URL: https://www.bg3.co/a/frettechun-xia-xi-lie-qin-zhi-shang-yan-xia-lu-ji-you.html
Submission: On August 27 via manual from US — Scanned from AU

Summary

This website contacted 61 IPs in 8 countries across 55 domains to perform 318 HTTP transactions. The main IP is 84.17.37.44, located in Central, Hong Kong and belongs to CDN77 ^_^, GB. The main domain is www.bg3.co. The Cisco Umbrella rank of the primary domain is 590013.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G2 on May 20th 2022. Valid for: a year.
This is the only time www.bg3.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 84.17.37.44 60068 (CDN77 ^_^)
20 74.125.24.132 15169 (GOOGLE)
1 3 64.120.88.131 133752 (LEASEWEB-...)
4 104.26.5.103 13335 (CLOUDFLAR...)
2 42.99.140.201 4637 (ASN-TELST...)
5 42.99.140.161 4637 (ASN-TELST...)
2 69.16.175.10 20446 (STACKPATH...)
32 104.26.2.91 13335 (CLOUDFLAR...)
1 41 74.125.24.157 15169 (GOOGLE)
3 209.58.188.181 133752 (LEASEWEB-...)
9 74.125.130.155 15169 (GOOGLE)
1 172.253.118.94 15169 (GOOGLE)
2 142.251.12.97 15169 (GOOGLE)
13 74.125.200.154 15169 (GOOGLE)
7 13.76.45.37 8075 (MICROSOFT...)
2 142.251.12.113 15169 (GOOGLE)
1 104.16.87.20 13335 (CLOUDFLAR...)
1 46.137.217.248 16509 (AMAZON-02)
1 145.40.89.200 54825 (PACKET)
1 52.51.145.107 16509 (AMAZON-02)
6 35.244.159.8 15169 (GOOGLE)
1 34.107.148.139 15169 (GOOGLE)
2 51.79.234.100 16276 (OVH)
1 182.161.73.145 55569 (CRITEO-AS...)
1 104.254.151.68 29990 (ASN-APPNEX)
1 135.125.163.79 16276 (OVH)
3 35.72.150.84 16509 (AMAZON-02)
1 69.173.158.65 26667 (RUBICONPR...)
1 23.195.153.54 16625 (AKAMAI-AS)
2 4 104.18.19.126 13335 (CLOUDFLAR...)
3 20 172.217.194.155 15169 (GOOGLE)
2 103.229.10.211 16509 (AMAZON-02)
2 142.251.10.156 15169 (GOOGLE)
3 142.251.12.157 15169 (GOOGLE)
3 52.84.251.100 16509 (AMAZON-02)
1 13.227.254.108 16509 (AMAZON-02)
2 104.211.156.162 8075 (MICROSOFT...)
25 142.250.4.132 15169 (GOOGLE)
1 182.161.73.141 55569 (CRITEO-AS...)
1 182.161.73.148 55569 (CRITEO-AS...)
1 13.227.254.119 16509 (AMAZON-02)
9 182.161.73.129 55569 (CRITEO-AS...)
1 182.161.73.132 55569 (CRITEO-AS...)
1 104.17.25.14 13335 (CLOUDFLAR...)
3 172.253.118.132 15169 (GOOGLE)
3 182.161.73.135 55569 (CRITEO-AS...)
1 182.161.73.142 55569 (CRITEO-AS...)
1 172.253.118.95 15169 (GOOGLE)
3 74.125.24.94 15169 (GOOGLE)
14 23.36.252.26 16625 (AKAMAI-AS)
2 42.99.128.160 4637 (ASN-TELST...)
8 23.195.152.23 16625 (AKAMAI-AS)
2 10 142.251.12.147 15169 (GOOGLE)
1 23.72.44.183 16625 (AKAMAI-AS)
3 104.254.148.251 29990 (ASN-APPNEX)
1 1 104.45.178.220 8075 (MICROSOFT...)
2 2 64.74.236.191 ()
2 2 67.199.150.81 62713 (AS-PUBMATIC)
2 2 209.191.163.152 14744 (INTERNAP-...)
1 1 35.186.193.173 15169 (GOOGLE)
2 4 74.125.24.156 15169 (GOOGLE)
3 4 52.223.40.198 16509 (AMAZON-02)
1 42.99.128.170 ()
1 151.101.1.108 ()
1 182.161.73.136 ()
318 61
Apex Domain
Subdomains
Transfer
62 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 123
tpc.googlesyndication.com — Cisco Umbrella Rank: 159
934150ba64037595b99cf76f8cc62da6.safeframe.googlesyndication.com
ccd5150b2641588b54634302df65e07b.safeframe.googlesyndication.com
662c115c0e3ccb5729ad6c5f93c0b573.safeframe.googlesyndication.com
1 MB
36 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 218
googleads.g.doubleclick.net — Cisco Umbrella Rank: 52
cm.g.doubleclick.net — Cisco Umbrella Rank: 214
535 KB
33 bg3.co
www.bg3.co — Cisco Umbrella Rank: 590013
static.bg3.co
2 MB
23 media.net
prebid.media.net — Cisco Umbrella Rank: 1269
hblg.media.net — Cisco Umbrella Rank: 1470
contextual.media.net — Cisco Umbrella Rank: 537
warp.media.net — Cisco Umbrella Rank: 2128
lg3.media.net — Cisco Umbrella Rank: 3677
cs.media.net — Cisco Umbrella Rank: 1357
332 KB
20 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 361
433 KB
19 google.com
adservice.google.com — Cisco Umbrella Rank: 88
www.google.com — Cisco Umbrella Rank: 9
6 KB
14 adpushup.com
cdn.adpushup.com — Cisco Umbrella Rank: 13362
e3.adpushup.com — Cisco Umbrella Rank: 17352
aplogger.adpushup.com — Cisco Umbrella Rank: 15364
231 KB
13 criteo.net
static.criteