 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.flashtalking.com/frameworks/js/createjs/1.0.0/createjs.min.js
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/155251/3972320/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.flashtalking.com/155251/3972320/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 01 Oct 2022 11:29:56 GMT
Content-Encoding
gzip
x-amz-request-id
5CVTRT57XV7N2A4X
Connection
Keep-Alive
Content-Length
63757
x-amz-id-2
GMFvsmzdgoecb74NxGBm6lWZwDOfDnMtt4sx6TqNs7lLXAEPheJUw9EbkdyaGKVO77q77fEhMj4=
Last-Modified
Wed, 11 Apr 2018 19:26:47 GMT
ETag
W/"c71464532c0fc2020d8e8667ecfd9a3f"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
text/javascript
Access-Control-Allow-Origin
*
X-HW
1664623795.dop020.sy2.t,1664623796.cds206.sy2.shn,1664623796.dop020.sy2.t,1664623796.cds201.sy2.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=48044
Accept-Ranges
bytes
FY22Q3_CC_Student_Blank_ANZ_EN_DCOHowtoresume_ROI_AN_728x90.js
cdn.flashtalking.com/155251/3972320/ Frame DA81 		51 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.flashtalking.com/155251/3972320/FY22Q3_CC_Student_Blank_ANZ_EN_DCOHowtoresume_ROI_AN_728x90.js?1653659834753
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/155251/3972320/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
e9f7ee4f72ff576cf6fe4f7be74f474e0926110379781727785f23ad2203610b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.flashtalking.com/155251/3972320/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 01 Oct 2022 11:29:56 GMT
Content-Encoding
gzip
x-amz-request-id
7B9SQ585MFXRQB3D
Connection
Keep-Alive
Content-Length
9729
x-amz-id-2
Ryif0ZT1csQb4y+IkYmHIZdJXBnGCs3aWADgD9+7KimPiJmdOiWbi6APUg5mQlMh/qaodYkguuE=
Last-Modified
Tue, 05 Jul 2022 17:22:28 GMT
ETag
W/"ac153aca9df5c64edbbf36e66b069b68"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
X-HW
1664623795.dop020.sy2.t,1664623795.cds024.sy2.shn,1664623796.dop020.sy2.t,1664623796.cds015.sy2.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=626
Accept-Ranges
bytes
html5API.js
cdn.flashtalking.com/frameworks/js/api/2/10/ Frame DA81 		89 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.flashtalking.com/frameworks/js/api/2/10/html5API.js
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/155251/3972320/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
b24207967ac402c984033e70a55264014d8a2c4a6528b5196881e3781f0c5a44

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.flashtalking.com/155251/3972320/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 01 Oct 2022 11:29:56 GMT
Content-Encoding
gzip
x-amz-request-id
3TCBS060WZS3K5YE
Connection
Keep-Alive
Content-Length
28626
x-amz-id-2
y/KMo9ui0cDzLsCXZOUlDzNSucIUxeesscyZCCI1GaXpCTMKX7RPBEeKdCCe8DoJT5JY+vbRK4k=
Last-Modified
Mon, 15 Aug 2022 14:14:24 GMT
ETag
W/"232f021c7925a065046f63511f376193"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
X-HW
1664623795.dop020.sy2.t,1664623795.cds024.sy2.shn,1664623796.dop020.sy2.t,1664623796.cds015.sy2.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=10081
Accept-Ranges
bytes
createjs.min.js
cdn.flashtalking.com/frameworks/js/createjs/1.0.0/ Frame 5C5A 		236 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.flashtalking.com/frameworks/js/createjs/1.0.0/createjs.min.js
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/155251/3972322/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.flashtalking.com/155251/3972322/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 01 Oct 2022 11:29:56 GMT
Content-Encoding
gzip
x-amz-request-id
5C157858F082CB87
Connection
Keep-Alive
Content-Length
63757
x-amz-id-2
iYRojEqrGkRA+J3OeTr41iWF7rGs4kyf9OSLqx5IKkVHWqGZt5inZvPstyGqWe9p09aHAaXr2F4=
Last-Modified
Wed, 11 Apr 2018 19:26:47 GMT
ETag
W/"c71464532c0fc2020d8e8667ecfd9a3f"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
text/javascript
Access-Control-Allow-Origin
*
X-HW
1664623796.dop020.sy2.shc,1664623796.dop020.sy2.t,1664623796.cds023.sy2.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=64547
Accept-Ranges
bytes
FY22Q3_CC_Student_Blank_ANZ_EN_DCOHowtoresume_ROI_AN_300x250.js
cdn.flashtalking.com/155251/3972322/ Frame 5C5A 		53 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.flashtalking.com/155251/3972322/FY22Q3_CC_Student_Blank_ANZ_EN_DCOHowtoresume_ROI_AN_300x250.js?1653659805975
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/155251/3972322/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
857f6334cc515a921f6fafb0c1593db4f159be579213395388a0736a8e04d9f0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.flashtalking.com/155251/3972322/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 01 Oct 2022 11:29:56 GMT
Content-Encoding
gzip
x-amz-request-id
11442V1C9KV914RX
Connection
Keep-Alive
Content-Length
9891
x-amz-id-2
dHDl9cHPpv+PeZ1+ruPHP/L40o/uJ1hRPfIis4V4zRHiAN4VDunTHq+O0TzegLm2nfHUraaBlpQ=
Last-Modified
Tue, 05 Jul 2022 17:22:30 GMT
ETag
W/"0c27fdcfb314baf877ed500c4f176365"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
X-HW
1664623796.dop020.sy2.shc,1664623796.dop020.sy2.t,1664623796.cds015.sy2.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=622
Accept-Ranges
bytes
html5API.js
cdn.flashtalking.com/frameworks/js/api/2/10/ Frame 5C5A 		89 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.flashtalking.com/frameworks/js/api/2/10/html5API.js
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/155251/3972322/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
b24207967ac402c984033e70a55264014d8a2c4a6528b5196881e3781f0c5a44

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.flashtalking.com/155251/3972322/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 01 Oct 2022 11:29:56 GMT
Content-Encoding
gzip
x-amz-request-id
3TCBS060WZS3K5YE
Connection
Keep-Alive
Content-Length
28626
x-amz-id-2
y/KMo9ui0cDzLsCXZOUlDzNSucIUxeesscyZCCI1GaXpCTMKX7RPBEeKdCCe8DoJT5JY+vbRK4k=
Last-Modified
Mon, 15 Aug 2022 14:14:24 GMT
ETag
W/"232f021c7925a065046f63511f376193"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
X-HW
1664623796.dop020.sy2.shc,1664623796.dop020.sy2.t,1664623796.cds015.sy2.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=10081
Accept-Ranges
bytes
usync.js
eus.rubiconproject.com/ Frame 6590 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.15.148.136 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-15-148-136.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
b3e685b257930d612f6c533ada3f062bfca487b3297a3af03e4f9f5478ccbf36

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 01 Oct 2022 11:29:56 GMT
Content-Encoding
gzip
Last-Modified
Thu, 15 Sep 2022 22:38:47 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=25051
Connection
keep-alive
Content-Length
9421
Expires
Sat, 01 Oct 2022 18:27:27 GMT
consumer-privacy-logo.png
secure.flashtalking.com/oba/icon/ Frame EBCF 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.flashtalking.com/oba/icon/consumer-privacy-logo.png
Requested by
Host: eae788224dba35857150c6163776964a.safeframe.googlesyndication.com
URL: https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.25.220.49 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-220-49.deploy.static.akamaitechnologies.com
Software
Flashtalking (AKA) /
Resource Hash
49b19f7f2d3d0fc9d2270cd1ebd79d468ca86cf308f33b063595863e3f392e98

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 01 Oct 2022 11:29:56 GMT
Last-Modified
Thu, 11 Feb 2021 15:39:51 GMT
Server
Flashtalking (AKA)
ETag
W/"d675694ab4d4d2eb56cca854c25d9c36"
X-FT-Origin
us
X-Varnish
19861047 19763068
Content-Type
image/png
Cache-Control
max-age=284
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5953
Expires
Sat, 01 Oct 2022 11:34:40 GMT
consumer-privacy-logo.png
secure.flashtalking.com/oba/icon/ Frame 3777 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.flashtalking.com/oba/icon/consumer-privacy-logo.png
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/xre/416/4168947/3972322/js/j-4168947-3972322.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.25.220.49 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-220-49.deploy.static.akamaitechnologies.com
Software
Flashtalking (AKA) /
Resource Hash
49b19f7f2d3d0fc9d2270cd1ebd79d468ca86cf308f33b063595863e3f392e98

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 01 Oct 2022 11:29:57 GMT
Last-Modified
Thu, 11 Feb 2021 15:39:51 GMT
Server
Flashtalking (AKA)
ETag
W/"d675694ab4d4d2eb56cca854c25d9c36"
X-FT-Origin
us
X-Varnish
19861047 19763068
Content-Type
image/png
Cache-Control
max-age=283
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5953
Expires
Sat, 01 Oct 2022 11:34:40 GMT
dv-measurements3094.js
cdn.doubleverify.com/ Frame 243F 		545 KB
105 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dv-measurements3094.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qiang-ni-dai-pu-nan-shen-ji-lao-13sui-ke-neng-yuan-yin-pu-guang.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.25.249.212 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-249-212.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 /
Resource Hash
540f48245870c99b467d8171b70e0fac699be40281033d7d90e4a70eb4666f0b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 01 Oct 2022 11:29:56 GMT
Content-Encoding
gzip
Last-Modified
Sun, 18 Sep 2022 19:04:54 GMT
Server
Microsoft-IIS/10.0
ETag
"0cf338991cbd81:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=946080900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
106974
dv-measurements3094.js
cdn.doubleverify.com/ Frame 800F 		545 KB
105 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dv-measurements3094.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qiang-ni-dai-pu-nan-shen-ji-lao-13sui-ke-neng-yuan-yin-pu-guang.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.25.249.212 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-249-212.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 /
Resource Hash
540f48245870c99b467d8171b70e0fac699be40281033d7d90e4a70eb4666f0b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 01 Oct 2022 11:29:56 GMT
Content-Encoding
gzip
Last-Modified
Sun, 18 Sep 2022 19:04:54 GMT
Server
Microsoft-IIS/10.0
ETag
"0cf338991cbd81:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=946080900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
106974
dpixel
cms.quantserve.com/ Frame 66E8 		35 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEExNAypDvUrNiceOZ4NyWsk&google_cver=1&google_push=AZmPxg-VKGxCbDVCMghrX9JVGgsexvCS3av4vzdCXNdsO49Gb0DAtZ5tulxD7gD9_2-pM6MtBG7zdQdmpAmEg5AjNOqqwF743MY
Requested by
Host: eae788224dba35857150c6163776964a.safeframe.googlesyndication.com
URL: https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.229.10.211 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 01 Oct 2022 11:29:56 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
strict-transport-security
max-age=86400
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 66E8
Redirect Chain
  • https://ipac.ctnsnet.com/int/cm?exc=1&acc=crimtan_au&google_gid=CAESEES2FtrR1s9AQtG9nC0u9vQ&google_cver=1&google_push=AZmPxg_3nwkT6OhfPw0Ahl3jWdPw5h-9o3gDrJbyns6HF_akjC-CqEqnWz5tQjNE_7NWMGwNJ-S_irq...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AZmPxg_3nwkT6OhfPw0Ahl3jWdPw5h-9o3gDrJbyns6HF_akjC-CqEqnWz5tQjNE_7NWMGwNJ-S_irqfL7QIwr6zkLf9lViL0RsV&google_hm=EAIJzB8sS3OH7gFiK...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AZmPxg_3nwkT6OhfPw0Ahl3jWdPw5h-9o3gDrJbyns6HF_akjC-CqEqnWz5tQjNE_7NWMGwNJ-S_irqfL7QIwr6zkLf9lViL0RsV&google_hm=EAIJzB8sS3OH7gFiK2AF6m8
Requested by
Host: eae788224dba35857150c6163776964a.safeframe.googlesyndication.com
URL: https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.253.118.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 11:29:56 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 01 Oct 2022 11:29:55 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AZmPxg_3nwkT6OhfPw0Ahl3jWdPw5h-9o3gDrJbyns6HF_akjC-CqEqnWz5tQjNE_7NWMGwNJ-S_irqfL7QIwr6zkLf9lViL0RsV&google_hm=EAIJzB8sS3OH7gFiK2AF6m8
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 66E8
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEPPW5WgxpBInZhBmagY9rDo&google_cver=1&google_push=AZmPxg8HQAU2ujPxseAECo9c9EoYCx0L1ghkMaqQLWn8jYRn4O7HH9ABlS5pZXQPcRJpnYt2lRCtmC9w...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTQwMTQ2NDIxMjIyNTAxMzQ0MA&google_push=AZmPxg8HQAU2ujPxseAECo9c9EoYCx0L1ghkMaqQLWn8jYRn4O7HH9ABlS5pZXQPcRJpnYt2lRCtmC...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTQwMTQ2NDIxMjIyNTAxMzQ0MA&google_push=AZmPxg8HQAU2ujPxseAECo9c9EoYCx0L1ghkMaqQLWn8jYRn4O7HH9ABlS5pZXQPcRJpnYt2lRCtmC9w5s-0sy2fpJtW-o8jlG40
Requested by
Host: eae788224dba35857150c6163776964a.safeframe.googlesyndication.com
URL: https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.253.118.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 11:29:56 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 01 Oct 2022 11:29:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTQwMTQ2NDIxMjIyNTAxMzQ0MA&google_push=AZmPxg8HQAU2ujPxseAECo9c9EoYCx0L1ghkMaqQLWn8jYRn4O7HH9ABlS5pZXQPcRJpnYt2lRCtmC9w5s-0sy2fpJtW-o8jlG40
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame 66E8
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEPq4ZEhTrIewBhEOrzm0VP0&google_cver=1&google_push=AZmPxg9e3yvhavuPyDvpOy3v1_hnVcvW_MRD3hhqKLMo8jxPRwvjrTtAbLIfvqxI-hDeEnCfJUT210IdYvQ-P...
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AZmPxg9e3yvhavuPyDvpOy3v1_hnVcvW_MRD3hhqKLMo8jxPRwvjrTtAbLIfvqxI-hDeEnCfJUT210IdYvQ-P3s78CXICd30TImU&google_hm=Z1U0NGFLb0lZZGNnUkpt...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AZmPxg9e3yvhavuPyDvpOy3v1_hnVcvW_MRD3hhqKLMo8jxPRwvjrTtAbLIfvqxI-hDeEnCfJUT210IdYvQ-P3s78CXICd30TImU&google_hm=Z1U0NGFLb0lZZGNnUkptU3Q2cmk=
Requested by
Host: eae788224dba35857150c6163776964a.safeframe.googlesyndication.com
URL: https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.253.118.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 11:29:56 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 01 Oct 2022 11:29:56 GMT
Content-Type
text/html; charset=utf-8
Location
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AZmPxg9e3yvhavuPyDvpOy3v1_hnVcvW_MRD3hhqKLMo8jxPRwvjrTtAbLIfvqxI-hDeEnCfJUT210IdYvQ-P3s78CXICd30TImU&google_hm=Z1U0NGFLb0lZZGNnUkptU3Q2cmk=
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
236
Expires
Thu, 01 Dec 1994 16:00:00 GMT
spacer.gif
an.yandex.ru/resource/ Frame 66E8
Redirect Chain
  • https://an.yandex.ru/mapuid/google/CAESEJKca8EJ0_RDS4L-n3Pq6u4?ext-param=AZmPxg_oQYHLRuYnYrqEaexaKswN1NlTyFlSiqAmkraSz69VwiHaykL9qhvverznLPx-e0a3r6q1igt8-tATyrAChh6n4EalGmke1Q&partner-tag=yandex_ag...
  • https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEJKca8EJ0_RDS4L-n3Pq6u4&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
  • https://an.yandex.ru/resource/spacer.gif
43 B
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/resource/spacer.gif
Requested by
Host: eae788224dba35857150c6163776964a.safeframe.googlesyndication.com
URL: https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
213.180.193.90 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
bs.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 11:29:57 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Wed, 18 Apr 2001 10:28:03 GMT
content-type
image/gif
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Sat, 16 Sep 2023 11:29:57 GMT

Redirect headers

pragma
no-cache
date
Sat, 01 Oct 2022 11:29:56 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://an.yandex.ru/resource/spacer.gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
237
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 66E8 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IxDotWOcVRpwrP4uW_FwLCmJBLCpgFfcB7sNFbfo3CXIkOu5SrL75JuMMG
Requested by
Host: eae788224dba35857150c6163776964a.safeframe.googlesyndication.com
URL: https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 11:29:56 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
dpixel
cms.quantserve.com/ Frame AB20 		35 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEExNAypDvUrNiceOZ4NyWsk&google_cver=1&google_push=AZmPxg-eAeNiA8Azbv8WILsOhEVSvmogHpd9oBe-CvQUdMwB2ErO4GlASL-y2LHjbodzyMVNERzE9_dzgFKt4moZiL4n3Pu0Joyn3PGzenGlafb8NecHzEGLK31LLLg3ZTmvoGND61xi0WzAuf3zji2doJ4
Requested by
Host: eae788224dba35857150c6163776964a.safeframe.googlesyndication.com
URL: https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.229.10.211 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 01 Oct 2022 11:29:56 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
strict-transport-security
max-age=86400
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame AB20
Redirect Chain
  • https://ipac.ctnsnet.com/int/cm?exc=1&acc=crimtan_au&google_gid=CAESEES2FtrR1s9AQtG9nC0u9vQ&google_cver=1&google_push=AZmPxg9P6ZlOHumAD3LFiVk_7y21v2xsNAhw7xDxDy4HXugDWCJYO8bnt1m1GlPcnpR2GwvsqBS8nvk...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AZmPxg9P6ZlOHumAD3LFiVk_7y21v2xsNAhw7xDxDy4HXugDWCJYO8bnt1m1GlPcnpR2GwvsqBS8nvkJ1XwbDsxkf8hyNRlNFVSoNTzV4MfHO8m4sgucIgCZJdvfVhO9...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AZmPxg9P6ZlOHumAD3LFiVk_7y21v2xsNAhw7xDxDy4HXugDWCJYO8bnt1m1GlPcnpR2GwvsqBS8nvkJ1XwbDsxkf8hyNRlNFVSoNTzV4MfHO8m4sgucIgCZJdvfVhO9aHd-v4pOKMjyyhQAJVgORLIzrPw&google_hm=EAIJzB8sS3OH7gFiK2AF6m8
Requested by
Host: eae788224dba35857150c6163776964a.safeframe.googlesyndication.com
URL: https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.253.118.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 11:29:56 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 01 Oct 2022 11:29:56 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AZmPxg9P6ZlOHumAD3LFiVk_7y21v2xsNAhw7xDxDy4HXugDWCJYO8bnt1m1GlPcnpR2GwvsqBS8nvkJ1XwbDsxkf8hyNRlNFVSoNTzV4MfHO8m4sgucIgCZJdvfVhO9aHd-v4pOKMjyyhQAJVgORLIzrPw&google_hm=EAIJzB8sS3OH7gFiK2AF6m8
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame AB20
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEPPW5WgxpBInZhBmagY9rDo&google_cver=1&google_push=AZmPxg-1T8qt8-z9dkeeIf_d1ZYvgIJXJLksXOpGmBi_WDIVbA1EgTwOW-zUbZ6CsK3aLBagbg3WuSmO...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTQwMTQ2NDIxMjIyNTAxMzQ0MA&google_push=AZmPxg-1T8qt8-z9dkeeIf_d1ZYvgIJXJLksXOpGmBi_WDIVbA1EgTwOW-zUbZ6CsK3aLBagbg3WuS...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTQwMTQ2NDIxMjIyNTAxMzQ0MA&google_push=AZmPxg-1T8qt8-z9dkeeIf_d1ZYvgIJXJLksXOpGmBi_WDIVbA1EgTwOW-zUbZ6CsK3aLBagbg3WuSmOWHtD-KM3_xQz5cZx-zhLTxpdCn0yGZ_xWFQZPdqnPL8BOvxI1mUCCTK7et5IVLqiXhmf-l3_3Zc
Requested by
Host: eae788224dba35857150c6163776964a.safeframe.googlesyndication.com
URL: https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.253.118.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 11:29:56 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 01 Oct 2022 11:29:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTQwMTQ2NDIxMjIyNTAxMzQ0MA&google_push=AZmPxg-1T8qt8-z9dkeeIf_d1ZYvgIJXJLksXOpGmBi_WDIVbA1EgTwOW-zUbZ6CsK3aLBagbg3WuSmOWHtD-KM3_xQz5cZx-zhLTxpdCn0yGZ_xWFQZPdqnPL8BOvxI1mUCCTK7et5IVLqiXhmf-l3_3Zc
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame AB20
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEPq4ZEhTrIewBhEOrzm0VP0&google_cver=1&google_push=AZmPxg9TlBYtrC6sK95JELZfu6sLpSdspLzr0VMp-e77l0gdp3FwTN6evOD-K2zimswnt_jZx4B5XMj4_87ZM...
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AZmPxg9TlBYtrC6sK95JELZfu6sLpSdspLzr0VMp-e77l0gdp3FwTN6evOD-K2zimswnt_jZx4B5XMj4_87ZMFmXLrRjchFnqmI1T9EQx-GDWxCtUfArh_l1HeUjh4jYIkG...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AZmPxg9TlBYtrC6sK95JELZfu6sLpSdspLzr0VMp-e77l0gdp3FwTN6evOD-K2zimswnt_jZx4B5XMj4_87ZMFmXLrRjchFnqmI1T9EQx-GDWxCtUfArh_l1HeUjh4jYIkGjjY08AaHNgBGdOrEBagGY6_4&google_hm=Z1U0NGFLb0lZZGNnUkptU3Q2cmk=
Requested by
Host: eae788224dba35857150c6163776964a.safeframe.googlesyndication.com
URL: https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.253.118.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 11:29:56 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 01 Oct 2022 11:29:56 GMT
Content-Type
text/html; charset=utf-8
Location
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AZmPxg9TlBYtrC6sK95JELZfu6sLpSdspLzr0VMp-e77l0gdp3FwTN6evOD-K2zimswnt_jZx4B5XMj4_87ZMFmXLrRjchFnqmI1T9EQx-GDWxCtUfArh_l1HeUjh4jYIkGjjY08AaHNgBGdOrEBagGY6_4&google_hm=Z1U0NGFLb0lZZGNnUkptU3Q2cmk=
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
291
Expires
Thu, 01 Dec 1994 16:00:00 GMT
spacer.gif
an.yandex.ru/resource/ Frame AB20
Redirect Chain
  • https://an.yandex.ru/mapuid/google/CAESEJKca8EJ0_RDS4L-n3Pq6u4?ext-param=AZmPxg_pdqMr_8k7PXWxjRxqUIVzfG2IccSVYuOCo3OkaN5CfzffFKehck3Y360VKDiEVsag3OWgf-aoSxQ6y0auwldVQ73b6YgnDNprWQOsuTecSudTWW-iNhM3...
  • https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEJKca8EJ0_RDS4L-n3Pq6u4&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
  • https://an.yandex.ru/resource/spacer.gif
43 B
78 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/resource/spacer.gif
Requested by
Host: eae788224dba35857150c6163776964a.safeframe.googlesyndication.com
URL: https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
213.180.193.90 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
bs.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 11:29:57 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Wed, 18 Apr 2001 10:28:03 GMT
content-type
image/gif
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Sat, 16 Sep 2023 11:29:57 GMT

Redirect headers

pragma
no-cache
date
Sat, 01 Oct 2022 11:29:56 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://an.yandex.ru/resource/spacer.gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
237
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame AB20 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KlN1CnNS01kQvQXey9yhSh72QH304jxSPOrXJr86li3LPJUBQdwVEDsw1Q
Requested by
Host: eae788224dba35857150c6163776964a.safeframe.googlesyndication.com
URL: https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 11:29:56 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
manifest.js
cdn.flashtalking.com/155251/3972320/ Frame DA81 		98 B
831 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.flashtalking.com/155251/3972320/manifest.js
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/frameworks/js/api/2/10/html5API.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
ca2fec6d9168102da4b08fad54e45776c3ac91fead7a22ffbf0ff78c37e05b2a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.flashtalking.com/155251/3972320/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 01 Oct 2022 11:29:56 GMT
Content-Encoding
gzip
x-amz-request-id
F0Q0CBCWZE8Z7C9D
Connection
Keep-Alive
Content-Length
105
x-amz-id-2
ODQi/sWW96NPmVYtpcsj0927CkdgP5LMxi6doYgSv3MKTLivI8jOlpICmvK1Y9PQxBxzYgATAqw=
Last-Modified
Tue, 05 Jul 2022 17:22:28 GMT
ETag
W/"21d18ebfda5d005e0fe378aaddd7e680"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
X-HW
1664623795.dop020.sy2.t,1664623795.cds024.sy2.shn,1664623796.dop020.sy2.t,1664623796.cds208.sy2.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=959
Accept-Ranges
bytes
usersync
usersync.gumgum.com/ Frame 6590
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=L8PU0VI1-22-89WR
  • https://usersync.gumgum.com/usersync?b=mag&i=L8PU0VI1-22-89WR
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=mag&i=L8PU0VI1-22-89WR
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Server
13.112.54.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sat, 01 Oct 2022 11:29:57 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://usersync.gumgum.com/usersync?b=mag&i=L8PU0VI1-22-89WR
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
dedf7fc216a5bbc739a54325e875a79f
Expires
0
adobe_logo.png
cdn.flashtalking.com/155251/3972320/images/ Frame DA81 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.flashtalking.com/155251/3972320/images/adobe_logo.png?1653659834747
Requested by
Host: eae788224dba35857150c6163776964a.safeframe.googlesyndication.com
URL: https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
d20adf76c715169e72fb1fa7b38d824d44750ee988ce2c7d0e6555839d1eed81

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.flashtalking.com/155251/3972320/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 01 Oct 2022 11:29:56 GMT
Content-Encoding
gzip
x-amz-request-id
V48KS7FJMF64AZZ1
Connection
Keep-Alive
Content-Length
1329
x-amz-id-2
IxPdLtzXMMsOJy+UHLEO8zC4QGsoq1U458FBdcEn/rK3rfkozCHylc0Xw5dq2Lt0fUIDEKv7Qu4=
Last-Modified
Tue, 05 Jul 2022 17:22:28 GMT
ETag
W/"9137bc3075cf822e7f88c7a6ea57eec5"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
image/png
Access-Control-Allow-Origin
*
X-HW
1664623795.dop020.sy2.t,1664623795.cds024.sy2.shn,1664623796.dop020.sy2.t,1664623796.cds023.sy2.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=615
Accept-Ranges
bytes
bg_black.jpg
cdn.flashtalking.com/155251/3972320/images/ Frame DA81 		4 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.flashtalking.com/155251/3972320/images/bg_black.jpg?1653659834747
Requested by
Host: eae788224dba35857150c6163776964a.safeframe.googlesyndication.com
URL: https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
173ff1ab35c037a6316d982ee5e6abcf6751c8a39454585401b886a741d3b333

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.flashtalking.com/155251/3972320/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 01 Oct 2022 11:29:56 GMT
Content-Encoding
gzip
x-amz-request-id
ZNDE80AFK0RN9NA6
Connection
Keep-Alive
Content-Length
2046
x-amz-id-2
nujNMlTRtdZnSxahUnUzDW8NvuUYVEMCTeAq6i2/sNS6Eu0fuaMiWu8Yimw1dqNER4McyfJ14S0=
Last-Modified
Tue, 05 Jul 2022 17:22:28 GMT
ETag
W/"3239faa7029afa658cfc82fedd1bbf58"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
X-HW
1664623795.dop020.sy2.t,1664623795.cds024.sy2.shn,1664623796.dop020.sy2.t,1664623796.cds023.sy2.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=696
Accept-Ranges
bytes
manifest.js
cdn.flashtalking.com/155251/3972322/ Frame 5C5A 		99 B
807 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.flashtalking.com/155251/3972322/manifest.js
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/frameworks/js/api/2/10/html5API.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
a673cc4b8d035afebd4faf1a62394d9919e23b2ffd552aaca01928dbe519fcef

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.flashtalking.com/155251/3972322/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 01 Oct 2022 11:29:56 GMT
Content-Encoding
gzip
x-amz-request-id
YXS72M5FBTHAAE2S
Connection
Keep-Alive
Content-Length
105
x-amz-id-2
u+qUyF3otuFN1TfjLntZQ2oAtucUG86h0JPYHSoMpZWWnIYPWk82I5RO8vl92uHzceKe5zgqbkQ=
Last-Modified
Tue, 05 Jul 2022 17:22:31 GMT
ETag
W/"9653645e0084283f027d77bb6ad852fe"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
X-HW
1664623796.dop020.sy2.shc,1664623796.dop020.sy2.t,1664623796.cds201.sy2.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=632
Accept-Ranges
bytes
visit.js
tps.doubleverify.com/ Frame B629 		1 KB
924 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=691&ttfrms=34&brid=3&brver=89.0.4389.72&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5D38b%5D4%40TauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5D38b%5D4%40Tar9EEADTbpTauTau626fggaac532bdgdf%60d_4e%60ebffehec2%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3EU2%26C%3Dl9EEADTbpTauTauHHH%5D38b%5D4%40Tau2TauB%3A2%3F8%5C%3F%3A%5C52%3A%5CAF%5C%3F2%3F%5CD96%3F%5C%3B%3A%5C%3D2%40%5C%60bDF%3A%5C%3C6%5C%3F6%3F8%5CJF2%3F%5CJ%3A%3F%5CAF%5C8F2%3F8%5D9E%3E%3D&srcurlD=0&aUrlD=-1&ssl=https:&dfs=4044&ddur=209&uid=1664623796858285&jsCallback=dvCallback_1664623796858875&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=90&winw=728&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=3094&tgjsver=3094&lvvn=28&m1=13&refD=1&referrer=https%3A%2F%2Feae788224dba35857150c6163776964a.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&fcifrms=18&brh=2&sdf=2&dvp_epl=392&noc=4&nav_pltfrm=Win32&ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&adsrv=0&advid=3398311&turl=https://www.bg3.co/a/qiang-ni-dai-pu-nan-shen-ji-lao-13sui-ke-neng-yuan-yin-pu-guang.html&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_DV_CT=1&DVP_PP_ID=3&DVPX_PP_IMP_ID=ABAjH0hWE6741yOO4XGrzR2RSibP&DVP_DBM_1=3060631&DVP_DBM_2=11726559&DVP_DBM_3=18211405561&DVP_DBM_4=209102335&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=881479034793&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_tcnt=2&dvp_sukv=1027898668.0991373&dvp_tukv=412284.38097406796&dvp_uuid=428763060.85078675&dvp_strhd=0.20000004768371582&dvpx_strhd=0.20000004768371582&dvp_tuid=1499525902146
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements3094.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.149.43.113 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
113.43.149.34.bc.googleusercontent.com
Software
/
Resource Hash
f2867f449fe076e59c937c5077d34583e68348e51262cc9912bb642366fb7ea4

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 01 Oct 2022 11:29:57 GMT
Content-Encoding
br
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=0
Connection
close
Expires
09/30/2022 11:29:57
css
fonts.googleapis.com/ Frame 958B 		4 KB
717 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=1600x250&w=1600&h=250&ptt=12&adk=2733026255&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-328203967645347522&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=470780615&nhd=0&adx=0&ady=4465&oid=2&is_amp=5&amp_v=2209142312000&d_imp=1&c=1001285&ga_cid=amp-lfEJphMrir-y-H01hMFB_A&ga_hid=1285&dt=1664623786810&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fqiang-ni-dai-pu-nan-shen-ji-lao-13sui-ke-neng-yuan-yin-pu-guang.html&bdt=2473&dtd=457&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f95.1e100.net
Software
ESF /
Resource Hash
46d1791d45e9e6840842ef90f192c2c6f1f4247baa7c1f32f2da75d3a05c0de2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 01 Oct 2022 11:29:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 01 Oct 2022 10:32:13 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 01 Oct 2022 11:29:57 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/ Frame 958B 		2 KB
902 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=1600x250&w=1600&h=250&ptt=12&adk=2733026255&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-328203967645347522&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=470780615&nhd=0&adx=0&ady=4465&oid=2&is_amp=5&amp_v=2209142312000&d_imp=1&c=1001285&ga_cid=amp-lfEJphMrir-y-H01hMFB_A&ga_hid=1285&dt=1664623786810&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fqiang-ni-dai-pu-nan-shen-ji-lao-13sui-ke-neng-yuan-yin-pu-guang.html&bdt=2473&dtd=457&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
cafe /
Resource Hash
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 08:13:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
11807
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
875
x-xss-protection
0
server
cafe
etag
16974406330603315520
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 15 Oct 2022 08:13:09 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220928/r20110914/ Frame 958B 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220928/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=1600x250&w=1600&h=250&ptt=12&adk=2733026255&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-328203967645347522&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=470780615&nhd=0&adx=0&ady=4465&oid=2&is_amp=5&amp_v=2209142312000&d_imp=1&c=1001285&ga_cid=amp-lfEJphMrir-y-H01hMFB_A&ga_hid=1285&dt=1664623786810&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fqiang-ni-dai-pu-nan-shen-ji-lao-13sui-ke-neng-yuan-yin-pu-guang.html&bdt=2473&dtd=457&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
cafe /
Resource Hash
dd080c89636f8576e3364bea0867f18be3a32daa72d766da336cbb80ba5fb407
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 10:27:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3763
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9561
x-xss-protection
0
server
cafe
etag
483224313611802536
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 15 Oct 2022 10:27:13 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/ Frame 958B 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=1600x250&w=1600&h=250&ptt=12&adk=2733026255&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-328203967645347522&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=470780615&nhd=0&adx=0&ady=4465&oid=2&is_amp=5&amp_v=2209142312000&d_imp=1&c=1001285&ga_cid=amp-lfEJphMrir-y-H01hMFB_A&ga_hid=1285&dt=1664623786810&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fqiang-ni-dai-pu-nan-shen-ji-lao-13sui-ke-neng-yuan-yin-pu-guang.html&bdt=2473&dtd=457&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 10:26:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3808
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 15 Oct 2022 10:26:29 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/ Frame 958B 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=1600x250&w=1600&h=250&ptt=12&adk=2733026255&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-328203967645347522&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=470780615&nhd=0&adx=0&ady=4465&oid=2&is_amp=5&amp_v=2209142312000&d_imp=1&c=1001285&ga_cid=amp-lfEJphMrir-y-H01hMFB_A&ga_hid=1285&dt=1664623786810&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fqiang-ni-dai-pu-nan-shen-ji-lao-13sui-ke-neng-yuan-yin-pu-guang.html&bdt=2473&dtd=457&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
cafe /
Resource Hash
86d8e892ceacd8c8a7e7125c68dd0e1b311f8399871b6d64b8b6795f0235c1d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 10:46:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2606
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7559
x-xss-protection
0
server
cafe
etag
15289875785628835784
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 15 Oct 2022 10:46:30 GMT
l
www.google.com/ads/measurement/ Frame 958B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQraPsbQi5_SUpKOaHBi5p4pIMnaEVh8wBkq1xThxUfMSyviG4BRYjjJCsNEruDYVyKGkwF4e-DbE9G5bKpMcQt6tNDrQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=1600x250&w=1600&h=250&ptt=12&adk=2733026255&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-328203967645347522&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=470780615&nhd=0&adx=0&ady=4465&oid=2&is_amp=5&amp_v=2209142312000&d_imp=1&c=1001285&ga_cid=amp-lfEJphMrir-y-H01hMFB_A&ga_hid=1285&dt=1664623786810&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fqiang-ni-dai-pu-nan-shen-ji-lao-13sui-ke-neng-yuan-yin-pu-guang.html&bdt=2473&dtd=457&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f105.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 958B 		140 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=1600x250&w=1600&h=250&ptt=12&adk=2733026255&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-328203967645347522&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=470780615&nhd=0&adx=0&ady=4465&oid=2&is_amp=5&amp_v=2209142312000&d_imp=1&c=1001285&ga_cid=amp-lfEJphMrir-y-H01hMFB_A&ga_hid=1285&dt=1664623786810&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fqiang-ni-dai-pu-nan-shen-ji-lao-13sui-ke-neng-yuan-yin-pu-guang.html&bdt=2473&dtd=457&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
sffe /
Resource Hash
da8438b81e390283f6eb8cc9cf49ccde3d00c954b4fbccdf6372c162c4b58ab2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 11:29:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44530
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1664365478704152"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 01 Oct 2022 11:29:57 GMT
270cb447f650f22be90b4349b85576c2.js
www.gstatic.com/mysidia/ Frame 958B 		32 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/270cb447f650f22be90b4349b85576c2.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=1600x250&w=1600&h=250&ptt=12&adk=2733026255&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-328203967645347522&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=470780615&nhd=0&adx=0&ady=4465&oid=2&is_amp=5&amp_v=2209142312000&d_imp=1&c=1001285&ga_cid=amp-lfEJphMrir-y-H01hMFB_A&ga_hid=1285&dt=1664623786810&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fqiang-ni-dai-pu-nan-shen-ji-lao-13sui-ke-neng-yuan-yin-pu-guang.html&bdt=2473&dtd=457&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f94.1e100.net
Software
sffe /
Resource Hash
7a0049831d92582305911a42f5ed743a1fbd56c69247dddca678d36c9d71b85e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 05:55:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
106475
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13677
x-xss-protection
0
last-modified
Tue, 27 Sep 2022 00:52:44 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 29 Dec 2022 05:55:22 GMT
cv1.png
cdn.flashtalking.com/155251/3972320/images/ Frame DA81 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.flashtalking.com/155251/3972320/images/cv1.png?1653659834747
Requested by
Host: eae788224dba35857150c6163776964a.safeframe.googlesyndication.com
URL: https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
21f24c1c8d9c305c9ecf5328478aa9db3bfbde3521ce768aaa83b2feba23c68c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.flashtalking.com/155251/3972320/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 01 Oct 2022 11:29:56 GMT
Last-Modified
Tue, 05 Jul 2022 17:22:28 GMT
x-amz-request-id
ZW6FHNQBHWNPPSVG
ETag
W/"46f323ec53438a79d6d383fd6678ebf1"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
image/png
Access-Control-Allow-Origin
*
X-HW
1664623796.dop020.sy2.shc,1664623796.dop020.sy2.t,1664623796.cds204.sy2.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=209
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
5078
x-amz-id-2
raLuYVdO+G2ke4plTE9RqoaR21UEC9XqNydpX5q5bNU0V3em2sD4wnnrb4uYCtqOAAlbK5ak8go=
adview
googleads.g.doubleclick.net/pagead/ Frame 958B 		0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CkFqHtCQ4Y8TIB9yNpt8P59KNuAKL6fW0ZoKl--OLDPfSor3AARABIM_m1XtgpYCAgJABoAGwuqHXA8gBCakCFoTab7hxsD6oAwHIA9sEqgSuAk_Q7Vzhe--S3wt0Kow634hs7oXi2So3W-fwxBTmty2Xa1cN_mbx_O4pSa0_3B7tKF0HeHYl3oWvKgRIMXFA0y5ijKDf2tk64S8pW7aXpMIYSE5YzqrnJbXAMu9he9_9aBnl5HWGjxtPAap7-mtTEvvXvlhtNVZXemGbbnMuIQg6ojIGgX6SY5_wuAwl00bKbMmthHqYQsU88RyrtEeRj3Fv1ot8S32nu6JfMG2FLbeGBmkdIH5PvetYmbc_QlgBlycOIthZDJZCf_hwbB5H5-Oks0lSUFbnPxxQtBGCgfQEpbuQJ6mHLjH-tiq8-RuEw9794dalmeEP4LToC_Xw5CSIIHVYKYrTrWQSYuxkmzP8dX-ZObbjvUCmlnKD1Eqge4_DUeQiM-VDO4_TG7ZEwAS939O6owOSBQQIBBgBkgUECAUYBKAGLoAHytqbZagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB6a-G9gHAPIHBBCiqAHSCA8IgGEQARgfMgKKAjoCgECACgHICwHYEwyIFALQFQGAFwGyFxwKGggAEhRwdWItMzIxNjIzMTkzNTcxMzAzOBgA&sigh=0k2-n8OhgV8&uach_m=[UACH]&template_id=494&vis=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=1600x250&w=1600&h=250&ptt=12&adk=2733026255&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-328203967645347522&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=470780615&nhd=0&adx=0&ady=4465&oid=2&is_amp=5&amp_v=2209142312000&d_imp=1&c=1001285&ga_cid=amp-lfEJphMrir-y-H01hMFB_A&ga_hid=1285&dt=1664623786810&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fqiang-ni-dai-pu-nan-shen-ji-lao-13sui-ke-neng-yuan-yin-pu-guang.html&bdt=2473&dtd=457&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=1600x250&w=1600&h=250&ptt=12&adk=2733026255&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-328203967645347522&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=470780615&nhd=0&adx=0&ady=4465&oid=2&is_amp=5&amp_v=2209142312000&d_imp=1&c=1001285&ga_cid=amp-lfEJphMrir-y-H01hMFB_A&ga_hid=1285&dt=1664623786810&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fqiang-ni-dai-pu-nan-shen-ji-lao-13sui-ke-neng-yuan-yin-pu-guang.html&bdt=2473&dtd=457&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sat, 01 Oct 2022 11:29:57 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
visit.js
tps.doubleverify.com/ Frame D699 		1 KB
922 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=749&ttfrms=8&brid=3&brver=89.0.4389.72&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5D38b%5D4%40TauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5D38b%5D4%40Tar9EEADTbpTauTau626fggaac532bdgdf%60d_4e%60ebffehec2%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3EU2%26C%3Dl9EEADTbpTauTauHHH%5D38b%5D4%40Tau2TauB%3A2%3F8%5C%3F%3A%5C52%3A%5CAF%5C%3F2%3F%5CD96%3F%5C%3B%3A%5C%3D2%40%5C%60bDF%3A%5C%3C6%5C%3F6%3F8%5CJF2%3F%5CJ%3A%3F%5CAF%5C8F2%3F8%5D9E%3E%3D&srcurlD=0&aUrlD=-1&ssl=https:&dfs=4063&ddur=210&uid=1664623796933208&jsCallback=dvCallback_1664623796933150&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=250&winw=300&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=3094&tgjsver=3094&lvvn=28&m1=13&refD=1&referrer=https%3A%2F%2Feae788224dba35857150c6163776964a.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&fcifrms=18&brh=2&sdf=2&dvp_epl=392&noc=4&nav_pltfrm=Win32&ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&adsrv=0&advid=3398311&turl=https://www.bg3.co/a/qiang-ni-dai-pu-nan-shen-ji-lao-13sui-ke-neng-yuan-yin-pu-guang.html&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_DV_CT=1&DVP_PP_ID=3&DVPX_PP_IMP_ID=ABAjH0iQsoC-EN9yFFC3J7OSBHSY&DVP_DBM_1=3060631&DVP_DBM_2=11726559&DVP_DBM_3=18211405561&DVP_DBM_4=209104999&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=881479034793&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_tcnt=2&dvp_sukv=42306225791.761765&dvp_tukv=58593707950.34042&dvp_uuid=152381440964.87027&dvp_strhd=0.09999990463256836&dvpx_strhd=0.09999990463256836&dvp_tuid=989834171112
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements3094.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.149.43.113 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
113.43.149.34.bc.googleusercontent.com
Software
/
Resource Hash
a767a533f3ce1f00d117597e43d0b91638d73bf94ad763e63886bc4c1667fd7e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 01 Oct 2022 11:29:57 GMT
Content-Encoding
br
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=0
Connection
close
Expires
09/30/2022 11:29:57
truncated
/ Frame 958B 		287 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
605b14697226eeb0be6b2c11db8206b70f4c8681c3f921e4ceca4793ce1a95ce

Request headers

Referer
Origin
https://googleads.g.doubleclick.net
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
562616355818907787
tpc.googlesyndication.com/simgad/ Frame 958B
Redirect Chain
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDr6bKiUhCACBiACDIIJYu_i1lmA0E
  • https://tpc.googlesyndication.com/simgad/562616355818907787
8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/562616355818907787
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=1600x250&w=1600&h=250&ptt=12&adk=2733026255&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-328203967645347522&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=470780615&nhd=0&adx=0&ady=4465&oid=2&is_amp=5&amp_v=2209142312000&d_imp=1&c=1001285&ga_cid=amp-lfEJphMrir-y-H01hMFB_A&ga_hid=1285&dt=1664623786810&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fqiang-ni-dai-pu-nan-shen-ji-lao-13sui-ke-neng-yuan-yin-pu-guang.html&bdt=2473&dtd=457&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Protocol
H3
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
484ec1c347c17d7d3b98d5058aa5d90bb5c7315f3a67f44611e902de4be50831
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 11:13:57 GMT
x-content-type-options
nosniff
age
346560
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8502
x-xss-protection
0
last-modified
Mon, 11 Mar 2019 12:51:13 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 27 Sep 2023 11:13:57 GMT

Redirect headers

date
Sat, 01 Oct 2022 07:54:57 GMT
x-content-type-options
nosniff
server
cafe
age
12900
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://tpc.googlesyndication.com/simgad/562616355818907787
content-type
text/html; charset=UTF-8
cache-control
public, max-age=2592000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Mon, 31 Oct 2022 07:54:57 GMT
visit.js
tps.doubleverify.com/ Frame 243F 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=647&ttfrms=7&brid=3&brver=89.0.4389.72&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5D38b%5D4%40TauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5D38b%5D4%40Tar9EEADTbpTauTau626fggaac532bdgdf%60d_4e%60ebffehec2%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3EU2%26C%3Dl9EEADTbpTauTauHHH%5D38b%5D4%40Tau2TauB%3A2%3F8%5C%3F%3A%5C52%3A%5CAF%5C%3F2%3F%5CD96%3F%5C%3B%3A%5C%3D2%40%5C%60bDF%3A%5C%3C6%5C%3F6%3F8%5CJF2%3F%5CJ%3A%3F%5CAF%5C8F2%3F8%5D9E%3E%3D&srcurlD=0&aUrlD=-1&ssl=https:&dfs=4044&ddur=209&uid=1664623796982146&jsCallback=dvCallback_1664623796982875&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=90&winw=728&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=3094&tgjsver=3094&lvvn=28&m1=13&refD=1&referrer=https%3A%2F%2Feae788224dba35857150c6163776964a.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&fcifrms=18&brh=2&sdf=2&dvp_epl=392&noc=4&nav_pltfrm=Win32&ctx=1828362&cmp=115740&sid=18330&plc=4168949&crt=3972320&btreg=4168949&btadsrv=flashtalking&adsrv=29&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&dvp_ftimpid=4B52E36A-6A99-2CF5-890A-5A90A7AFBA67&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_tcnt=2&dvp_sukv=1027898668.0991373&dvp_tukv=1649185866.616179&dvp_uuid=124809026469.11284&dvp_strhd=0.10000002384185791&dvpx_strhd=0.10000002384185791&dvp_tuid=895244385269
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements3094.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.149.43.113 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
113.43.149.34.bc.googleusercontent.com
Software
/
Resource Hash
78bdc0c4c6911e0c65402e638405914c6ae93b8c4a39e6081a117e0b3727a344

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 01 Oct 2022 11:29:57 GMT
Content-Encoding
br
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=0
Connection
close
Expires
09/30/2022 11:29:57
visit.js
tps.doubleverify.com/ Frame 800F 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=630&ttfrms=6&brid=3&brver=89.0.4389.72&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5D38b%5D4%40TauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5D38b%5D4%40Tar9EEADTbpTauTau626fggaac532bdgdf%60d_4e%60ebffehec2%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3EU2%26C%3Dl9EEADTbpTauTauHHH%5D38b%5D4%40Tau2TauB%3A2%3F8%5C%3F%3A%5C52%3A%5CAF%5C%3F2%3F%5CD96%3F%5C%3B%3A%5C%3D2%40%5C%60bDF%3A%5C%3C6%5C%3F6%3F8%5CJF2%3F%5CJ%3A%3F%5CAF%5C8F2%3F8%5D9E%3E%3D&srcurlD=0&aUrlD=-1&ssl=https:&dfs=4063&ddur=210&uid=1664623796999382&jsCallback=dvCallback_1664623796999171&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=250&winw=300&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=3094&tgjsver=3094&lvvn=28&m1=13&refD=1&referrer=https%3A%2F%2Feae788224dba35857150c6163776964a.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&fcifrms=18&brh=2&sdf=2&dvp_epl=392&noc=4&nav_pltfrm=Win32&ctx=1828362&cmp=115740&sid=18330&plc=4168947&crt=3972322&btreg=4168947&btadsrv=flashtalking&adsrv=29&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&dvp_ftimpid=CA37A905-B4C6-5693-F348-A56CD1A7E8CF&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_tcnt=2&dvp_sukv=42306225791.761765&dvp_tukv=22309612116.514793&dvp_uuid=61116013726.471855&dvp_strhd=0.10000002384185791&dvpx_strhd=0.10000002384185791&dvp_tuid=1199384838326
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements3094.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.149.43.113 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
113.43.149.34.bc.googleusercontent.com
Software
/
Resource Hash
431a58dc58897302880473db8210721f9844aa1e1b0b6c29d9fa3b602ff645e0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 01 Oct 2022 11:29:57 GMT
Content-Encoding
br
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=0
Connection
close
Expires
09/30/2022 11:29:57
lgc
d9.flashtalking.com/ Frame EBCF 		118 B
774 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d9.flashtalking.com/lgc
Requested by
Host: d9.flashtalking.com
URL: https://d9.flashtalking.com/d9core
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.136.78.69 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-136-78-69.ap-southeast-1.compute.amazonaws.com
Software
Apache/2.4.52 () OpenSSL/1.0.2k-fips /
Resource Hash
08d787deb8e2e00d4adce7b4186d6d50d387db6ebdf00a9ef2ccec1f61797d28

Request headers

Referer
https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Date
Sat, 01 Oct 2022 11:29:57 GMT
Server
Apache/2.4.52 () OpenSSL/1.0.2k-fips
Access-Control-Allow-Methods
GET,POST,SERVER
P3P
policyref="localhost/w3c/D9_p3p_.xml", CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Access-Control-Allow-Origin
https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com
Content-Type
application/json;charset=ISO-8859-1
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
118
lgc
d9.flashtalking.com/ Frame 3777 		118 B
774 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d9.flashtalking.com/lgc
Requested by
Host: d9.flashtalking.com
URL: https://d9.flashtalking.com/d9core
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.136.78.69 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-136-78-69.ap-southeast-1.compute.amazonaws.com
Software
Apache/2.4.52 () OpenSSL/1.0.2k-fips /
Resource Hash
9b25ba5eb1422c9f8c8d2cd239ac3d161817b9a432fd5f790fe57f07ac07add8

Request headers

Referer
https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Date
Sat, 01 Oct 2022 11:29:56 GMT
Server
Apache/2.4.52 () OpenSSL/1.0.2k-fips
Access-Control-Allow-Methods
GET,POST,SERVER
P3P
policyref="localhost/w3c/D9_p3p_.xml", CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Access-Control-Allow-Origin
https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com
Content-Type
application/json;charset=ISO-8859-1
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
118
adobe_logo.png
cdn.flashtalking.com/155251/3972322/images/ Frame 5C5A 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.flashtalking.com/155251/3972322/images/adobe_logo.png?1653659805970
Requested by
Host: eae788224dba35857150c6163776964a.safeframe.googlesyndication.com
URL: https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
d20adf76c715169e72fb1fa7b38d824d44750ee988ce2c7d0e6555839d1eed81

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.flashtalking.com/155251/3972322/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 01 Oct 2022 11:29:57 GMT
Last-Modified
Tue, 05 Jul 2022 17:22:30 GMT
x-amz-request-id
3JBWDQH2Q634ZX38
ETag
W/"9137bc3075cf822e7f88c7a6ea57eec5"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
image/png
Access-Control-Allow-Origin
*
X-HW
1664623796.dop020.sy2.shc,1664623797.dop020.sy2.t,1664623797.cds207.sy2.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=1104
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
1309
x-amz-id-2
vdmTWevhZRzKw1u65PVTl1NoDwvbqbcardTCasDkdcIrKnT/zeQHelzaKGco2J3Z42Pc/VFhYgg=
cv2.png
cdn.flashtalking.com/155251/3972320/images/ Frame DA81 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.flashtalking.com/155251/3972320/images/cv2.png?1653659834747
Requested by
Host: eae788224dba35857150c6163776964a.safeframe.googlesyndication.com
URL: https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
c23465d5bff08766dcf268b88e13461c6ce4d0c7f5d697598944b8bc437bb29f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.flashtalking.com/155251/3972320/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 01 Oct 2022 11:29:57 GMT
Content-Encoding
gzip
x-amz-request-id
Q8W0BWSK32V4J0JR
Connection
Keep-Alive
Content-Length
2309
x-amz-id-2
PPym6uvzLITTg1jvzBLrPbMuR1S5BsMCUK2QJOgh6xaDIoDPKh2F3fMvFeh8VA7gBpgmsCRobvI=
Last-Modified
Tue, 05 Jul 2022 17:22:28 GMT
ETag
W/"1f4a349dbfc3e7d64e6256ffbfe3157f"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
image/png
Access-Control-Allow-Origin
*
X-HW
1664623795.dop020.sy2.t,1664623795.cds024.sy2.shn,1664623796.dop020.sy2.t,1664623797.cds023.sy2.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=704
Accept-Ranges
bytes
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame C926 		1 KB
755 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=1600x250&w=1600&h=250&ptt=12&adk=2733026255&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-328203967645347522&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=470780615&nhd=0&adx=0&ady=4465&oid=2&is_amp=5&amp_v=2209142312000&d_imp=1&c=1001285&ga_cid=amp-lfEJphMrir-y-H01hMFB_A&ga_hid=1285&dt=1664623786810&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fqiang-ni-dai-pu-nan-shen-ji-lao-13sui-ke-neng-yuan-yin-pu-guang.html&bdt=2473&dtd=457&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
60656
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 30 Sep 2022 18:39:01 GMT
etag
48472445140208031
expires
Sat, 01 Oct 2022 18:39:01 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 958B 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
08a47e9edadf59b0492102ff9bb07ad592cf36b7f564e03245338d69bc7bfebd

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
bg_black.jpg
cdn.flashtalking.com/155251/3972322/images/ Frame 5C5A 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.flashtalking.com/155251/3972322/images/bg_black.jpg?1653659805970
Requested by
Host: eae788224dba35857150c6163776964a.safeframe.googlesyndication.com
URL: https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
b70cc9f1a2d7f477e54b9b2e3eceae9789ca29a5328c540e2a394ebdef461a60

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.flashtalking.com/155251/3972322/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 01 Oct 2022 11:29:57 GMT
Last-Modified
Tue, 05 Jul 2022 17:22:30 GMT
x-amz-request-id
GWRD1S322NZT37C7
ETag
W/"6c92f13685f6c0c1af7f3bfd4165ddde"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
X-HW
1664623796.dop020.sy2.shc,1664623797.dop020.sy2.t,1664623797.cds206.sy2.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=39
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
7439
x-amz-id-2
/RZXyuoRvAXiZgNWbbZsUipQsXhMVDhKewlynqccSa73VaF5hIiRMWJbONEc3CKAJH0m1W1+MJE=
cv3.png
cdn.flashtalking.com/155251/3972320/images/ Frame DA81 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.flashtalking.com/155251/3972320/images/cv3.png?1653659834747
Requested by
Host: eae788224dba35857150c6163776964a.safeframe.googlesyndication.com
URL: https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
83502e3e2d5c3de417af7c8f994f334ab7d80170f764201ef2e8167819afd960

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.flashtalking.com/155251/3972320/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 01 Oct 2022 11:29:57 GMT
Last-Modified
Tue, 05 Jul 2022 17:22:28 GMT
x-amz-request-id
EJR60HESZ6E879HD
ETag
W/"921e2bddd3029ac7a83f4b5412edf214"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
image/png
Access-Control-Allow-Origin
*
X-HW
1664623795.dop020.sy2.t,1664623795.cds024.sy2.shn,1664623797.dop020.sy2.t,1664623797.cds018.sy2.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=243
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
11248
x-amz-id-2
0M79TUzIFR4/CCSdz/oe9bs3JbVhLpG+g8bhrb930qgeI5BMon0D9/+QH/ncWEN7DJ+hbhydQGw=
SPug
simage4.pubmatic.com/AdServer/ Frame A1CC 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=159463&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3076253916830339000V10%26type%3Dpba%26refUrl%3D%26vid%3D46237939413076253916830339000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.85 Los Angeles, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 11:29:57 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
img.png
d9.flashtalking.com/img/ Frame EBCF 		70 B
326 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9.flashtalking.com/img/img.png?cnx=cfca86791cc2864d289b30d18b696a8e
Requested by
Host: eae788224dba35857150c6163776964a.safeframe.googlesyndication.com
URL: https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.136.78.69 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-136-78-69.ap-southeast-1.compute.amazonaws.com
Software
Apache/2.4.52 () OpenSSL/1.0.2k-fips /
Resource Hash
f3ca3118d9eceb4028fb8b62693e34913badaedfc8d62eed83ed744697bf12f9

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 01 Oct 2022 11:29:56 GMT
Access-Control-Allow-Credentials
true
Server
Apache/2.4.52 () OpenSSL/1.0.2k-fips
Connection
keep-alive
Content-Length
70
Access-Control-Allow-Methods
GET,POST,SERVER
Content-Type
image/png
/
servedby.flashtalking.com/state/4168949;3972320;0;401;4B52E36A-6A99-2CF5-890A-5A90A7AFBA67/ Frame EBCF 		42 B
419 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://servedby.flashtalking.com/state/4168949;3972320;0;401;4B52E36A-6A99-2CF5-890A-5A90A7AFBA67/?ft_data=d9:3d245955149f44a99c044a950fa74e87;d9s:3d245955149f44a99c044a950fa74e87&cachebuster=633934808
Requested by
Host: eae788224dba35857150c6163776964a.safeframe.googlesyndication.com
URL: https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.197.3.19 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
vip0x013.map2.ssl.hwcdn.net
Software
prod-xre-app5.syd11 /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 01 Oct 2022 11:29:57 GMT
Server
prod-xre-app5.syd11
X-HW
1664623795.dop020.sy2.t,1664623795.cds020.sy2.shn,1664623795.dop020.sy2.t,1664623797.cds206.sy2.sc,1664623797.cds206.sy2.p
Content-Type
image/gif
Cache-Control
no-cache, no-store
Connection
Keep-Alive
Content-Length
42
Expires
Fri, 01 Jan 1990 00:00:00 GMT
cv1.png
cdn.flashtalking.com/155251/3972322/images/ Frame 5C5A 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.flashtalking.com/155251/3972322/images/cv1.png?1653659805970
Requested by
Host: eae788224dba35857150c6163776964a.safeframe.googlesyndication.com
URL: https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
21f24c1c8d9c305c9ecf5328478aa9db3bfbde3521ce768aaa83b2feba23c68c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.flashtalking.com/155251/3972322/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 01 Oct 2022 11:29:57 GMT
Last-Modified
Tue, 05 Jul 2022 17:22:30 GMT
x-amz-request-id
GWRFPH4X9GAT29ZY
ETag
W/"46f323ec53438a79d6d383fd6678ebf1"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
image/png
Access-Control-Allow-Origin
*
X-HW
1664623796.dop020.sy2.shc,1664623797.dop020.sy2.t,1664623797.cds023.sy2.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=741
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
5078
x-amz-id-2
disQrPw1YZot84eWXyOg090qs0eTePsyBa2nNxwwshU+nHW0djokBjF0zRfLnaFJiCoLt9qrsvo=
img.png
d9.flashtalking.com/img/ Frame 3777 		70 B
326 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9.flashtalking.com/img/img.png?cnx=3dabb22c6691914d1abdc216ffc4f77b
Requested by
Host: eae788224dba35857150c6163776964a.safeframe.googlesyndication.com
URL: https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.136.78.69 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-136-78-69.ap-southeast-1.compute.amazonaws.com
Software
Apache/2.4.52 () OpenSSL/1.0.2k-fips /
Resource Hash
f3ca3118d9eceb4028fb8b62693e34913badaedfc8d62eed83ed744697bf12f9

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 01 Oct 2022 11:29:56 GMT
Access-Control-Allow-Credentials
true
Server
Apache/2.4.52 () OpenSSL/1.0.2k-fips
Connection
keep-alive
Content-Length
70
Access-Control-Allow-Methods
GET,POST,SERVER
Content-Type
image/png
/
servedby.flashtalking.com/state/4168947;3972322;0;401;CA37A905-B4C6-5693-F348-A56CD1A7E8CF/ Frame 3777 		42 B
420 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://servedby.flashtalking.com/state/4168947;3972322;0;401;CA37A905-B4C6-5693-F348-A56CD1A7E8CF/?ft_data=d9:ab0585085e6e4fa98e26dbda8402db73;d9s:ab0585085e6e4fa98e26dbda8402db73&cachebuster=264204861
Requested by
Host: eae788224dba35857150c6163776964a.safeframe.googlesyndication.com
URL: https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.197.3.19 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
vip0x013.map2.ssl.hwcdn.net
Software
prod-xre-app10.syd11 /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 01 Oct 2022 11:29:57 GMT
Server
prod-xre-app10.syd11
X-HW
1664623795.dop020.sy2.t,1664623795.cds201.sy2.shn,1664623795.dop020.sy2.t,1664623797.cds205.sy2.sc,1664623797.cds205.sy2.p
Content-Type
image/gif
Cache-Control
no-cache, no-store
Connection
Keep-Alive
Content-Length
42
Expires
Fri, 01 Jan 1990 00:00:00 GMT
cv4.png
cdn.flashtalking.com/155251/3972320/images/ Frame DA81 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.flashtalking.com/155251/3972320/images/cv4.png?1653659834747
Requested by
Host: eae788224dba35857150c6163776964a.safeframe.googlesyndication.com
URL: https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
4f0b3c6f49a501f95b830a10dee3fca97d1c3d0cf8f9ad9b2047a297c641e281

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.flashtalking.com/155251/3972320/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 01 Oct 2022 11:29:57 GMT
Last-Modified
Tue, 05 Jul 2022 17:22:28 GMT
x-amz-request-id
EJRBXSKDECE6HYPF
ETag
W/"212e313d1530d49ea824a3265aafff8c"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
image/png
Access-Control-Allow-Origin
*
X-HW
1664623795.dop020.sy2.t,1664623795.cds024.sy2.shn,1664623797.dop020.sy2.t,1664623797.cds022.sy2.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=391
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
11389
x-amz-id-2
b9RWLNBIYG1X0NRcvjqmo1S+P7xBV4E7SEFbveRTlhud7igkvuN2YxAkfCn0CvggLF3xVEpvv/Q=
event.png
tpsc-ae1.doubleverify.com/ Frame B629
Redirect Chain
  • https://cdn.doubleverify.com/redirect/?host=tpsc-ae1&param=akipv6&impid=d896405c1f7f415c89c4e73703743289&cbust=1664623797294631
  • https://tpsc-ae1.doubleverify.com/event.png?impid=d896405c1f7f415c89c4e73703743289&akipv6=
0
157 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpsc-ae1.doubleverify.com/event.png?impid=d896405c1f7f415c89c4e73703743289&akipv6=
Requested by
Host: eae788224dba35857150c6163776964a.safeframe.googlesyndication.com
URL: https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Server
34.149.43.113 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
113.43.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 01 Oct 2022 11:29:57 GMT
Cache-Control
max-age=0
Connection
close
Expires
09/30/2022 11:29:57

Redirect headers

Location
https://tpsc-ae1.doubleverify.com/event.png?impid=d896405c1f7f415c89c4e73703743289&akipv6=
Date
Sat, 01 Oct 2022 11:29:57 GMT
Server
AkamaiGHost
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame C926
Redirect Chain
  • https://rtb.openx.net/sync/dds?google_gid=CAESEFL3t308Hrh542-rTWQhbEk&google_cver=1&google_push=AZmPxg8VV_nsGyRL3aH8WiTSVhtk8bWc4NhcIKuY4_bCSaxt6SPtyizEci9v-mapgQ-uR9f4WJcAEuZTilIUbVut_TqEyLoU1Cwn
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AZmPxg8VV_nsGyRL3aH8WiTSVhtk8bWc4NhcIKuY4_bCSaxt6SPtyizEci9v-mapgQ-uR9f4WJcAEuZTilIUbVut_TqEyLoU1Cwn&google_hm=sES_IMV0xdoJtH0wfGOIuw==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AZmPxg8VV_nsGyRL3aH8WiTSVhtk8bWc4NhcIKuY4_bCSaxt6SPtyizEci9v-mapgQ-uR9f4WJcAEuZTilIUbVut_TqEyLoU1Cwn&google_hm=sES_IMV0xdoJtH0wfGOIuw==
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qiang-ni-dai-pu-nan-shen-ji-lao-13sui-ke-neng-yuan-yin-pu-guang.html
Protocol
H3
Server
172.253.118.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 11:29:57 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 01 Oct 2022 11:29:57 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
location
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AZmPxg8VV_nsGyRL3aH8WiTSVhtk8bWc4NhcIKuY4_bCSaxt6SPtyizEci9v-mapgQ-uR9f4WJcAEuZTilIUbVut_TqEyLoU1Cwn&google_hm=sES_IMV0xdoJtH0wfGOIuw==
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-request-id
dg8bh5n0go55nnsloifl9rm4756fp7us
pixel
cm.g.doubleclick.net/ Frame C926
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=jYXl3Aj6T_CiS4UBaw9uZA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=jYXl3Aj6T_CiS4UBaw9uZA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AZmPxg_7NJqdnqGLmecyd50ZpbRfXBLX7gv6YRdJcx3wR52NAa5lri9YGZvtDa2VUtB8UjzWvC3P-b1i4bB2gP6orMj87pPcAoXd
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=1600x250&w=1600&h=250&ptt=12&adk=2733026255&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-328203967645347522&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=470780615&nhd=0&adx=0&ady=4465&oid=2&is_amp=5&amp_v=2209142312000&d_imp=1&c=1001285&ga_cid=amp-lfEJphMrir-y-H01hMFB_A&ga_hid=1285&dt=1664623786810&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fqiang-ni-dai-pu-nan-shen-ji-lao-13sui-ke-neng-yuan-yin-pu-guang.html&bdt=2473&dtd=457&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Protocol
H3
Server
172.253.118.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 11:29:57 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=jYXl3Aj6T_CiS4UBaw9uZA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AZmPxg_7NJqdnqGLmecyd50ZpbRfXBLX7gv6YRdJcx3wR52NAa5lri9YGZvtDa2VUtB8UjzWvC3P-b1i4bB2gP6orMj87pPcAoXd
date
Sat, 01 Oct 2022 11:29:57 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame C926
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEHfqUJwBLUtihgGNqV1PZio&google_cver=1&google_push=AZmPxg_hlWO5TeDolfs1o33_92mHXxbCVGay01SGWMqrMKjNsysNG5ogMP5CuzW7R3sBXm-oLZk...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhQVTBWSTEtMjItODlXUg==&google_push=AZmPxg_hlWO5TeDolfs1o33_92mHXxbCVGay01SGWMqrMKjNsysNG5ogMP5CuzW7R3sBXm-oLZk2NPY3OMppN2ekFY6WztxwzfRI
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhQVTBWSTEtMjItODlXUg==&google_push=AZmPxg_hlWO5TeDolfs1o33_92mHXxbCVGay01SGWMqrMKjNsysNG5ogMP5CuzW7R3sBXm-oLZk2NPY3OMppN2ekFY6WztxwzfRI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=1600x250&w=1600&h=250&ptt=12&adk=2733026255&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-328203967645347522&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=470780615&nhd=0&adx=0&ady=4465&oid=2&is_amp=5&amp_v=2209142312000&d_imp=1&c=1001285&ga_cid=amp-lfEJphMrir-y-H01hMFB_A&ga_hid=1285&dt=1664623786810&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fqiang-ni-dai-pu-nan-shen-ji-lao-13sui-ke-neng-yuan-yin-pu-guang.html&bdt=2473&dtd=457&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Protocol
H3
Server
172.253.118.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 11:29:57 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhQVTBWSTEtMjItODlXUg==&google_push=AZmPxg_hlWO5TeDolfs1o33_92mHXxbCVGay01SGWMqrMKjNsysNG5ogMP5CuzW7R3sBXm-oLZk2NPY3OMppN2ekFY6WztxwzfRI
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4b9b5fe4fdc8ed94e0f7cdc225df187a
Expires
0
pixel
cm.g.doubleclick.net/ Frame C926
Redirect Chain
  • https://cc.adingo.jp/adx/push/?google_gid=CAESEDbW_f7tfTsl70LA40CVALo&google_cver=1&google_push=AZmPxg93IOijWxMW9vKHRwxUkd3r0-3cjxTujKhEilgGUDTPPUBY6vOZpJJVeF5t9vDZH5j-gd2zZOQzI_rTtzadz_sAt4eEAqX3
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AZmPxg93IOijWxMW9vKHRwxUkd3r0-3cjxTujKhEilgGUDTPPUBY6vOZpJJVeF5t9vDZH5j-gd2zZOQzI_rTtzadz_sAt4eEAqX3&google_hm=47fc71f165d9bbd63af...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AZmPxg93IOijWxMW9vKHRwxUkd3r0-3cjxTujKhEilgGUDTPPUBY6vOZpJJVeF5t9vDZH5j-gd2zZOQzI_rTtzadz_sAt4eEAqX3&google_hm=47fc71f165d9bbd63afc65765d8453b5
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qiang-ni-dai-pu-nan-shen-ji-lao-13sui-ke-neng-yuan-yin-pu-guang.html
Protocol
H3
Server
172.253.118.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 11:29:58 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AZmPxg93IOijWxMW9vKHRwxUkd3r0-3cjxTujKhEilgGUDTPPUBY6vOZpJJVeF5t9vDZH5j-gd2zZOQzI_rTtzadz_sAt4eEAqX3&google_hm=47fc71f165d9bbd63afc65765d8453b5
date
Sat, 01 Oct 2022 11:29:57 GMT
content-type
text/html; charset=UTF-8
server
nginx
p3p
CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA
attr
cm.g.doubleclick.net/pixel/ Frame C926 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KLR9CZWO0CvFpV7_Nd3UQynravgy81oOUzGBtkrH6EGfCFMDEE
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=1600x250&w=1600&h=250&ptt=12&adk=2733026255&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-328203967645347522&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=470780615&nhd=0&adx=0&ady=4465&oid=2&is_amp=5&amp_v=2209142312000&d_imp=1&c=1001285&ga_cid=amp-lfEJphMrir-y-H01hMFB_A&ga_hid=1285&dt=1664623786810&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fqiang-ni-dai-pu-nan-shen-ji-lao-13sui-ke-neng-yuan-yin-pu-guang.html&bdt=2473&dtd=457&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 11:29:57 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
event.png
tpsc-ae1.doubleverify.com/ Frame D699
Redirect Chain
  • https://cdn.doubleverify.com/redirect/?host=tpsc-ae1&param=akipv6&impid=b7ae600d63e34eccba0cd5e33dd099ff&cbust=1664623797349320
  • https://tpsc-ae1.doubleverify.com/event.png?impid=b7ae600d63e34eccba0cd5e33dd099ff&akipv6=
0
157 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpsc-ae1.doubleverify.com/event.png?impid=b7ae600d63e34eccba0cd5e33dd099ff&akipv6=
Requested by
Host: eae788224dba35857150c6163776964a.safeframe.googlesyndication.com
URL: https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Server
34.149.43.113 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
113.43.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 01 Oct 2022 11:29:57 GMT
Cache-Control
max-age=0
Connection
close
Expires
09/30/2022 11:29:57

Redirect headers

Location
https://tpsc-ae1.doubleverify.com/event.png?impid=b7ae600d63e34eccba0cd5e33dd099ff&akipv6=
Date
Sat, 01 Oct 2022 11:29:57 GMT
Server
AkamaiGHost
Connection
keep-alive
Content-Length
0
cv2.png
cdn.flashtalking.com/155251/3972322/images/ Frame 5C5A 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.flashtalking.com/155251/3972322/images/cv2.png?1653659805970
Requested by
Host: eae788224dba35857150c6163776964a.safeframe.googlesyndication.com
URL: https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
c23465d5bff08766dcf268b88e13461c6ce4d0c7f5d697598944b8bc437bb29f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.flashtalking.com/155251/3972322/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 01 Oct 2022 11:29:57 GMT
Last-Modified
Tue, 05 Jul 2022 17:22:30 GMT
x-amz-request-id
JKTYEG3EJNGT7QRD
ETag
W/"1f4a349dbfc3e7d64e6256ffbfe3157f"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
image/png
Access-Control-Allow-Origin
*
X-HW
1664623796.dop020.sy2.shc,1664623797.dop020.sy2.t,1664623797.cds024.sy2.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=640
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
2645
x-amz-id-2
zlRfS4VVng2ZgE8ODMCYlpWEPbwGKDyTS4maGHDMEIXPzCiROOmecET7aG9h4ZaioVnzzWZEj3k=
cv5.png
cdn.flashtalking.com/155251/3972320/images/ Frame DA81 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.flashtalking.com/155251/3972320/images/cv5.png?1653659834747
Requested by
Host: eae788224dba35857150c6163776964a.safeframe.googlesyndication.com
URL: https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
b1cff579f33ba53d412d862e211bbb38117465e346b143d6c7bd56f90eec4098

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.flashtalking.com/155251/3972320/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 01 Oct 2022 11:29:57 GMT
Last-Modified
Tue, 05 Jul 2022 17:22:28 GMT
x-amz-request-id
PEN3VHCQ827NEQ41
ETag
W/"427b0bf82378880df27cd8357d04ca31"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
image/png
Access-Control-Allow-Origin
*
X-HW
1664623795.dop020.sy2.t,1664623795.cds024.sy2.shn,1664623797.dop020.sy2.t,1664623797.cds022.sy2.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=507
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
4366
x-amz-id-2
WFjHKrZmoLDhlX4uIiSdIyux5oAXtTbxooL178llokxidtNMIMj1sqcLO9nb6Eb2F41w0OvtiRA=
event.png
tpsc-ae1.doubleverify.com/ Frame 243F
Redirect Chain
  • https://cdn.doubleverify.com/redirect/?host=tpsc-ae1&param=akipv6&impid=a20093f08e8346b6835f5b633657128e&cbust=1664623797399948
  • https://tpsc-ae1.doubleverify.com/event.png?impid=a20093f08e8346b6835f5b633657128e&akipv6=
0
157 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpsc-ae1.doubleverify.com/event.png?impid=a20093f08e8346b6835f5b633657128e&akipv6=
Requested by
Host: eae788224dba35857150c6163776964a.safeframe.googlesyndication.com
URL: https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Server
34.149.43.113 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
113.43.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 01 Oct 2022 11:29:57 GMT
Cache-Control
max-age=0
Connection
close
Expires
09/30/2022 11:29:57

Redirect headers

Location
https://tpsc-ae1.doubleverify.com/event.png?impid=a20093f08e8346b6835f5b633657128e&akipv6=
Date
Sat, 01 Oct 2022 11:29:57 GMT
Server
AkamaiGHost
Connection
keep-alive
Content-Length
0
event.png
tpsc-ae1.doubleverify.com/ Frame 800F
Redirect Chain
  • https://cdn.doubleverify.com/redirect/?host=tpsc-ae1&param=akipv6&impid=fdb909194d314fb9b3af326207168762&cbust=1664623797404123
  • https://tpsc-ae1.doubleverify.com/event.png?impid=fdb909194d314fb9b3af326207168762&akipv6=
0
157 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpsc-ae1.doubleverify.com/event.png?impid=fdb909194d314fb9b3af326207168762&akipv6=
Requested by
Host: eae788224dba35857150c6163776964a.safeframe.googlesyndication.com
URL: https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Server
34.149.43.113 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
113.43.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 01 Oct 2022 11:29:57 GMT
Cache-Control
max-age=0
Connection
close
Expires
09/30/2022 11:29:57

Redirect headers

Location
https://tpsc-ae1.doubleverify.com/event.png?impid=fdb909194d314fb9b3af326207168762&akipv6=
Date
Sat, 01 Oct 2022 11:29:57 GMT
Server
AkamaiGHost
Connection
keep-alive
Content-Length
0
cv3.png
cdn.flashtalking.com/155251/3972322/images/ Frame 5C5A 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.flashtalking.com/155251/3972322/images/cv3.png?1653659805970
Requested by
Host: eae788224dba35857150c6163776964a.safeframe.googlesyndication.com
URL: https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
83502e3e2d5c3de417af7c8f994f334ab7d80170f764201ef2e8167819afd960

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.flashtalking.com/155251/3972322/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 01 Oct 2022 11:29:57 GMT
Last-Modified
Tue, 05 Jul 2022 17:22:30 GMT
x-amz-request-id
7QG5GFQMX7D1PAF1
ETag
W/"921e2bddd3029ac7a83f4b5412edf214"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
image/png
Access-Control-Allow-Origin
*
X-HW
1664623796.dop020.sy2.shc,1664623797.dop020.sy2.t,1664623797.cds202.sy2.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=41
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
11248
x-amz-id-2
JYT025PB+bFMTdKps/OhkIn8tg4znQFPl/nIVwJxIDyuLXack7dKIgdxt+Nbs2lGMUeHnjHmRgo=
cv6.png
cdn.flashtalking.com/155251/3972320/images/ Frame DA81 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.flashtalking.com/155251/3972320/images/cv6.png?1653659834747
Requested by
Host: eae788224dba35857150c6163776964a.safeframe.googlesyndication.com
URL: https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
f8283ec012561d3d3588538f7d9ecb43d1f9c7d2bdc7db8a6b36b1b8c0b768da

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.flashtalking.com/155251/3972320/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 01 Oct 2022 11:29:57 GMT
Content-Encoding
gzip
x-amz-request-id
C72SXBCD6S5XJQQR
Connection
Keep-Alive
Content-Length
4074
x-amz-id-2
5ZJXTNsdrsXgQpPvoneCDW1hy+79bH9J4KxL/+gJJHY6BIcaAefHBCx3C7rTXVT0/jYWtlr8HaU=
Last-Modified
Tue, 05 Jul 2022 17:22:28 GMT
ETag
W/"f40dbcc3819408b437d7f9f748aa6b42"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
image/png
Access-Control-Allow-Origin
*
X-HW
1664623795.dop020.sy2.t,1664623795.cds024.sy2.shn,1664623797.dop020.sy2.t,1664623797.cds019.sy2.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=1183
Accept-Ranges
bytes
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 958B 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f94.1e100.net
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:57:29 GMT
x-content-type-options
nosniff
age
221548
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 28 Sep 2023 21:57:29 GMT
-Y38d37a1DmvdXzRnIUkD6jTpQ2urOaWudC6FG_jR1g.js
pagead2.googlesyndication.com/bg/ Frame 0343 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/-Y38d37a1DmvdXzRnIUkD6jTpQ2urOaWudC6FG_jR1g.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=1600x250&w=1600&h=250&ptt=12&adk=2733026255&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-328203967645347522&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=470780615&nhd=0&adx=0&ady=4465&oid=2&is_amp=5&amp_v=2209142312000&d_imp=1&c=1001285&ga_cid=amp-lfEJphMrir-y-H01hMFB_A&ga_hid=1285&dt=1664623786810&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fqiang-ni-dai-pu-nan-shen-ji-lao-13sui-ke-neng-yuan-yin-pu-guang.html&bdt=2473&dtd=457&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
sffe /
Resource Hash
f98dfc777edad439af757cd19c85240fa8d3a50daeace696b9d0ba146fe34758
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 19:36:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
230033
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15918
x-xss-protection
0
last-modified
Tue, 27 Sep 2022 16:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 28 Sep 2023 19:36:04 GMT
cv4.png
cdn.flashtalking.com/155251/3972322/images/ Frame 5C5A 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.flashtalking.com/155251/3972322/images/cv4.png?1653659805970
Requested by
Host: eae788224dba35857150c6163776964a.safeframe.googlesyndication.com
URL: https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
4f0b3c6f49a501f95b830a10dee3fca97d1c3d0cf8f9ad9b2047a297c641e281

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.flashtalking.com/155251/3972322/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 01 Oct 2022 11:29:57 GMT
Last-Modified
Tue, 05 Jul 2022 17:22:30 GMT
x-amz-request-id
BKT1NFVJK5ACASGB
ETag
W/"212e313d1530d49ea824a3265aafff8c"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
image/png
Access-Control-Allow-Origin
*
X-HW
1664623795.dop020.sy2.t,1664623795.cds024.sy2.shn,1664623797.dop020.sy2.t,1664623797.cds020.sy2.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=653
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
11389
x-amz-id-2
j2/MdzCcZjF/w5qP2RJPHqsXCijRXA8+yltlO2SU4s4K9G/slN+gWy4PGpjw0QURb1OyVmIjKfs=
cv7.png
cdn.flashtalking.com/155251/3972320/images/ Frame DA81 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.flashtalking.com/155251/3972320/images/cv7.png?1653659834747
Requested by
Host: eae788224dba35857150c6163776964a.safeframe.googlesyndication.com
URL: https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
66498b10bbf56b74295f601204470a512442489d5ff5f45a198a9d41ad6d5dd7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.flashtalking.com/155251/3972320/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 01 Oct 2022 11:29:57 GMT
Last-Modified
Tue, 05 Jul 2022 17:22:28 GMT
x-amz-request-id
616NGK941AZX9E5M
ETag
W/"22f8396509033b518ed587f39ef8e003"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
image/png
Access-Control-Allow-Origin
*
X-HW
1664623796.dop020.sy2.shc,1664623797.dop020.sy2.t,1664623797.cds022.sy2.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=897
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
2197
x-amz-id-2
zVCSIzlO7b8Wy4vV5Uzub/ymQryBfQ3xrZYELPCs0H2ka4Eu4P/YMEklGgPe0Pa5gWFXDGabLRs=
cv5.png
cdn.flashtalking.com/155251/3972322/images/ Frame 5C5A 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.flashtalking.com/155251/3972322/images/cv5.png?1653659805970
Requested by
Host: eae788224dba35857150c6163776964a.safeframe.googlesyndication.com
URL: https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
b1cff579f33ba53d412d862e211bbb38117465e346b143d6c7bd56f90eec4098

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.flashtalking.com/155251/3972322/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 01 Oct 2022 11:29:57 GMT
Last-Modified
Tue, 05 Jul 2022 17:22:30 GMT
x-amz-request-id
BKT6CPJRRCATV20W
ETag
W/"427b0bf82378880df27cd8357d04ca31"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
image/png
Access-Control-Allow-Origin
*
X-HW
1664623795.dop020.sy2.t,1664623795.cds024.sy2.shn,1664623797.dop020.sy2.t,1664623797.cds202.sy2.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=41
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
4366
x-amz-id-2
DBhde5Uoyw8kaNfr6oWy4Va7t61+8a+KyoReLRYR5q6faBS4dgOkwFB/mPOhmPu0Ie1igUk+5O0=
cv8.png
cdn.flashtalking.com/155251/3972320/images/ Frame DA81 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.flashtalking.com/155251/3972320/images/cv8.png?1653659834747
Requested by
Host: eae788224dba35857150c6163776964a.safeframe.googlesyndication.com
URL: https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
ac7558531e00029e2a046a024f2d9ed89127f3f2a48dae2bccfc5b3ae50ace56

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.flashtalking.com/155251/3972320/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 01 Oct 2022 11:29:57 GMT
Last-Modified
Tue, 05 Jul 2022 17:22:28 GMT
x-amz-request-id
3PHH21QFRM542GV6
ETag
W/"3d5b0214dcf6afa56192206f5b66453e"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
image/png
Access-Control-Allow-Origin
*
X-HW
1664623796.dop020.sy2.shc,1664623797.dop020.sy2.t,1664623797.cds024.sy2.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=1023
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
2052
x-amz-id-2
faCY/JcdYT5fPMBIGYCyVs6nnBod1nutXwisIKUZIsCArSwVv+zOkqglbKGSq8ncd/cEQ68mtl0=
cv6.png
cdn.flashtalking.com/155251/3972322/images/ Frame 5C5A 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.flashtalking.com/155251/3972322/images/cv6.png?1653659805970
Requested by
Host: eae788224dba35857150c6163776964a.safeframe.googlesyndication.com
URL: https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
f8283ec012561d3d3588538f7d9ecb43d1f9c7d2bdc7db8a6b36b1b8c0b768da

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.flashtalking.com/155251/3972322/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 01 Oct 2022 11:29:57 GMT
Last-Modified
Tue, 05 Jul 2022 17:22:31 GMT
x-amz-request-id
5MG0CZB9MZBW23G0
ETag
W/"f40dbcc3819408b437d7f9f748aa6b42"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
image/png
Access-Control-Allow-Origin
*
X-HW
1664623796.dop020.sy2.shc,1664623797.dop020.sy2.t,1664623797.cds024.sy2.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=837
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
4328
x-amz-id-2
tlgWqvIsafVBjAxABr+Ds+n6N/AbiPxPhZIaq6jzDb3e3qbURbLJ6b8cVdoEw4qYCZZ7SBC9ZTs=
t.png
cdn.flashtalking.com/155251/3972320/images/ Frame DA81 		394 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.flashtalking.com/155251/3972320/images/t.png?1653659834747
Requested by
Host: eae788224dba35857150c6163776964a.safeframe.googlesyndication.com
URL: https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
00fb204ddd6b58906c589f9f8fc397dc1942fd3c0f2649347f8f305867f83446

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.flashtalking.com/155251/3972320/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 01 Oct 2022 11:29:57 GMT
Content-Encoding
gzip
x-amz-request-id
VAY7JRRT6KTKREAD
Connection
Keep-Alive
Content-Length
417
x-amz-id-2
AFsENrM6l+Mij4hCmo5TXgoniAI5dd0iYvKjfWIBJmQEyH5KzTUoPQdnsoq9bLUJ68p2Mw/Y+yM=
Last-Modified
Tue, 05 Jul 2022 17:22:28 GMT
ETag
W/"3d31efa47253dc1ecb0a000f1c54a792"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
image/png
Access-Control-Allow-Origin
*
X-HW
1664623795.dop020.sy2.t,1664623795.cds024.sy2.shn,1664623797.dop020.sy2.t,1664623797.cds201.sy2.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=105
Accept-Ranges
bytes
cv7.png
cdn.flashtalking.com/155251/3972322/images/ Frame 5C5A 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.flashtalking.com/155251/3972322/images/cv7.png?1653659805970
Requested by
Host: eae788224dba35857150c6163776964a.safeframe.googlesyndication.com
URL: https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
66498b10bbf56b74295f601204470a512442489d5ff5f45a198a9d41ad6d5dd7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.flashtalking.com/155251/3972322/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 01 Oct 2022 11:29:58 GMT
Last-Modified
Tue, 05 Jul 2022 17:22:31 GMT
x-amz-request-id
SZ147Q5YYNJ5TNN9
ETag
W/"22f8396509033b518ed587f39ef8e003"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
image/png
Access-Control-Allow-Origin
*
X-HW
1664623795.dop020.sy2.t,1664623795.cds024.sy2.shn,1664623798.dop020.sy2.t,1664623798.cds203.sy2.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=545
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
2197
x-amz-id-2
VD0xr3VMHDXdpZqxHPt9STRd0WupFVw7PtL8G6QPrC+/kUv1hrI4v63uQkAuN7td1JtfCAwdNK8=
activeview
pagead2.googlesyndication.com/pcs/ Frame EBCF 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssANxxjBYlaGvBRDVvwGuTxUWXXJdk-mVd_KrYm6pg3v_YSBAHw-Ey6ttX2NtqilXUYHxcdPdwXSnJC0IfZUyEOux24DnAYyU5efdPFyhj5jyFyksUKGdVhCylBPGuj_qv-qFE&sai=AMfl-YTrIp_Ul5YOUg9scZMFEivzMcQJmEhS-sTp0ThPUrxyueCPNklFADaJ-Enj1e31l5PlCwrdbC6ZnyISjQ-fT7BMYS8nEYIxpG6v8FyZGf92MraZ2cSbt6kO3rBGOQ&sig=Cg0ArKJSzDFqc3bQa11kEAE&cid=CAASJORo2vvEARFxzh2IpKlX7yBb9y-jG-PPSL873EcPWRfsNxt6Qw&id=lidar2&mcvt=1000&p=1110,436,1200,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220928&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=2857874404&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1664623792071&rpt=4899&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 11:29:58 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 3777 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstNLbEFq8pNyl0RyWXKp9Oc4fKD9w4Zucino9Ne-OUSmUradO06VaZWZ95fH3pfSNY8G23r-6_zYueczaXSBh2ox_b4s2Xfxtd5hLCQ3XCneooj_iYRSv6ofvgvFnj70TLHoUY&sai=AMfl-YTCsbY2beXzwK0jM3ZNCw4MiTtunKDD5WVxARocTu2Jon2mGYKmV-RMyeoDS2MHXDIS3P1_wPauQYe7Rvkor1r0FqS2k45xwctEV_NNU7EZZpbxrOuGtU_UdmdFLA&sig=Cg0ArKJSzFtzbGk1FxtrEAE&cid=CAASJORoezEmzU__Q_BapaF2bckNt-i_wx5DzL2f1eGIkuS-gBfLjg&id=lidar2&mcvt=1002&p=60,450,310,750&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20220928&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=1420297610&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1664623792067&rpt=4906&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 11:29:58 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cv8.png
cdn.flashtalking.com/155251/3972322/images/ Frame 5C5A 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.flashtalking.com/155251/3972322/images/cv8.png?1653659805970
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qiang-ni-dai-pu-nan-shen-ji-lao-13sui-ke-neng-yuan-yin-pu-guang.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
ac7558531e00029e2a046a024f2d9ed89127f3f2a48dae2bccfc5b3ae50ace56

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.flashtalking.com/155251/3972322/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 01 Oct 2022 11:29:58 GMT
Last-Modified
Tue, 05 Jul 2022 17:22:31 GMT
x-amz-request-id
AGSTVQYA39TNAGX5
ETag
W/"3d5b0214dcf6afa56192206f5b66453e"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
image/png
Access-Control-Allow-Origin
*
X-HW
1664623795.dop020.sy2.t,1664623795.cds024.sy2.shn,1664623798.dop020.sy2.t,1664623798.cds022.sy2.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=111
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
2052
x-amz-id-2
IR3lC3CmHGjapHBDsPfTywfcSKmBD94V8TJmWqtt7zMXkAfptU3SFIpY/Mv6dEV2nCLx2kKIrRg=
PugMaster
image6.pubmatic.com/AdServer/ Frame 5391 		695 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=12648909&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.81 Los Angeles, United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
8b2f0234ec72232e4ffb1970a905a68bdd33d13eedc36767a6032241ba074e04

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Sat, 01 Oct 2022 11:29:58 GMT
content-length
695
content-type
text/html; charset=UTF-8
t.png
cdn.flashtalking.com/155251/3972322/images/ Frame 5C5A 		394 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.flashtalking.com/155251/3972322/images/t.png?1653659805970
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qiang-ni-dai-pu-nan-shen-ji-lao-13sui-ke-neng-yuan-yin-pu-guang.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
00fb204ddd6b58906c589f9f8fc397dc1942fd3c0f2649347f8f305867f83446

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.flashtalking.com/155251/3972322/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 01 Oct 2022 11:29:58 GMT
Last-Modified
Tue, 05 Jul 2022 17:22:31 GMT
x-amz-request-id
7B9YAN3ZNAEW7944
ETag
W/"3d31efa47253dc1ecb0a000f1c54a792"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
image/png
Access-Control-Allow-Origin
*
X-HW
1664623795.dop020.sy2.t,1664623795.cds024.sy2.shn,1664623798.dop020.sy2.t,1664623798.cds202.sy2.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=595
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
394
x-amz-id-2
ofgc5TlfS6Kv3DjvZCvyIysurr9yGXmJ3jxQYuzbVIMFCnNF6eALCrZvwVIDEY7M3dpYttaq+Z8=
Pug
simage2.pubmatic.com/AdServer/ Frame 0B26
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:97D47A47F6B9400A97521DB78B233043
1 B
53 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:97D47A47F6B9400A97521DB78B233043
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.86 Los Angeles, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Sat, 01 Oct 2022 11:29:57 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-length
142
content-type
text/html
date
Sat, 01 Oct 2022 11:29:58 GMT
expires
Fri, 30 Sep 2022 11:29:58 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:97D47A47F6B9400A97521DB78B233043
server
openresty
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
setuid
x.yieldlift.com/ Frame BE08 		0
113 B 		Document
General
Check archive.org
Download Go to
Full URL
https://x.yieldlift.com/setuid?bidder=pubmatic&gdpr=0&gdpr_consent=&us_privacy=1YN-&uid=8D85E5DC-08FA-4FF0-A24B-85016B0F6E64
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.20.206.0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-20-206-0.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Connection
keep-alive
Content-Length
0
Date
Sat, 01 Oct 2022 11:29:58 GMT
Vary
Origin
info2
uipglob.semasio.net/pubmatic/1/ Frame 5391
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=8D85E5DC-08FA-4FF0-A24B-85016B0F6E64&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=8D85E5DC-08FA-4FF0-A24B-85016B0F6E64&sInitiator=external&gdpr=0&gdpr_consent=
42 B
570 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=8D85E5DC-08FA-4FF0-A24B-85016B0F6E64&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Server
119.9.108.191 , Hong Kong, ASN45187 (RACKSPACE-AP Rackspace IT Hosting AS IT Hosting Provider Hong Kong, HK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 11:30:00 GMT
frontend-id
0
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
content-type
image/gif
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
42
routing-server-id
1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 01 Oct 2022 11:30:00 GMT
frontend-id
0
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location
/pubmatic/1/info2?sType=sync&sExtCookieId=8D85E5DC-08FA-4FF0-A24B-85016B0F6E64&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
routing-server-id
1
expires
Sat, 01 Jan 2011 12:00:00 GMT
qmap
sync.crwdcntrl.net/ Frame 5391
Redirect Chain
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=8D85E5DC-08FA-4FF0-A24B-85016B0F6E64&gdpr=0&gdpr_consent=
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=8D85E5DC-08FA-4FF0-A24B-85016B0F6E64&gdpr=0&gdpr_consent=&ct=y
49 B
545 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=8D85E5DC-08FA-4FF0-A24B-85016B0F6E64&gdpr=0&gdpr_consent=&ct=y
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.76.92.197 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-76-92-197.ap-southeast-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 11:29:59 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.42.19.145
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Sat, 01 Oct 2022 11:29:58 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=8D85E5DC-08FA-4FF0-A24B-85016B0F6E64&gdpr=0&gdpr_consent=&ct=y
cache-control
no-cache
x-server
10.42.10.93
content-length
0
expires
0
receive
pixel.tapad.com/idsync/ex/ Frame 5391
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=8D85E5DC-08FA-4FF0-A24B-85016B0F6E64
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=a1b328e9-f147-491b-836f-9bdb746f7b7d%252C&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=94fe3cf1-3e44-4ca9-b31e-4d20824c3f42&ttd_puid=a1b328e9-f147-491b-836f-9bdb746f7b7d%2C
95 B
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=94fe3cf1-3e44-4ca9-b31e-4d20824c3f42&ttd_puid=a1b328e9-f147-491b-836f-9bdb746f7b7d%2C
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H3
Server
107.178.244.193 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
193.244.178.107.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/png
date
Sat, 01 Oct 2022 11:29:58 GMT
strict-transport-security
max-age=31536000
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

pragma
no-cache
date
Sat, 01 Oct 2022 11:29:58 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=94fe3cf1-3e44-4ca9-b31e-4d20824c3f42&ttd_puid=a1b328e9-f147-491b-836f-9bdb746f7b7d%2C
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
353
PugMaster
image6.pubmatic.com/AdServer/ Frame 4225 		47 B
167 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=81290856&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.81 Los Angeles, United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Sat, 01 Oct 2022 11:29:59 GMT
content-length
47
content-type
text/html; charset=UTF-8
usersync
usersync.gumgum.com/ Frame 944A 		35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=pbm&i=8D85E5DC-08FA-4FF0-A24B-85016B0F6E64
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.112.54.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sat, 01 Oct 2022 11:29:59 GMT
Expires
0
Pragma
no-cache
dc_pre=CNmoovL2vvoCFdSC5godhrQJRA;src=1295336;type=cs;cat=Viewa0;u14=115740;u15=18330;u16=%5BDVP_ADID%5D;ord=1
adservice.google.com/ddm/fls/z/ Frame 243F
Redirect Chain
  • https://ad.doubleclick.net/activity;src=1295336;type=cs;cat=Viewa0;u14=115740;u15=18330;u16=%5BDVP_ADID%5D;ord=1?&cbust=1664623799501814
  • https://ad.doubleclick.net/activity;dc_pre=CNmoovL2vvoCFdSC5godhrQJRA;src=1295336;type=cs;cat=Viewa0;u14=115740;u15=18330;u16=%5BDVP_ADID%5D;ord=1?&cbust=1664623799501814
  • https://adservice.google.com/ddm/fls/z/dc_pre=CNmoovL2vvoCFdSC5godhrQJRA;src=1295336;type=cs;cat=Viewa0;u14=115740;u15=18330;u16=%5BDVP_ADID%5D;ord=1?&cbust=1664623799501814
42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CNmoovL2vvoCFdSC5godhrQJRA;src=1295336;type=cs;cat=Viewa0;u14=115740;u15=18330;u16=%5BDVP_ADID%5D;ord=1?&cbust=1664623799501814
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qiang-ni-dai-pu-nan-shen-ji-lao-13sui-ke-neng-yuan-yin-pu-guang.html
Protocol
H3
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 11:30:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 01 Oct 2022 11:30:00 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://adservice.google.com/ddm/fls/z/dc_pre=CNmoovL2vvoCFdSC5godhrQJRA;src=1295336;type=cs;cat=Viewa0;u14=115740;u15=18330;u16=%5BDVP_ADID%5D;ord=1?&cbust=1664623799501814
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
src=1295336;dc_pre=CKyPovL2vvoCFeig2AUd9c0Bcw;type=custom;cat=viewa2;u1=%5BTOTALPAGETIME%5D;u2=%5BBUCKET_0%5D;u3=%5BBUCKET_1_9%5D;u4=%5BBUCKET_10_19%5D;u5=%5BBUCKET_20_29%5D;u6=%5BBUCKET_30_39%5D;u...
adservice.google.com/ddm/fls/z/ Frame 243F
Redirect Chain
  • https://ad.doubleclick.net/ddm/activity/src=1295336;type=custom;cat=viewa2;u1=%5BTOTALPAGETIME%5D;u2=%5BBUCKET_0%5D;u3=%5BBUCKET_1_9%5D;u4=%5BBUCKET_10_19%5D;u5=%5BBUCKET_20_29%5D;u6=%5BBUCKET_30_3...
  • https://ad.doubleclick.net/ddm/activity/src=1295336;dc_pre=CKyPovL2vvoCFeig2AUd9c0Bcw;type=custom;cat=viewa2;u1=%5BTOTALPAGETIME%5D;u2=%5BBUCKET_0%5D;u3=%5BBUCKET_1_9%5D;u4=%5BBUCKET_10_19%5D;u5=%5...
  • https://adservice.google.com/ddm/fls/z/src=1295336;dc_pre=CKyPovL2vvoCFeig2AUd9c0Bcw;type=custom;cat=viewa2;u1=%5BTOTALPAGETIME%5D;u2=%5BBUCKET_0%5D;u3=%5BBUCKET_1_9%5D;u4=%5BBUCKET_10_19%5D;u5=%5B...
42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/src=1295336;dc_pre=CKyPovL2vvoCFeig2AUd9c0Bcw;type=custom;cat=viewa2;u1=%5BTOTALPAGETIME%5D;u2=%5BBUCKET_0%5D;u3=%5BBUCKET_1_9%5D;u4=%5BBUCKET_10_19%5D;u5=%5BBUCKET_20_29%5D;u6=%5BBUCKET_30_39%5D;u7=%5BBUCKET_40_49%5D;u8=%5BBUCKET_50_59%5D;u9=%5BBUCKET_60_69%5D;u10=%5BBUCKET_70_79%5D;u11=%5BBUCKET_80_89%5D;u12=%5BBUCKET_90_99%5D;u13=%5BBUCKET_100%5D;u14=115740;u15=18330;u16=%5BDVP_ADID%5D;u17=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1?%20&cbust=1664623799501365
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qiang-ni-dai-pu-nan-shen-ji-lao-13sui-ke-neng-yuan-yin-pu-guang.html
Protocol
H3
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 11:30:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 01 Oct 2022 11:30:00 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://adservice.google.com/ddm/fls/z/src=1295336;dc_pre=CKyPovL2vvoCFeig2AUd9c0Bcw;type=custom;cat=viewa2;u1=%5BTOTALPAGETIME%5D;u2=%5BBUCKET_0%5D;u3=%5BBUCKET_1_9%5D;u4=%5BBUCKET_10_19%5D;u5=%5BBUCKET_20_29%5D;u6=%5BBUCKET_30_39%5D;u7=%5BBUCKET_40_49%5D;u8=%5BBUCKET_50_59%5D;u9=%5BBUCKET_60_69%5D;u10=%5BBUCKET_70_79%5D;u11=%5BBUCKET_80_89%5D;u12=%5BBUCKET_90_99%5D;u13=%5BBUCKET_100%5D;u14=115740;u15=18330;u16=%5BDVP_ADID%5D;u17=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1?%20&cbust=1664623799501365
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_pre=CP6MovL2vvoCFQrXcwEdloQLxQ;src=1295336;type=cs;cat=Viewa0;u14=115740;u15=18330;u16=%5BDVP_ADID%5D;ord=1
adservice.google.com/ddm/fls/z/ Frame 800F
Redirect Chain
  • https://ad.doubleclick.net/activity;src=1295336;type=cs;cat=Viewa0;u14=115740;u15=18330;u16=%5BDVP_ADID%5D;ord=1?&cbust=1664623799506463
  • https://ad.doubleclick.net/activity;dc_pre=CP6MovL2vvoCFQrXcwEdloQLxQ;src=1295336;type=cs;cat=Viewa0;u14=115740;u15=18330;u16=%5BDVP_ADID%5D;ord=1?&cbust=1664623799506463
  • https://adservice.google.com/ddm/fls/z/dc_pre=CP6MovL2vvoCFQrXcwEdloQLxQ;src=1295336;type=cs;cat=Viewa0;u14=115740;u15=18330;u16=%5BDVP_ADID%5D;ord=1?&cbust=1664623799506463
42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CP6MovL2vvoCFQrXcwEdloQLxQ;src=1295336;type=cs;cat=Viewa0;u14=115740;u15=18330;u16=%5BDVP_ADID%5D;ord=1?&cbust=1664623799506463
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qiang-ni-dai-pu-nan-shen-ji-lao-13sui-ke-neng-yuan-yin-pu-guang.html
Protocol
H3
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 11:30:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 01 Oct 2022 11:30:00 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://adservice.google.com/ddm/fls/z/dc_pre=CP6MovL2vvoCFQrXcwEdloQLxQ;src=1295336;type=cs;cat=Viewa0;u14=115740;u15=18330;u16=%5BDVP_ADID%5D;ord=1?&cbust=1664623799506463
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
src=1295336;dc_pre=CKSPovL2vvoCFcHacwEdEYcHAw;type=custom;cat=viewa2;u1=%5BTOTALPAGETIME%5D;u2=%5BBUCKET_0%5D;u3=%5BBUCKET_1_9%5D;u4=%5BBUCKET_10_19%5D;u5=%5BBUCKET_20_29%5D;u6=%5BBUCKET_30_39%5D;u...
adservice.google.com/ddm/fls/z/ Frame 800F
Redirect Chain
  • https://ad.doubleclick.net/ddm/activity/src=1295336;type=custom;cat=viewa2;u1=%5BTOTALPAGETIME%5D;u2=%5BBUCKET_0%5D;u3=%5BBUCKET_1_9%5D;u4=%5BBUCKET_10_19%5D;u5=%5BBUCKET_20_29%5D;u6=%5BBUCKET_30_3...
  • https://ad.doubleclick.net/ddm/activity/src=1295336;dc_pre=CKSPovL2vvoCFcHacwEdEYcHAw;type=custom;cat=viewa2;u1=%5BTOTALPAGETIME%5D;u2=%5BBUCKET_0%5D;u3=%5BBUCKET_1_9%5D;u4=%5BBUCKET_10_19%5D;u5=%5...
  • https://adservice.google.com/ddm/fls/z/src=1295336;dc_pre=CKSPovL2vvoCFcHacwEdEYcHAw;type=custom;cat=viewa2;u1=%5BTOTALPAGETIME%5D;u2=%5BBUCKET_0%5D;u3=%5BBUCKET_1_9%5D;u4=%5BBUCKET_10_19%5D;u5=%5B...
42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/src=1295336;dc_pre=CKSPovL2vvoCFcHacwEdEYcHAw;type=custom;cat=viewa2;u1=%5BTOTALPAGETIME%5D;u2=%5BBUCKET_0%5D;u3=%5BBUCKET_1_9%5D;u4=%5BBUCKET_10_19%5D;u5=%5BBUCKET_20_29%5D;u6=%5BBUCKET_30_39%5D;u7=%5BBUCKET_40_49%5D;u8=%5BBUCKET_50_59%5D;u9=%5BBUCKET_60_69%5D;u10=%5BBUCKET_70_79%5D;u11=%5BBUCKET_80_89%5D;u12=%5BBUCKET_90_99%5D;u13=%5BBUCKET_100%5D;u14=115740;u15=18330;u16=%5BDVP_ADID%5D;u17=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1?%20&cbust=1664623799506539
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qiang-ni-dai-pu-nan-shen-ji-lao-13sui-ke-neng-yuan-yin-pu-guang.html
Protocol
H3
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 11:30:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 01 Oct 2022 11:30:00 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://adservice.google.com/ddm/fls/z/src=1295336;dc_pre=CKSPovL2vvoCFcHacwEdEYcHAw;type=custom;cat=viewa2;u1=%5BTOTALPAGETIME%5D;u2=%5BBUCKET_0%5D;u3=%5BBUCKET_1_9%5D;u4=%5BBUCKET_10_19%5D;u5=%5BBUCKET_20_29%5D;u6=%5BBUCKET_30_39%5D;u7=%5BBUCKET_40_49%5D;u8=%5BBUCKET_50_59%5D;u9=%5BBUCKET_60_69%5D;u10=%5BBUCKET_70_79%5D;u11=%5BBUCKET_80_89%5D;u12=%5BBUCKET_90_99%5D;u13=%5BBUCKET_100%5D;u14=115740;u15=18330;u16=%5BDVP_ADID%5D;u17=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1?%20&cbust=1664623799506539
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
event.png
tpsc-ae1.doubleverify.com/ Frame B629 		0
229 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tpsc-ae1.doubleverify.com/event.png?impid=d896405c1f7f415c89c4e73703743289&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&vdur=428&eoid=12&msrjs=3094&sdf=67108866&vit=2&isvelg=1&rmi=16&tltms=209&tetms=10&msltms=650&vltms=428&sei=289&vetms=6&engms=1&engisel=1&dvp_dtcov=4&msrcanlm=904&msrcannum=3&ismms=45&isumms=44&nvr=6&isgmmims=45&isgmv4mims=45&elmtp=1&isbxdms=2545&b0=100&b11=2697&adhgt=90&adwdth=728&norwdth=728&norhgt=90&vsos=3&dvp_vsosnmr=16&lftb=2797&sftb=2797&msrdp=1&naral=640&vct=512&vphgt=1200&vpwdth=1600&chgt=90&cwdth=728&invcs=false&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&isiabvms=945&isuiabvms=945&isgmpims=203&isgmv4dpims=945&ispmxpms=945&engalms=43&dvp_dpr=1&ttfurm=3468&cbust=1664623800295382
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements3094.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.149.43.113 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
113.43.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Pragma
no-cache
Date
Sat, 01 Oct 2022 11:30:00 GMT
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Connection
close
Expires
09/30/2022 11:30:00
event.png
tpsc-ae1.doubleverify.com/ Frame D699 		0
229 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tpsc-ae1.doubleverify.com/event.png?impid=b7ae600d63e34eccba0cd5e33dd099ff&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&vdur=408&eoid=11&msrjs=3094&sdf=67108866&vit=2&isvelg=1&rmi=16&tltms=210&tetms=8&msltms=667&vltms=408&sei=289&vetms=7&engms=1&engisel=1&dvp_dtcov=4&msrcanlm=904&msrcannum=3&ismms=12&isumms=11&nvr=6&isgmmims=12&isgmv4mims=12&elmtp=1&isbxdms=2512&b0=100&b11=2625&adhgt=250&adwdth=300&norwdth=300&norhgt=250&vsos=4&dvp_vsosnmr=16&lftb=2725&sftb=2725&msrdp=1&naral=640&vct=512&vphgt=1200&vpwdth=1600&chgt=250&cwdth=300&invcs=false&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&isiabvms=1012&isuiabvms=1012&isgmpims=129&isgmv4dpims=1012&ispmxpms=1012&engalms=11&dvp_dpr=1&ttfurm=3423&cbust=1664623800349611
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements3094.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.149.43.113 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
113.43.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Pragma
no-cache
Date
Sat, 01 Oct 2022 11:30:00 GMT
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Connection
close
Expires
09/30/2022 11:30:00
SPug
simage4.pubmatic.com/AdServer/ Frame 5391 		0
127 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.85 Los Angeles, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 11:30:00 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
event.png
tpsc-ae1.doubleverify.com/ Frame 243F 		0
229 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tpsc-ae1.doubleverify.com/event.png?impid=a20093f08e8346b6835f5b633657128e&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&vdur=413&eoid=11&msrjs=3094&sdf=67108866&vit=2&isvelg=1&rmi=16&tltms=209&tetms=9&msltms=587&vltms=413&sei=290&vetms=4&engms=1&engisel=1&dvp_dtcov=4&msrcanlm=968&msrcannum=4&ismms=11&isumms=10&nvr=6&isgmmims=11&isgmv4mims=11&elmtp=1&isbxdms=2511&b0=100&b11=2621&adhgt=90&adwdth=728&norwdth=728&norhgt=90&vsos=3&dvp_vsosnmr=16&lftb=2721&sftb=2721&msrdp=0&naral=704&vct=512&vphgt=1200&vpwdth=1600&chgt=90&cwdth=728&invcs=false&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&isiabvms=1014&isuiabvms=1014&isgmpims=111&isgmv4dpims=1014&ispmxpms=1014&engalms=10&dvp_dpr=1&ttfurm=3423&cbust=1664623800399842
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements3094.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.149.43.113 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
113.43.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Pragma
no-cache
Date
Sat, 01 Oct 2022 11:30:00 GMT
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Connection
close
Expires
09/30/2022 11:30:00
event.png
tpsc-ae1.doubleverify.com/ Frame 800F 		0
229 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tpsc-ae1.doubleverify.com/event.png?impid=fdb909194d314fb9b3af326207168762&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&vdur=402&eoid=11&msrjs=3094&sdf=67108866&vit=2&isvelg=1&rmi=16&tltms=210&tetms=10&msltms=565&vltms=402&sei=290&vetms=2&engms=1&engisel=1&dvp_dtcov=4&msrcanlm=968&msrcannum=4&ismms=10&isumms=9&nvr=6&isgmmims=10&isgmv4mims=10&elmtp=1&isbxdms=2511&b0=100&b11=2594&adhgt=250&adwdth=300&norwdth=300&norhgt=250&vsos=4&dvp_vsosnmr=16&lftb=2694&sftb=2694&msrdp=0&naral=704&vct=512&vphgt=1200&vpwdth=1600&chgt=250&cwdth=300&invcs=false&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&isiabvms=1010&isuiabvms=1010&isgmpims=110&isgmv4dpims=1010&ispmxpms=1010&engalms=9&dvp_dpr=1&ttfurm=3414&cbust=1664623800408539
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements3094.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.149.43.113 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
113.43.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Pragma
no-cache
Date
Sat, 01 Oct 2022 11:30:00 GMT
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Connection
close
Expires
09/30/2022 11:30:00
dc_oe=ChMIw8_T7va--gIVD9JzAR3TSgCbEAAYACD22dFUQhMI-ovx7fa--gIVbEWdCR3Izw-H;met=1;&timestamp=1664623804911;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame 87CF 		42 B
254 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIw8_T7va--gIVD9JzAR3TSgCbEAAYACD22dFUQhMI-ovx7fa--gIVbEWdCR3Izw-H;met=1;&timestamp=1664623804911;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qiang-ni-dai-pu-nan-shen-ji-lao-13sui-ke-neng-yuan-yin-pu-guang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f154.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eae788224dba35857150c6163776964a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 11:30:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=a1&ds=AMP&aip&_s=2&dt=%E5%BC%B7%E5%B0%BC%E6%88%B4%E6%99%AE%E7%94%B7%E7%A5%9E%E3%80%8C%E6%BF%80%E8%80%8113%E6%AD%B2%E3%80%8D%E3%80%80%E5%8F%AF%E8%83%BD%E5%8E%9F%E5%9B%A0%E6%9B%9D%E5%85%89%EF%BC%81%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&sr=1600x1200&cid=amp-lfEJphMrir-y-H01hMFB_A&tid=UA-172083736-2&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fqiang-ni-dai-pu-nan-shen-ji-lao-13sui-ke-neng-yuan-yin-pu-guang.html&dr=&sd=24&ul=en-us&de=UTF-8&jid=&plt=26715&dns=6&tcp=609&rrt=0&srt=982&pdt=1&clt=1803&dit=1803&a=1285&z=0.5482921089146595&gtm=2pu000&t=timing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f102.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 05:35:04 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
21305
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022092701&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
18081ce898c81765e8058fdedff5cbff35a97756c441246c5eb6f9154c7dd588
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 11:30:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11136
x-xss-protection
0
syncframe
gum.criteo.com/ Frame 108B 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.bg3.co
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
3b699c2cd84c5722e0c9f34ec0c60a9f548901168f95d86b4f1df433a7b5cc60
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 01 Oct 2022 11:30:09 GMT
server
Kestrel
server-processing-duration-in-ticks
1402848
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 11:30:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 01 Oct 2022 11:30:09 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C984 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
278155
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 28 Sep 2022 06:14:14 GMT
expires
Thu, 28 Sep 2023 06:14:14 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 6BB4 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f105.1e100.net
Software
GSE /
Resource Hash
bcd4157c667d079f655297fad3b479f06a29fb4a8d289388f37d7ed20f897370
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-zo5bgwpUT3GdRf0Z83jImA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-zo5bgwpUT3GdRf0Z83jImA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 01 Oct 2022 11:30:09 GMT
expires
Sat, 01 Oct 2022 11:30:09 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
json
gum.criteo.com/sid/ Frame 108B 		428 B
557 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=publishertag&domain=bg3.co&sn=ChromeSyncframe&so=3&topUrl=www.bg3.co&bundle=EFhJY19NWDVtJTJGQ2FWQmU0MkQ3UUt4eGdPVHpjRG44REdyaFRRbCUyRjc3VnJJOXZvNzVZYyUyQnlEeFVKbHU5WkQ3JTJGU2FZdnBvb0xQMkMlMkYzc3p1RDFzSnRveHVqWjZNODNnWExTUm45JTJCT2cyb010Q0V5WSUzRA&cw=1&lsw=1&topicsavail=0&fledgeavail=0
Requested by
Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.bg3.co
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
4cef27a2b3fd4003a5d5dbed0ca8e017902a6d2d454b6ff09ad119ba81f1b520
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.bg3.co
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Oct 2022 11:30:09 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
1445624
expires
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 6BB4 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022092701&jk=1824631024451244&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
-Y38d37a1DmvdXzRnIUkD6jTpQ2urOaWudC6FG_jR1g.js
pagead2.googlesyndication.com/bg/ Frame C984 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/-Y38d37a1DmvdXzRnIUkD6jTpQ2urOaWudC6FG_jR1g.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
sffe /
Resource Hash
f98dfc777edad439af757cd19c85240fa8d3a50daeace696b9d0ba146fe34758
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 19:36:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
230046
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15918
x-xss-protection
0
last-modified
Tue, 27 Sep 2022 16:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 28 Sep 2023 19:36:04 GMT
generate_204
tpc.googlesyndication.com/ Frame C984 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?hn3t9Q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 11:30:10 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022092701&jk=1824631024451244&bg=!nZ6lntrNAAYQgTJdMIE7ACkAdvg8WhfghJPfj2tyybIa5OpmvHglQPHa5sl6ax66FHSNxrGHqf3rnwIAAABoUgAAAAJoAQeZAplmMSjEW3ESIYYkw6AjFQJv7ru717sD7V9hk9katcMc0fg_nHLlJ5nMr1aww54e54hN5XOk9IBSGlj999QZy8nOq6JDhKrZS5rhX5YlVxk4YXo08lQByCdYPZSypBnVgi1mJenpvVx6-pPhmV5xb43kroM3N1FvA1nbjNy0CiDcI3lTbVQb52NFdKZlrjY-LcFoFwRZY3H5W0L20Azf7TEoVnB1lwzzzbjK4j0-8y7yLLHB8cAr7k7lXPGXW6gneDN7ehldkq_bQjkyGm_ruAo4XfEXrOMRKvbFdB9JNIdpnXE994Thwla3jZOQCgXCDhM5-Ua4g7HYcYVaW5FK7x3fwV0UXlENbJ-wtnRAXYWOoaIrSylHFEWP3s1PvxOvOJ3bW7KU1hdsuLB5yGFOy8MRjtRTpftT66f8BnFpP5NTLIa0zxVm4QB_PS7JdTC76WQYr-VcbcKUz9VzRlwWzxoCFm8zUZ32UCUjQQSMBlwOUovY3Y8X3xZWlG7qJ1QKvq2LLg47IFzEj8tTQbedbR7IZPyW4H4PKWsDxY9ltcP9fLT_Lvozxt25Fz3DjEa9R-Cw0dUsQlHJGe1ENYOMWcPADUcVFGGT9puyiruRSCqLqa_qNvfOoMtPezNE6ItXW3XF6_OaGAl7ztelp0HhfJuLkoM7enR_YorDa3_OmRfHn2qrZmE_J0U0ItozzxYRwyaklKrKiVJDye51HBM4_svQUNDek1-mzJ7EC6PpOzi3nXVHuCtOzXKGHYRP89wLBkYOnGyAcxU_howdU-0VEMVx0tYr68DJNmz09QJnxU3M1Fm0QiNVHP2alVkORs01fCUMrYt4LHJhJiaV0Yu-RNvqu1q0NKkL9cNq236Fk35mJ2h2NCAFamhSyQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ads.servenobid.com
URL
https://ads.servenobid.com/adreq?cb=1776
Domain
ad.atdmt.com
URL
https://ad.atdmt.com/i/img;adv=11122207570744;ec=11122226302456;adv.a=6266241;c.a=28466995;s.a=3213511;p.a=345598515;a.a=537242143;cache=1779220074;

Verdicts & Comments Add Verdict or Comment

106 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| adpushup object| ucfad_async object| AMP object| adRecover object| AMP_CONFIG object| AMP_EXP object| __AMP_LOG function| HTMLElementOrig object| __AMP_ERRORS object| __AMP_MODE function| __AMP_REPORT_ERROR object| __AMP_TOP object| __AMP_SERVICES object| __AMP_URL_CACHE object| __AMP__EXPERIMENT_TOGGLES boolean| __AMP_TAG object| __AMP_EXTENDED_ELEMENTS function| __AMP_BASE_CE_CLASS object| ucf object| request string| paramsString function| setImmediate function| clearImmediate number| ampAdSlotIdCounter undefined| $ undefined| jQuery function| jqAlias string| currentState object| googletag object| _apPbJs object| hbAnalytics object| adpTags object| __AMP_EXPERIMENT_BRANCHES object| goog_identity_prom string| __AMP_DEFAULT_BOOTSTRAP_SUBDOMAIN number| ampAdGoogleIfiCounter object| google_reactive_ads_global_state object| gaGlobal number| ampAdPageCorrelator object| listeningFors number| 3pla object| ggeac object| google_tag_data object| google_js_reporting_queue object| _qevents object| _apPbJsChunk object| _pbjsGlobals object| mnet string| nobidVersion object| nobid object| Criteo object| ap_link_preview_states object| apLinkPreviewUtils object| apEuCountries object| google_ad_modifications number| google_global_correlator object| google_prev_clients undefined| google_measure_js_timing function| quantserve function| __qc object| ezt object| _qoptions function| qtrack boolean| noPreviewPage object| dataLayer function| gtag object| google_tag_manager function| onYouTubeIframeAPIReady object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| criteo_pubtag object| criteo_pubtag_prebid_117 object| Criteo_prebid_117 object| GoogleGcLKhOms object| google_image_requests

239 Cookies

Domain/Path Name / Value
.3lift.com/sync Name: sync
Value: CgoIoQEQ9qy9mrkwCgoIgQIQ9qy9mrkwCgoI4gEQ9qy9mrkwCgoI5gEQ9qy9mrkwCgoIhwIQ9qy9mrkwCgkICRD2rL2auTAKCQg6EPasvZq5MAoJCAsQ9qy9mrkwCgoIjAIQ9qy9mrkwCgkIXxD2rL2auTA=
.aralego.com/ Name: sspid
Value: a282cf22-f141-3b7f-8ac6-e5d987cf04c3
www.bg3.co/ Name: __AP_SESSION__
Value: adc40b9b-57e7-469d-8bc7-3f6bc489890c
.aralego.com/ Name: euconsent-v2
Value:
.aralego.com/ Name: gdpr
Value: 1
www.bg3.co/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.bg3.co/ Name: _pubcid
Value: bcbe0a45-c575-4303-b516-f96fcb5d81fc
.openx.net/ Name: i
Value: bcbe0a45-c575-4303-b516-f96fcb5d81fc|1664623787
.bg3.co/ Name: __gpi
Value: UID=00000a153b26165b:T=1664623788:RT=1664623788:S=ALNI_MbHODgTsRph-bxORIxFznCnayypgQ
.omnitagjs.com/ Name: ayl_visitor
Value: 5f2aee3a5ec6385d7cd4e25f4770daa8
.rubiconproject.com/ Name: khaos
Value: L8PU0VI1-22-89WR
.adnxs.com/ Name: icu
Value: ChgIm_VtEAoYASABKAEwrMngmQY4AUABSAEQrMngmQYYAA..
.adnxs.com/ Name: uuid2
Value: 2072648366779668424
.teads.tv/ Name: tt_viewer
Value: 907ab165-089b-4c11-a174-e8d92d26dfc5
.prebid.a-mo.net/ Name: __amc
Value: 1_1664623788_1664623788
.a-mo.net/ Name: amuid2
Value: 73a14bd1-6a49-4cf4-8290-591dcce62202
.prebid.a-mo.net/ Name: sd_amuid2
Value: 73a14bd1-6a49-4cf4-8290-591dcce62202
www.bg3.co/ Name: qcSxc
Value: 1664623788888
.quantserve.com/ Name: mc
Value: 633824ac-f2b29-65615-6d73c
.bg3.co/ Name: __qca
Value: P0-345706084-1664623788885
.doubleclick.net/ Name: DSID
Value: NO_DATA
.bg3.co/ Name: _ga_Z0TZ7TDHS1
Value: GS1.1.1664623790.1.0.1664623790.0.0.0
.bg3.co/ Name: _ga
Value: GA1.1.2018508922.1664623790
.doubleclick.net/ Name: IDE
Value: AHWqTUkw4UbE8JmQqkBfGJdKTGPJ2dj8xKvkGl6zPPQhVLyzDOBY-k54TjEvv4Rtvok
.adsrvr.org/ Name: TDID
Value: 94fe3cf1-3e44-4ca9-b31e-4d20824c3f42
.blismedia.com/ Name: b
Value: 633824AFC3E1BBB933C2C1DDBLIS
.3lift.com/ Name: tluid
Value: 2939912386228364825663
.media.net/ Name: visitor-id
Value: 3076253916830339000V10
.bg3.co/ Name: __gads
Value: ID=6f4c87a071f79544:T=1664623788:S=ALNI_MbTw2RbVr2MNChXtlVk6922gQUwRg
.media.net/ Name: data-ttd
Value: 94fe3cf1-3e44-4ca9-b31e-4d20824c3f42~~1
.dap.fw-ad.jp/ Name: user
Value: e86dc454-2298-3e41-96e5-8276e76303e1
.dap.fw-ad.jp/ Name: gcm_usec
Value: 1664623792028000
.360yield.com/ Name: tuuid
Value: 90e3369f-9787-4a86-846e-f09c73e2c0d6
.360yield.com/ Name: tuuid_lu
Value: 1664623792
.fout.jp/ Name: uid
Value: ATp_DkWTWucB4tredQv1-p-fHBY
.media.net/ Name: data-g
Value: CAESEDL-Uy_FzE-v01Rls63mTCY~~6
.socdm.com/ Name: SOC
Value: YzgksMCo8X8AAG-4u3UAAAAA
.mathtag.com/ Name: uuid
Value: 76ed6338-24b0-4800-bca5-671c290429af
.mathtag.com/ Name: mt_mop
Value: 4:1664623792
.reemo-ad.jp/ Name: deviceIdentifier
Value: FMJTXiArlfKFrBnekuhrjUaURIRxbwIk
.reemo-ad.jp/ Name: sync_gadx
Value: 1
.adform.net/ Name: C
Value: 1
.bidswitch.net/ Name: tuuid
Value: c517c859-213d-4ae2-834e-1c2a02286ba3
.bidswitch.net/ Name: c
Value: 1664623792
.bidswitch.net/ Name: tuuid_lu
Value: 1664623792
.sitescout.com/ Name: ssi
Value: 3d49a6ac-d87e-4a39-b330-2be731fd80cb#1664623792527
.zemanta.com/ Name: zuid
Value: gU44aKoIYdcgRJmSt6ri
.casalemedia.com/ Name: CMPS
Value: 4758
.adform.net/ Name: uid
Value: 5401464212225013440
.sitescout.com/ Name: _ssuma
Value: e30
.casalemedia.com/ Name: CMID
Value: YzgksIzwkGH2s7rQXrj5agAA
.casalemedia.com/ Name: CMPRO
Value: 4758
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
.mookie1.com/ Name: id
Value: 10524419749888161839
.mookie1.com/ Name: mdata
Value: 1|10524419749888161839|1664623793433
.mookie1.com/ Name: ov
Value: 96a1a8570f05b5dd3032afcd222b8369
.ctnsnet.com/ Name: gid_CAESEES2FtrR1s9AQtG9nC0u9vQ
Value: 1
www.bg3.co/ Name: pbjs-unifiedid
Value: %7B%22TDID%22%3A%2294fe3cf1-3e44-4ca9-b31e-4d20824c3f42%22%2C%22TDID_LOOKUP%22%3A%22TRUE%22%2C%22TDID_CREATED_AT%22%3A%222022-09-01T11%3A29%3A53%22%7D
.openx.net/ Name: pd
Value: v2|1664623793|jElYiuvOiahI
.id5-sync.com/ Name: id5
Value: fd5a018a-68f1-4de6-9a1a-c53086c4597c#1664623793310#2
.id5-sync.com/ Name: 3pi
Value:
.id5-sync.com/ Name: callback
Value:
.tapad.com/ Name: TapAd_TS
Value: 1664623793893
.tapad.com/ Name: TapAd_DID
Value: a1b328e9-f147-491b-836f-9bdb746f7b7d
.socdm.com/ Name: SOSYNC
Value: anNvbjp7Im9wZW54IjoxNjY0NjIzNzk0fQ
.openx.net/ Name: univ_id
Value: 537072971|94fe3cf1-3e44-4ca9-b31e-4d20824c3f42|1664623794088762
.bing.com/ Name: MUID
Value: 1A00498FD83D6CE424B15BBFD90F6D58
.c.bing.com/ Name: MR
Value: 0
.media.net/ Name: data-o
Value: a73e5c83-c7f2-4614-8c8f-4fe91d9520dd~~8
.linkedin.com/ Name: li_sugr
Value: 08b872fc-32a5-438d-9e82-08ec3ee4e122
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&d53a9811-d591-418d-8fe9-d22a4e05ff3c"
.linkedin.com/ Name: lidc
Value: "b=VGST08:s=V:r=V:a=V:p=V:g=2416:u=1:x=1:i=1664623794:t=1664710194:v=2:sig=AQFUw9DPlVktBr5R2eK9aR9_qk7WHaIP"
.media.net/ Name: data-a
Value: 2072648366779668424~~8
.media.net/ Name: data-mm
Value: 76ed6338-24b0-4800-bca5-671c290429af~~8
.bg3.co/ Name: cto_bidid
Value: jCbc4V9VVHpMWUdlM0JsbEQ0QW9lWEFVbjg5YU5KVSUyQlNtSktqcHBBbXVjcFlqczZobGlzVk5HbVZuYTBTbEp3MzlTeGxLbE80JTJGUVA1byUyQmJ3Y1hiRUhXYUw2dyUzRCUzRA
.ladsp.com/ Name: cr
Value: 1
.prebid-server.rubiconproject.com/ Name: uids
Value: eyJ1aWRzIjp7fSwidGVtcFVJRHMiOnsiYW14Ijp7InVpZCI6IjczYTE0YmQxLTZhNDktNGNmNC04MjkwLTU5MWRjY2U2MjIwMiIsImV4cGlyZXMiOiIyMDIyLTEwLTE1VDExOjI5OjU0LjQ2NjYzNzI0OFoifSwicnViaWNvbiI6eyJ1aWQiOiJMOFBVMFZJMS0yMi04OVdSIiwiZXhwaXJlcyI6IjIwMjItMTAtMTVUMTE6Mjk6NTQuNDY0ODQ2NDczWiJ9fSwiYmRheSI6IjIwMjItMTAtMDFUMTE6Mjk6NTQuNDY0ODQ1NDk0WiJ9
.yandex.ru/ Name: yuidss
Value: 2744937091664623794
.yandex.ru/ Name: yandexuid
Value: 2744937091664623794
.a-mx.com/ Name: amuid2
Value: 73a14bd1-6a49-4cf4-8290-591dcce62202
.mookie1.com/ Name: syncdata_TAP
Value: 1
.turn.com/ Name: uid
Value: 9043219101811047819
.w55c.net/ Name: wfivefivec
Value: FYSE5HS21OEAGS5
.ladsp.com/ Name: smn_uid
Value: cJ6XAuUQdc0JUNr7T06z6A7FribCwWg
.ladsp.com/ Name: lum
Value: CJO0vZq5MBIFCAMQ0AU
.demdex.net/ Name: demdex
Value: 56696422625813650822920993803629323163
.w55c.net/ Name: matchmedianet
Value: 5
.mookie1.com/ Name: syncdata_IOW
Value: 1
.yahoo.com/ Name: A3
Value: d=AQABBLIkOGMCEK-sJa5GRw8QkW0WIiDDswsFEgEBAQF2OWNCYwAAAAAA_eMAAA&S=AQAAArG-BCtMeBydz4we5zc3l_Q
.adobe.demdex.net/ Name: adobe
Value: 56696422625813650822920993803629323163
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 8D85E5DC-08FA-4FF0-A24B-85016B0F6E64
.adsymptotic.com/ Name: U
Value: 0b25cb0ccd6565e8e3c5612e3139cebe
.prebid.a-mo.net/ Name: _sv3_2
Value: 1
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_zslzmtoZmZiZmRsbmlqYGoBAHQmhV0QAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNrQ0NzYysLQ0MzU1szQ3tzQxNBfiM9QtCM_3KkkNzLEwDY8AAEGfZbUlAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNrQ0NzYysLQ0MzU1szQ3tzQxNBfiM9QtCM_3KkkNzLEwDY8AAEGfZbUlAAAA
.media.net/ Name: data-xu
Value: FYSE5HS21OEAGS5~~8
.media.net/ Name: data-rk
Value: 1973209965569779391~~8
.prebid.a-mo.net/ Name: _sv3_10
Value: 1
.media.net/ Name: data-bs
Value: c517c859-213d-4ae2-834e-1c2a02286ba3~~1
.prebid.a-mo.net/ Name: _sv3_6
Value: 1
.prebid.a-mo.net/ Name: _sv3_0
Value: 1
.w55c.net/ Name: matchpubmatic
Value: 5
.quantserve.com/ Name: d
Value: EOIBDgGdJ4EO-TA
.analytics.yahoo.com/ Name: IDSYNC
Value: "196y~27gz:18z8~27gz"
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.adnxs.com/ Name: anj
Value: dTM7k!M4/QE:2jUF']wIg2Ileid]3o!]tck8i_iqf!oN/@E'zz<*Z0QuMeOO4y1UUt^ReL/-yU^T#A62qzM_>0UlUGTD._*Pl[g2ozGM5YwX@DHSgFVT-FJWGV2]G[KD_jEyo)PE<1bTG5)(zWAJB.E:X)s^Wo4CPsXH%!1:)]qQusg
.adnxs.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJhbXgiOnsidWlkIjoiNzNhMTRiZDEtNmE0OS00Y2Y0LTgyOTAtNTkxZGNjZTYyMjAyIiwiZXhwaXJlcyI6IjIwMjItMTItMzBUMTE6Mjk6NTVaIn19LCJiaXJ0aGRheSI6IjIwMjItMTAtMDFUMTE6Mjk6NTVaIn0=
.media.net/ Name: data-pba
Value: 8D85E5DC-08FA-4FF0-A24B-85016B0F6E64~~8
.disqus.com/ Name: zeta-ssp-user-id
Value: ua-44048bd6-d037-3622-a23e-aef37ce26cb4
.prebid.a-mo.net/ Name: _sv3_9
Value: 1
.mfadsrvr.com/ Name: tuuid
Value: 0884cce6-0a2a-4aaf-b0b2-bb7e3f84e41e
.mfadsrvr.com/ Name: c
Value: 1664623795
.mfadsrvr.com/ Name: tuuid_lu
Value: 1664623795
.prebid.a-mo.net/ Name: _sv3_7
Value: 1
.servenobid.com/ Name: pid_339
Value: y-vdHtIrVE2uFcEGZjJs52xF2hrrLTWrBGTAGwAG4-~A
.servenobid.com/ Name: pid_337
Value: y-vdHtIrVE2uFcEGZjJs52xF2hrrLTWrBGTAGwAG4-~A
ads.playground.xyz/ Name: connect.sid
Value: s%3Ai3P9kPrtmi5Hc2PovD82GrjSIEZykr2m.aMhKiXtBs9XT8JE1VinsoxWMh%2BemQU784i1DCvKRMh4
.smartadserver.com/ Name: pid
Value: 6873485177772978593
.ctnsnet.com/ Name: cid
Value: 100209cc1f2c4b7387ee01622b6005ea
.media.net/ Name: data-ze
Value: gU44aKoIYdcgRJmSt6ri~~8
.servenobid.com/ Name: pid_312
Value: 2072648366779668424
.flashtalking.com/ Name: flashtalkingad1
Value: "GUID=53877C0F717323"
.servenobid.com/ Name: pid_324
Value: 1973209965569779417
.taboola.com/ Name: t_gid
Value: 378a9188-a731-45f0-a73e-e5f9f5b7b9bd-tucta31aa33
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-399b6623-35a5-47a7-9e2f-fda9227d4571-004%22%7D
.gumgum.com/ Name: vst
Value: a_715bfe67-7186-4deb-a640-bcd6732ed31b
.mookie1.com/ Name: syncdata_NEU
Value: 1
.c.appier.net/ Name: _auid
Value: kxcGQtQEBBSXnUDcsyQ4Yw
.ambientdsp.com/ Name: _aGeoIp
Value: AU-Sydney
.ambientdsp.com/ Name: _aUID
Value: x9m1skr4q2s
.adgrx.com/ Name: ADGRX_UID
Value: 5fc2e776-417c-11ed-8ed9-1f1deff20cfe
.prebid.a-mo.net/ Name: _sv3_8
Value: 1
.agkn.com/ Name: ab
Value: 0001%3AnwpcV3mwkHRz3L8atKBnWL01bOSwUtgO
.media.net/ Name: data-r
Value: L8PU0VI1-22-89WR~~1
.mfadsrvr.com/ Name: ssh
Value: !medianet,1664623795
.media.net/ Name: data-r1
Value: RX-399b6623-35a5-47a7-9e2f-fda9227d4571-004~~8
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-5401464212225013440&KRTB&23263-5401464212225013440
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-9043219101811047819&KRTB&23150-9043219101811047819
.pubmatic.com/ Name: KRTBCOOKIE_1159
Value: 23138-100209cc1f2c4b7387ee01622b6005ea&KRTB&23328-100209cc1f2c4b7387ee01622b6005ea
.pubmatic.com/ Name: KRTBCOOKIE_107
Value: 1471-uid:FYSE5HS21OEAGS5
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:76ed6338-24b0-4800-bca5-671c290429af&KRTB&16736-uid:76ed6338-24b0-4800-bca5-671c290429af&KRTB&23019-uid:76ed6338-24b0-4800-bca5-671c290429af&KRTB&23208-uid:76ed6338-24b0-4800-bca5-671c290429af
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-94fe3cf1-3e44-4ca9-b31e-4d20824c3f42&KRTB&22918-94fe3cf1-3e44-4ca9-b31e-4d20824c3f42&KRTB&23031-94fe3cf1-3e44-4ca9-b31e-4d20824c3f42
.simpli.fi/ Name: suid
Value: 97D47A47F6B9400A97521DB78B233043
.tribalfusion.com/ Name: ANON_ID
Value: asnseFxZduB7RApTrruFfJ1xe7NpvRCgZdIEGSWUjHOtSQQJPSXnRrpX7PF08FZcseeWUIJUB2MFG54FGDF78nP
.lijit.com/ Name: _ljtrtb_273657
Value: 273657
.lijit.com/ Name: ljt_reader
Value: FaGxERZH5G4Rz8iZSgm50Jbs
.servenobid.com/ Name: pid_333
Value: YzgksIzwkGH2s7rQXrj5agAAEpYAAAIB
.pubmatic.com/ Name: KRTBCOOKIE_1290
Value: 23368-x9m1skr4q2s
.adgrx.com/ Name: ADGRX_CM_PUBMATIC_BRIDGED
Value: 1
.dotomi.com/ Name: DotomiTest
Value: 1798968b8481b22
.dyntrk.com/ Name: dyn_u
Value: 07030002_633824b3df0a1
.prebid.a-mo.net/ Name: _sv3_3
Value: 1
pb-server.ezoic.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJhbXgiOnsidWlkIjoiNzNhMTRiZDEtNmE0OS00Y2Y0LTgyOTAtNTkxZGNjZTYyMjAyIiwiZXhwaXJlcyI6IjIwMjItMTAtMTVUMTE6Mjk6NTUuOTM2MTQyMjZaIn19LCJiZGF5IjoiMjAyMi0xMC0wMVQxMToyOTo1NS45MzYxMzcxMVoifQ==
.servenobid.com/ Name: pid_309
Value: a_715bfe67-7186-4deb-a640-bcd6732ed31b
.ow.pubmatic.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJhbXgiOnsidWlkIjoiNzNhMTRiZDEtNmE0OS00Y2Y0LTgyOTAtNTkxZGNjZTYyMjAyIiwiZXhwaXJlcyI6IjIwMjItMTAtMTVUMTE6Mjk6NTYuMDA3MDQ1MzgyWiJ9fSwiYmRheSI6IjIwMjItMTAtMDFUMTE6Mjk6NTYuMDA3MDMyNjY4WiJ9
.media.net/ Name: data-mf
Value: 0884cce6-0a2a-4aaf-b0b2-bb7e3f84e41e~~1
.rlcdn.com/ Name: pxrc
Value: CLTJ4JkGEgUI6AcQABIFCOhHEAA=
.pubmatic.com/ Name: KRTBCOOKIE_1003
Value: 22761-5fc2e776-417c-11ed-8ed9-1f1deff20cfe&KRTB&23275-5fc2e776-417c-11ed-8ed9-1f1deff20cfe
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-399b6623-35a5-47a7-9e2f-fda9227d4571-004%22%7D
.dpm.demdex.net/ Name: dpm
Value: 56696422625813650822920993803629323163
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEBozjSKqMhSVECGeGEc5VPY&KRTB&16514-CAESEBozjSKqMhSVECGeGEc5VPY&KRTB&23025-CAESEBozjSKqMhSVECGeGEc5VPY&KRTB&23386-CAESEBozjSKqMhSVECGeGEc5VPY
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-MGQa3jRjSIUrMRuENG4E0DNhGNMrYU3RNTQ2eBxi&KRTB&19420-MGQa3jRjSIUrMRuENG4E0DNhGNMrYU3RNTQ2eBxi&KRTB&22979-MGQa3jRjSIUrMRuENG4E0DNhGNMrYU3RNTQ2eBxi&KRTB&23403-MGQa3jRjSIUrMRuENG4E0DNhGNMrYU3RNTQ2eBxi
.pubmatic.com/ Name: KRTBCOOKIE_904
Value: 16787-kxcGQtQEBBSXnUDcsyQ4Yw&KRTB&23130-kxcGQtQEBBSXnUDcsyQ4Yw
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-2072648366779668424&KRTB&23339-2072648366779668424
.pubmatic.com/ Name: KRTBCOOKIE_148
Value: 19421-uid:97D47A47F6B9400A97521DB78B233043
.prebid.a-mo.net/ Name: _sv3_4
Value: 1
.sharethrough.com/ Name: stx_user_id
Value: 67a9af7e-548e-4a4f-8e27-a2f981b6b67a
.servenobid.com/ Name: pid_310
Value: FaGxERZH5G4Rz8iZSgm50Jbs
pb.vuukle.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJhbXgiOnsidWlkIjoiNzNhMTRiZDEtNmE0OS00Y2Y0LTgyOTAtNTkxZGNjZTYyMjAyIiwiZXhwaXJlcyI6IjIwMjItMTAtMTVUMTE6Mjk6NTYuMjI1NDY4MTY3WiJ9fSwiYmRheSI6IjIwMjItMTAtMDFUMTE6Mjk6NTYuMjI1NDU0NTFaIn0=
x.yieldlift.com/ Name: ylxuid
Value: 3fbab279-df99-46d9-9c3d-c8799ece2554
.sportradarserving.com/ Name: c
Value: 1664623796
.sportradarserving.com/ Name: zuuid_lu
Value: 1664623796
c.deployads.com/ Name: d7s_dc
Value: 44ADMXb73a14bd1-6a49-4cf4-8290-591dcce62202O
.pubmatic.com/ Name: KRTBCOOKIE_32
Value: 11175-AAAJo70hm_7_NAMDUFRTAAAAAAA&KRTB&22713-AAAJo70hm_7_NAMDUFRTAAAAAAA&KRTB&22715-AAAJo70hm_7_NAMDUFRTAAAAAAA
pbs.nextmillmedia.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJhbXgiOnsidWlkIjoiNzNhMTRiZDEtNmE0OS00Y2Y0LTgyOTAtNTkxZGNjZTYyMjAyIiwiZXhwaXJlcyI6IjIwMjItMTAtMTVUMTE6Mjk6NTYuMjc5MjI0NjYyWiJ9fSwiYmRheSI6IjIwMjItMTAtMDFUMTE6Mjk6NTYuMjc5MjIxOTU4WiJ9
.contextweb.com/ Name: V
Value: KZDgWR6Ir1kd
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1geu|7bq.0.1
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: de106fcd9c298805
.admanmedia.com/ Name: admtr
Value: 57d42d5a-3fb3-4787-96a7-4ebf0bd6fe55
.admanmedia.com/ Name: ac_r
Value: CS32
.prebid.a-mo.net/ Name: _sv3_bid_switch
Value: 1
.bidr.io/ Name: bito
Value: AAZXNk7GcEkAAB9PjJRaeA
.bidr.io/ Name: bitoIsSecure
Value: ok
.servenobid.com/ Name: pid_314
Value: dd81a6c3-1df1-4e88-a46c-87c04117c7db
.technoratimedia.com/ Name: tads_uid
Value: GDPR
.outbrain.com/ Name: obuid
Value: 174b575e-1034-4441-a273-b219d8ad9ec9
.smartadserver.com/ Name: csync
Value: 130:57d42d5a-3fb3-4787-96a7-4ebf0bd6fe55|139:0
.pippio.com/ Name: did
Value: 1fmn7cK-qkAWlI5f
.pippio.com/ Name: didts
Value: 1664623796
.pippio.com/ Name: nnls
Value:
.creativecdn.com/ Name: u
Value: pxcF2x64uoLiTLWnoEml
.creativecdn.com/ Name: ts
Value: 1664623796
.amazon-adsystem.com/ Name: ad-id
Value: A6vYVEv1mUo7uWaovcAeXIw
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-3faf5242-7290-400b-68fb-4b2ccf8c152f.cHlKI9w4jQ7p2jHsePXdEatdO0U9MNXfIADW5vJafhs
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AP69SQnKQQAto-0ssz4wVL6310W8.1xarvzim4W6v0QBK7io4R6NdpojTn4kYISQl1OfMM94
.ipredictive.com/ Name: cu
Value: 9da30d26-9013-47a7-947b-a84377667183|1664623796729
.sportradarserving.com/ Name: zuuid_k
Value: 1
.sportradarserving.com/ Name: zuuid_k_lu
Value: 1664623796
.sportradarserving.com/ Name: zuuid
Value: 2758cffc-5454-4779-a5c9-09a00ea249e1
.rubiconproject.com/ Name: audit
Value: 1|WD0cx+9RTMJI5XQTp+47N7UyebV3a1st7IYm7cO+UuFxGZGlIlXFRytzQEqEF9Fp0EDmZOSFlB1gEJ9oO5p1Ev0exc+f0IZt
.criteo.com/ Name: uid
Value: cd058969-574d-41b3-a1f3-adfdd8272061
.flashtalking.com/ Name: _D9J
Value: ee7222d73af943c180794de7341d6278
.servenobid.com/ Name: pid_323
Value: L8PU0VI1-22-89WR
.pippio.com/ Name: pxrc
Value: CLXJ4JkGEgQIAhAAEgYI7OsBEAA=
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-c517c859-213d-4ae2-834e-1c2a02286ba3&KRTB&23280-c517c859-213d-4ae2-834e-1c2a02286ba3
.pubmatic.com/ Name: PugT
Value: 1664623797
pool.admedo.com/ Name: tuuid
Value: 994fa61a-1762-4b77-8d61-a867ac0d54bc
pool.admedo.com/ Name: c
Value: 1664623797
pool.admedo.com/ Name: tuuid_lu
Value: 1664623797
.linksynergy.com/ Name: rmuid
Value: e0193312-ab58-4b1d-9c17-87147c76a43f
.linksynergy.com/ Name: icts
Value: 2022-10-01T11:29:57Z
.rlcdn.com/ Name: rlas3
Value: m7md1h6c+bN6vjSGAK4msMhPd4jJdlOFsQl6eJUdw0U=
.adingo.jp/ Name: ID
Value: 47fc71f165d9bbd63afc65765d8453b5
.casalemedia.com/ Name: CMTS
Value: 5313
.pubmatic.com/ Name: DPSync3
Value: 1665187200%3A248_164%7C1664668800%3A174%7C1665792000%3A197_201_226_245
.pubmatic.com/ Name: SyncRTB3
Value: 1665792000%3A107_209_204_5_8_7_234_165_222_22_99_238_54_56_231_247_176_220_189_3_179_96_21_13_71%7C1665446400%3A63%7C1665187200%3A15_2_223%7C1669766400%3A69%7C1665878400%3A35
.servenobid.com/ Name: pid_332
Value: f3206ff4-db54-4473-a11d-cc170a0d2c5f
.adsrvr.org/ Name: TDCPM
Value: CAESFgoHc3Z4OXQ1MBILCKyQr7XJ6pE7EAUSFgoHcnViaWNvbhILCNj9qr3J6pE7EAUSFQoGY2FzYWxlEgsI1J6cwcnqkTsQBRIUCgV0YXBhZBILCKDTwOLJ6pE7EAUYASABKAIyCwigy8OP4OqROxAFOAFaBXRhcGFkYAI.
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value: 1!6587
.semasio.net/ Name: SEUNCY
Value: 1C2A066ACBDD1C38
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 7
.pubmatic.com/ Name: pi
Value: 0:4
.ads.pubmatic.com/ Name: pubsyncexp
Value: 1664645399194
.crwdcntrl.net/ Name: _cc_dc
Value: 2
.crwdcntrl.net/ Name: _cc_id
Value: 9ccae8a8af50cf2f91da1c6e0cb6eb27
.servenobid.com/ Name: pid_317
Value: 6873485177772978593
.go.sonobi.com/ Name: __uis
Value: 1f464d14-05ee-40ea-a166-3b91b9662be6
.pubmatic.com/ Name: SPugT
Value: 1664623800
.servenobid.com/ Name: pid_327
Value: 73a14bd1-6a49-4cf4-8290-591dcce62202
.servenobid.com/ Name: pid_346
Value: ua-44048bd6-d037-3622-a23e-aef37ce26cb4
.adpushup.com/ Name: ap_uid
Value: 67e78650-417c-11ed-8256-000d3ac6e8ba
.adpushup.com/ Name: ap_usid
Value: 67e78651-417c-11ed-8256-000d3ac6e8ba
.bg3.co/ Name: cto_bundle
Value: X3PrEF9NWDVtJTJGQ2FWQmU0MkQ3UUt4eGdPVDJWUmRmeTZvazRTNk92MTlQamZ4NXp4VE5PVWs5emhQT1VTcWY0M3M0M1M3VThSJTJGMG5GbmVKMmNtbE5PeG10WGlTc1VuMEJrNklUVHl6OFVINmRQaCUyRkhNbmh5WFR2cDElMkZhRzkxV3lBWjJFOGt3VEpCV2VzRmRDZTFoNFl2ZXdGQSUzRCUzRA

8 Console Messages

Source Level URL
Text
other warning URL: https://cdn.ampproject.org/v0/amp-ad-exit-0.1.js(Line 1)
Message:
Unrecognized feature: 'attribution-reporting'.
network error URL: https://cdn.adpushup.com/42753/L2EvcWlhbmctbmktZGFpLXB1LW5hbi1zaGVuLWppLWxhby0xM3N1aS1rZS1uZW5nLXl1YW4teWluLXB1LWd1YW5nLmh0bWw=.json
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://ad.atdmt.com/i/img;adv=11122207570744;ec=11122226302456;adv.a=6266241;c.a=28466995;s.a=3213511;p.a=345598515;a.a=537242143;cache=1779220074;
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
Message:
Failed to load resource: the server responded with a status of 503 ()
network error URL: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D
Message:
Failed to load resource: the server responded with a status of 503 ()
network error URL: https://sync-tm.everesttech.net/upi/pid/gjIEMT18?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D94%26partneruserid%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 503 ()
network error URL: https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 503 ()
javascript warning URL: https://www.bg3.co/a/qiang-ni-dai-pu-nan-shen-ji-lao-13sui-ke-neng-yuan-yin-pu-guang.html
Message:
The resource https://d-22584574612209393543.ampproject.net/2209142312000/nameframe.html was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

318a65eb6825e2da5df410395aa8245e.safeframe.googlesyndication.com
4ba42ddf9525c38ddaa3d364ddd556c5.safeframe.googlesyndication.com
a.sportradarserving.com
a.teads.tv
a.tribalfusion.com
aa.agkn.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.360yield.com
ad.atdmt.com
ad.doubleclick.net
ad.turn.com
ade.googlesyndication.com
adobe.demdex.net
adpushup-d.openx.net
ads.aralego.com
ads.playground.xyz
ads.pubmatic.com
ads.servenobid.com
adservice.google.com
adservice.google.com.au
adx.holmesmind.com
an.yandex.ru
ap.lijit.com
aplogger.adpushup.com
assets.a-mo.net
b1sync.zemanta.com
bh.contextweb.com
bidder.criteo.com
c.bing.com
c.deployads.com
c1.adform.net
cc.adingo.jp
cdn.adpushup.com
cdn.ampproject.org
cdn.aralego.net
cdn.doubleverify.com
cdn.flashtalking.com
cdn.indexww.com
cdn.jsdelivr.net
ce.lijit.com
cm.adform.net
cm.adgrx.com
cm.ambientdsp.com
cm.g.doubleclick.net
cms.quantserve.com
code.jquery.com
contextual.media.net
core.iprom.net
cr-p3.ladsp.com
creativecdn.com
cs.admanmedia.com
cs.emxdgt.com
cs.media.net
csync.loopme.me
d-22584574612209393543.ampproject.net
d.adroll.com
d9.flashtalking.com
delivery.adrecover.com
dis.criteo.com
dpm.demdex.net
dps.jp.cinarra.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
e3.adpushup.com
eae788224dba35857150c6163776964a.safeframe.googlesyndication.com
eb2.3lift.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
g2.gumgum.com
gocm.c.appier.net
google.dap.fw-ad.jp
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
grid.bidswitch.net
gu.dyntrk.com
gum.criteo.com
hb-api.omnitagjs.com
hblg.media.net
htlb.casalemedia.com
ib.adnxs.com
id.a-mx.com
id5-sync.com
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
ipac.ctnsnet.com
jp-u.openx.net
js-sec.indexww.com
lg3.media.net
match.360yield.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
match.taboola.com
odr.mookie1.com
onetag-sys.com
ow.pubmatic.com
p.adsymptotic.com
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
pb-server.ezoic.com
pb.vuukle.com
pbs.nextmillmedia.com
pippio.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
pm.w55c.net
pool.admedo.com
pr-bh.ybp.yahoo.com
prebid-server.rubiconproject.com
prebid.a-mo.net
prebid.media.net
public.servenobid.com
pubmatic-match.dotomi.com
px.ads.linkedin.com
pxl.qccerttest.com
qsearch-a.akamaihd.net
rtb-csync.smartadserver.com
rtb.gumgum.com
rtb.mfadsrvr.com
rtb.openx.net
rtb0.doubleverify.com
rules.quantcount.com
s.amazon-adsystem.com
s.tribalfusion.com
s0.2mdn.net
secure-assets.rubiconproject.com
secure.adnxs.com
secure.flashtalking.com
secure.quantserve.com
securepubads.g.doubleclick.net
servedby.flashtalking.com
simage2.pubmatic.com
simage4.pubmatic.com
ssbsync-global.smartadserver.com
ssbsync.smartadserver.com
ssp.disqus.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
stags.bluekai.com
static.bg3.co
static.criteo.net
sync-dsp.ad-m.asia
sync-tm.everesttech.net
sync.1rx.io
sync.aralego.com
sync.crwdcntrl.net
sync.dsp.reemo-ad.jp
sync.fout.jp
sync.go.sonobi.com
sync.inmobi.com
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.technoratimedia.com
tags.rd.linksynergy.com
tg.socdm.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
tps.doubleverify.com
tpsc-ae1.doubleverify.com
tr.blismedia.com
trc.taboola.com
u.openx.net
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
usersync.gumgum.com
warp.media.net
www.bg3.co
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
x.yieldlift.com
ad.atdmt.com
ads.servenobid.com
103.229.10.211
103.229.206.241
103.231.98.194
103.231.98.197
103.3.63.48
104.119.104.208
104.16.88.20
104.18.102.194
104.18.12.76
104.18.18.126
104.18.19.126
104.18.35.11
104.19.158.19
104.19.172.108
104.21.41.253
104.211.156.162
104.254.150.228
104.254.151.36
104.26.2.91
107.178.244.193
107.178.254.65
119.9.108.191
124.146.215.42
13.107.42.14
13.112.222.132
13.112.54.241
13.213.209.254
13.214.106.63
13.33.33.38
13.33.33.43
13.33.33.86
13.33.88.20
13.76.45.37
142.250.4.148
142.250.4.155
142.251.10.155
142.251.10.156
142.251.12.102
142.251.12.148
142.251.12.155
142.251.12.94
142.251.12.97
143.198.114.225
145.40.88.5
150.136.26.45
150.95.47.241
151.101.130.49
151.101.193.44
162.19.138.82
169.197.150.8
172.217.194.132
172.217.194.94
172.217.194.95
172.253.118.154
172.67.71.254
18.136.78.69
18.138.18.111
18.142.166.252
18.142.38.64
18.155.68.101
18.176.21.36
18.176.32.10
18.179.72.109
18.180.216.240
182.161.73.129
182.161.73.136
182.161.73.145
182.161.73.146
184.25.220.23
184.25.220.49
184.25.221.62
184.25.248.23
184.25.249.212
185.184.8.90
185.84.60.29
195.5.165.20
198.8.71.129
20.127.253.7
202.131.200.84
202.232.238.37
204.79.197.200
205.185.216.10
209.191.163.209
209.191.163.210
209.197.3.19
209.58.171.197
213.180.193.90
23.106.127.165
23.106.127.52
23.106.69.72
23.15.148.136
23.20.206.0
23.44.0.183
23.44.0.196
23.44.1.2
3.224.71.39
3.92.9.222
34.102.253.54
34.107.148.139
34.149.43.113
34.223.235.65
34.251.200.30
34.96.105.8
34.98.67.3
35.156.36.186
35.186.193.173
35.186.253.211
35.190.60.146
35.213.111.127
35.213.12.39
35.213.93.179
35.227.202.26
35.244.159.8
35.247.47.28
35.71.131.137
35.71.178.8
37.157.5.142
38.133.127.159
42.99.140.144
42.99.140.200
42.99.140.216
46.137.211.219
50.116.239.135
50.16.238.86
51.79.234.101
52.209.60.98
52.220.40.119
52.46.130.91
52.74.101.6
52.74.118.249
52.74.162.2
52.76.92.197
52.84.45.7
52.87.71.254
52.95.126.160
54.168.48.215
54.186.254.183
54.243.184.83
54.69.10.121
54.95.110.129
64.120.88.131
64.202.112.255
66.155.71.150
67.199.150.77
67.199.150.81
67.199.150.85
67.199.150.86
69.16.175.10
69.173.151.100
69.173.158.64
69.173.158.65
72.34.250.75
74.118.186.45
74.125.130.154
74.125.130.156
74.125.200.94
74.125.24.105
74.125.24.154
74.125.24.155
74.214.196.131
80.77.87.163
84.17.37.44
89.207.22.140
00168dcc69e00fc1df0371bbb8114642cfa24e45813524b20da3f8cac9a7b040
001acbb15d9c69510c0817e6dde361bff098406fad182ab3c367f86ff3da8343
00386a33911d4af07ed9e5dda85bf17491c5b223328eea64f5f10dfd4f2f2cc6
00fb204ddd6b58906c589f9f8fc397dc1942fd3c0f2649347f8f305867f83446
010f899056cef7e818c05ac09694977ca3f46ef565b1cadf682313efe761c53b
01a989def5188d77aee84e4ce053666e0c5d2207bb7570c9d4991632afac09c9
028a9bb83d9f82aeb1748c31f1b57062fac5aa30ac3e28fe92d9b40315cbd077
0524b5a3077167374dab3f78edfcef847c640882135ed6676147871d132d08c5
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
05ffca47ecfa965ea69ff5b6b123560d8be63da162be40310b6199c26a6ea3d0
062b1602ee83e62da1e80a3b9fd51f3da905787ca18512843b7708c32b527dae
068fc24eba7d06f7991b4b97da0a20abcb585b8a9e3947b1ef55de06566b93b3
072d26f5111bcf3fee58d188404c62bf1891f012825cfbb39e2590e7b1c79f93
07e0995e5ff39e3618d020d81059c953d9f0e2713b46cf53e945bbb936cb8879
0828d9957490e00ff0b46b40cc0bb3db1cfb49d5adc37145aa58d29de70e8c8f
08a47e9edadf59b0492102ff9bb07ad592cf36b7f564e03245338d69bc7bfebd
08d787deb8e2e00d4adce7b4186d6d50d387db6ebdf00a9ef2ccec1f61797d28
0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9
09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651
0a2369a751f3053ccb3ded318d323026bdff42c1e269153dc54a585ddd8d7c36
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0e43d251a2b34d28c2cf166a8d2a91c216bb48f3263bebe0e7d272721a5e7032
0f00322f86491d3b13755fd4ca62ad36c5810604350d4f78ab872d68bff003af
1016eb418a00e0a7a7e68133b0119198d6ed79e5b48c3d3118af68159717f906
1018f938e0fb55712dfaf088b1295c23bfb178fdb7d7f516d8ae85d9cc00be81
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
13c48bf924bd5e2b83788394183c974a9b6d05ab89d7949e20f5d053b93258a6
14cfb5058acaf3af2f07088f1582f29941d7a4cc74fd1cea5050cecad862d154
173ff1ab35c037a6316d982ee5e6abcf6751c8a39454585401b886a741d3b333
18081ce898c81765e8058fdedff5cbff35a97756c441246c5eb6f9154c7dd588
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1b34bac0826242e279bb70b2fc252994383f2f21bfb390b547316e8db4d12b3d
1b69eb69fa598c6231a4ae3544ecf1122238e5cdb8713cc8fc3558709ced3289
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced
1c1c88379825dfb7f382dd516b19d289336c7bde5dc0531baf7d3b85049a39f1
1c479d0abecadc8d5fde30eeb515508b6148fa3d92dd617b427788d6c792b0a8
1d83c22da20bdaa17b94ab5767226765854735d420b79bae95c6b8ae8fd2ded3
1e4dc86604b5ed64a6a715f016c3fe788afd2b2928e39b9c0b7b85d2e3878f07
1ece948d98c5e739c54ec068ea618b60e9649127a30091b85ad155b63ce934e8
21902e4026c2f774fbd13f64845d6fd3a823c1ea64ee93e76a9fe06a49a74711
21f24c1c8d9c305c9ecf5328478aa9db3bfbde3521ce768aaa83b2feba23c68c
22f4941af6306aefae71e8b5312539f2451cfda9ca54aad8b6e77be9e3425c28
2520562822e2185a43e3f762ecaff923a12cbe74e242c9e044edcf45a93b25d1
25c06c024bfb192f5418b39ce069ebe46fda94e38b25ae781cc753fce98a2a24
265aa332f8386c4309e4e57fa53f6339e7a281249a2f14d5986b04b2b62eb35e
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16
27cced65a36d20cb899ce5a31c1177c0da15fbfdac2f875233bcfd34776a1457
28bf646c6e799ca96adb3a5b48fe882639d31e27102cad9ed2979555da55944a
28cb66b28620e11248fe5f9136a9a7d27bc42996d07b46af72c29284aa9e6e26
28dc46ca7136b4d6089128b4a537e94624c990ee5162d869cbd53b4b81faaea5
29ba4097debb6ffd4d50f791287e8293d698a3708ff6ce5b9dd0ef189441a495
2d7859177bc7463ff66f115b0139f4397b08c6fd66fc7f7aaa063dd6312414ce
2e052e0ae4262e73b88b5ab9095a78feee72951a25f3f57ab84c81d1a7841965
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347
3378135f525fc551ce49d2c117e9967735794757a4c71910d8c1b8fa38bf3f2c
34c9ee51c2dd7fafb4df5f5e0bbb0a2a3508db0692f97b90b44ab89a50a545ef
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
3734c01100f54eb39e2612827645a197465b209f0b058efd22d2aa04f34fb66c
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
3b54d37a1b4fc9a81078e43fc2d0a9a7adf95c5a2cb8960716049399b28453b4
3b699c2cd84c5722e0c9f34ec0c60a9f548901168f95d86b4f1df433a7b5cc60
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3bca3139bc826b63a52c2f28b1650324d5ec1d09b38e90570c74f94ae87de9a5
3c4cdd0ae679d1389631a6dcb08d6d5535a760c0307a51dee25b34bf06680607
3c739ccbfad2a264757c1608cb342f9829a077fad87b0cc079540ab03aeb2412
3d22c559724a407a86ab63ed23f0bb36d44d617ac68ba0bebae9f77e8b37c37e
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
41d70e3564216fc00ecdf7764e6eb5d71c2c22ed86a912a77ee91c0930e38c88
431a58dc58897302880473db8210721f9844aa1e1b0b6c29d9fa3b602ff645e0
46d1791d45e9e6840842ef90f192c2c6f1f4247baa7c1f32f2da75d3a05c0de2
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
470a967605af93705852871bcaca3190beb24b40dc6f3ef9e50357435cd5d81c
484ec1c347c17d7d3b98d5058aa5d90bb5c7315f3a67f44611e902de4be50831
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
49b19f7f2d3d0fc9d2270cd1ebd79d468ca86cf308f33b063595863e3f392e98
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bcb5c7672cd5053446fc242301e36a23898d0d5769f8d0798a04f92e71775bf
4cef27a2b3fd4003a5d5dbed0ca8e017902a6d2d454b6ff09ad119ba81f1b520
4d335a4f3b8eef7ea04141f851f67284af42c7b44cc22e250ee42aac9920b819
4ddad28860124e8c7f53ec0a14b1b67f9e9fd9fa8c7e083ba457d180409b45cd
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f0b3c6f49a501f95b830a10dee3fca97d1c3d0cf8f9ad9b2047a297c641e281
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
51bafcfe72351c0af2fe51cfc7bee6b3ae0e8f1219d73f9be0a706a76c94c494
53b2d93227aed1e39ad5c0baf449453d05567d303cd2b62af280f056a9d04fd3
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
540f48245870c99b467d8171b70e0fac699be40281033d7d90e4a70eb4666f0b
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54bcf47939a0c3c99b6e1c2ffb850422ef83f6f95f3b74bcad3b280851eb40c2
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57693f6e885b217c09e19455abe482cd4d46355ac3c7804f4f3007b75dc6de62
57ba9c79273602051bd0fa9f6dcd52a3f199dc59f134308efeeaad35424b8311
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
58ea98b4e76498e7001c9b66d100f0131797cd456bdaff0c8383e5b360a66dc2
5b43780c96623b3a913b0cbfe1284b1c393563fca74ce8676a412b77906d2d2b
5f95b5ab38cf5c6b6ac98665021e6bc6a48b3959e37094b613a4a911246a27a1
60124fb3ef6c2b27a806f40c62188fb221f02aa9b4d1ccaf371767ea08eba2ee
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
605b14697226eeb0be6b2c11db8206b70f4c8681c3f921e4ceca4793ce1a95ce
6132ba6965ed044c97dd0d0a99da4f3174cc6fa8ffc693bf420cf16e655415b0
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
630d602b744d1fbdd2dd125e51b2581743ba230c89578c0c566ba7a27b2b5764
650b2e3c7f96518f35734bd65759ad5522702bea1cca8b5b658af9428c4c3f84
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
66498b10bbf56b74295f601204470a512442489d5ff5f45a198a9d41ad6d5dd7
668fa45c3464bd338becaa929e58d375220b16a16af35768f2fa8045325e3ac8
6a61e335ab8e4e993b7fafd831c9f31249d80b8fb5c9cb135e4e08c8233749bb
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088
6d842a22c232b53ec7c74bce56df579e3387709608bde51b4c1f72667821d596
6e64a4894f14fab865296b82dd97d4d3ea3bcec78b5378d9b9ef57f5515948d8
6e84f3de4b97a001be90738b65e057db0d5d00b55c3969a28146e69441c0d4be
71456dbfbeaae91e6b16e5e116a17873e3be7cab776a756df4789a46e1aae83f
7149cdc8f8106ee38eba6bdf744e4e861973d7320ccf789e6844f9564dee375f
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658
78bdc0c4c6911e0c65402e638405914c6ae93b8c4a39e6081a117e0b3727a344
7910995fe66bbbc80af099fa2dd67f65d522840829671238ea2786346c05d84c
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
7a0049831d92582305911a42f5ed743a1fbd56c69247dddca678d36c9d71b85e
7a213b4c50cc8726cf59286f0c62929335cadb63f22eba1336362bcace532d74
7a695d75ed5265fb2f07d7f73e41ffe4acea9b5c5f6573294038d5ef560a0086
7e2ef08179686d02e267a482231d04074dd2df1d11abbb22b085a5a9a9973efe
7efdca1ce8a8ee4fb50887d9f88bdace1026e0f76ea1e64a802b97402d825a79
7f0d0bceea71a5f83c45cf3c926b7e9e5b51f9a8c3ac83b3d158c33eaf3a9a51
7f4e74aed850dea303e67ee0acdd4227477000d36391736273d4bb5db9acd251
80c1ec4610c6aa9a75f0d1b695d02f8c6df3fa4408f22650f00631840e4ed4a6
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83502e3e2d5c3de417af7c8f994f334ab7d80170f764201ef2e8167819afd960
835ef3e017fafb96a3e030ddf85ddd00483d3096922bc0334a36ecba61e2c53e
837945ba8481c74c635f622d9a07572ad7c231493893bde3996a9c5c7ff3aeec
8492f3fc13f89700f09e8a96308911979a6289be084af2c497ea54dbd7dd7f5f
857f6334cc515a921f6fafb0c1593db4f159be579213395388a0736a8e04d9f0
85af3052d288ffd9157258dfe4daf5309f0b64d0067ab8221cd0c62909c18419
86d8e892ceacd8c8a7e7125c68dd0e1b311f8399871b6d64b8b6795f0235c1d4
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
88455c9e51c8fdd216db8cfa62f5179eaac2c25076b277ca98fc5a18f59493c8
88b9dba27157f5c56ac539bad88dac0b11f98bcff4e40bc0c6b24dc5a59ade35
8972d0c800648a8dea7abcc52b7f5761067765b08bf1bc940246f7b279d737dc
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8b2f0234ec72232e4ffb1970a905a68bdd33d13eedc36767a6032241ba074e04
8df86175b747d53516e49ecbbfac5409c4bd4e14dc3333bbfc5149ef755dfe4e
907340577a2237cf39b2d5c2451b83bdfc665f4e19cb2ec906c92cab2fea7fe0
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
91f65381a2e3931a336f89ff44478d5ecf92e49d1e8d4f5c12f95bf47037a88b
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5
968012b3a49390a10d31c6d36b2aab796ec167a83378b5f9787756ee7cb035c5
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
98a65e9ad41e5e4582d6013091bac9d7cdfe8c93cd3454437ff75df748fe509e
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9abc20494d311ee34ff13a7a4c20fe9511386380de1fbd9de716ac693b193cd1
9b25ba5eb1422c9f8c8d2cd239ac3d161817b9a432fd5f790fe57f07ac07add8
9c97ee51e20f22a8083a18d417c52014fda7e3cb9f060e66b6999e8bbf282498
9dc99a92f9d68c0bb47cf55e03971e0f068090465859bd483c97bf9c6fdd32e3
9fcc897197316a84c3d467aef4a6ed8f6e984729e6f1e10c3b8a3c919147fd6b
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a168042ba9f591623b31c57fa168fdaffc16eef612ef857bf51350d863755428
a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628
a33320ac5c063e9fdb04f901ea7a049315eec40d0b660cac38ed383cfda422df
a38dfd96a98abb4bab17b72abc5451de3c9049d112f49f6cbb981b34b2b20dc6
a43a9f13209c31f8144a0001a7246a7900addbbde94931a8cf226607c172bdf4
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a673cc4b8d035afebd4faf1a62394d9919e23b2ffd552aaca01928dbe519fcef
a6c58614e73d738dba666a259861dbba24249fd22951ef20a746e7ff1fec61be
a6ece208276d94708f20cbfa92fd3edfa3e425e88352ccfd168a6cc25952c2ed
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a767a533f3ce1f00d117597e43d0b91638d73bf94ad763e63886bc4c1667fd7e
a8993772c9eb591474f38d257bebc8c4286703e1af72d04c8c294be5fff7b649
a96ad4768f32ec875b5e6d4ff9e5107eb19401974d337d1ff79e8da9f435f446
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aa446b1f105b20f07c49f55c8ea00ef9bc42d7f0c5f747319823f00a480ff7f6
aaaf0b2c3bd11afe20e1902624db617c2131b3272fabebd1160cb2f53dfb3750
ac2227e87edf050a6e16cf84350a83ce65e3758e0603d843d8df01e5165a40e2
ac7558531e00029e2a046a024f2d9ed89127f3f2a48dae2bccfc5b3ae50ace56
af9589c20e3f1b1175d81be3245a0615b694ab8d0e45ef15a2872f8379600db1
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b019fcc39df5749553d1a50d8a582587cd5a9d8885729de26e56d296308c9509
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1cff579f33ba53d412d862e211bbb38117465e346b143d6c7bd56f90eec4098
b24207967ac402c984033e70a55264014d8a2c4a6528b5196881e3781f0c5a44
b2846f489aec534c06de31b1be7cc5f7f9b231cc6b468859383229bf0b41cb28
b3e685b257930d612f6c533ada3f062bfca487b3297a3af03e4f9f5478ccbf36
b42f035c593881359488262fdaf928acd4b9e6129051810120cc361c2a9688dd
b626e525becd9c321151bee2d4e9e70fcf7873f4418c3fcf92359fddf0cf51fc
b6e85d7e4185e55b31c1b1e8fdbd03d7eefbc2a71efb773a4f19692baf91de00
b70cc9f1a2d7f477e54b9b2e3eceae9789ca29a5328c540e2a394ebdef461a60
b719a446401c59e2784e7979101371a8a12f04139b37c8632682ea60a5720b21
b7dda865117dfc8f7ed06feab6dfccc844b98a6cf8a7d889cadc444072a93b57
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
bcd4157c667d079f655297fad3b479f06a29fb4a8d289388f37d7ed20f897370
bd268d75b1713c916d922c2b680c1abc348afeb111991f07817c635c3e48bda6
bd88e1a1cd41009382185ba0f0ae4665b76babc366721247d240c6319813edcb
be7b95cc48a195f83a9400096043ea50a9e655d706701a9fd76ec58bdf06eb75
c0eef3f02520787922a61b1cf8b5144068461152c524d4f1a34531df210d3987
c1ea13ce403943e70795dffe2984dc0afb1ba5abad8bee8b220f7613204fbca1
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2248f95c537cd8360d5e9788a9df7b4cb74f79ffc4a1e840034acfca461dc58
c23465d5bff08766dcf268b88e13461c6ce4d0c7f5d697598944b8bc437bb29f
c2e9c7209b8215c5cddc6d22ffc14d2c0e203faa0e3aed8c1b13b272ee57cdc0
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
c4b064035d7575f4bec0fd5729fa76ed3aa06324415dffb767812d0b815e0b34
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
ca2fec6d9168102da4b08fad54e45776c3ac91fead7a22ffbf0ff78c37e05b2a
cb320cee1570ac7bbadd0ae6117f046aeb5ceae569a71716b8c50131455c701d
ccbae705aa2242b513627bb80ab6c5932caad5482e38a056cf633311eb9b2069
cdf163c0556d874f8f7114a11a4ffea5859d081dc12cdbbb756ddd9e1e190935
cea81b8648d319c75d62661bfef39912a4c7fc891045b5d1426bdbf94c99c9ba
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d20adf76c715169e72fb1fa7b38d824d44750ee988ce2c7d0e6555839d1eed81
d28e123f7f7d07714e7a28414bea9428b46e519167a39e735d445b51c1499d45
d4e3c54c5ac26bef3bda87a9571e08ff3d7e32f0499ad698e61b9f85fe262605
d74aacbaed4132cc593f2f2ab77bfc980733ad393dee2a722757d29d0eec941f
d74da575f4e334741bcbfe7a2ac482930ced39399e1801e20311a60074cbc9d1
d8e22455bbcacff9efa92b641e802640b6292cf6e2cfc86d64430340edad5051
da8438b81e390283f6eb8cc9cf49ccde3d00c954b4fbccdf6372c162c4b58ab2
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd080c89636f8576e3364bea0867f18be3a32daa72d766da336cbb80ba5fb407
dd8f713d63f116362513cc6076ff43e88645605ef40a3c906a8af327f36f616f
dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32
dfb214630e6f0052e27cfaaeaedf20b7014e06ddebc4ee50148b5bcc4d648a55
e03de9e1486226dd627695c66b4752d8db63cf395ab33e804441b221b75a75ad
e1cf5dde896e99f9fed685c4bedbeb9ef7263b2152cfebcb401a60c0e27ea9de
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5
e63b8a63c18e0e776cd511d1dd4b305d87699e5f0988e4eb7e71217d4d8d7e09
e6bf39944e3e29b92c35505da881c01d92f105ad961aa372b00ba8bfbb9d9df7
e813a8d8d41c0dbdc33020ad6ef27d16afd2b590ceeb998e267409c8f666b829
e8842f00ecffd8f291fb0c11b2a46ba25b35462b7cb6c2d86765bff54fd273cf
e9881b639c7528a358803222a3d5b1ea1fae69ede0ad9ee2e363be38a2712302
e9f7ee4f72ff576cf6fe4f7be74f474e0926110379781727785f23ad2203610b
ebb7ee4cc5c564875b3dce6bed1c6e0581089f58d19850152004fc94c6430def
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
eeb9f7e7c0d3259e8a4f85cf080c953033de6c185f77ff08a3dc2d6088a49a64
eec9eeb81e84c0a674b5ffe7169608730f273b4575744066c382ecfeb242ca87
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efea86161d7be5a95315a2ef8adb1551a064063f3272a3319746d8ac3e380bde
f02c5bfd1552e5ae37ca5c520f5ba626ce7c63338edda5ef59b0a3576579be4a
f03f34a896200ac3d36794a86a5b23d054f1982d05740b454078c8526a33b631
f2867f449fe076e59c937c5077d34583e68348e51262cc9912bb642366fb7ea4
f3ca3118d9eceb4028fb8b62693e34913badaedfc8d62eed83ed744697bf12f9
f75ada33b07cb31e16a0a0d3325961a22dc9526edb49bff04c31d7b7611f7025
f76ea38e84200d83685c8379ccdfea6a34b8ea9e55ac5ca58e34fd42b03be825
f77f47058428a1c21dad5a75ac13fbfdeb9858947218fee2112fded5972a0b5d
f8283ec012561d3d3588538f7d9ecb43d1f9c7d2bdc7db8a6b36b1b8c0b768da
f9524d8f1807bf488171ae337a05fd08898c2acfab1408df2e33b700f80ed9f6
f98dfc777edad439af757cd19c85240fa8d3a50daeace696b9d0ba146fe34758
fac37ff48ab0104b1ba7f65c02788c4228f1a7c59a20ac51288aee22fdb54787
fad42c0216700bfaad06e635ef9c821d454f775372ec6c4b2c76a35740dba318
fad6ef782cd3a0830d5705844a62753cad43e938dfc153f12264587de37686f0
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e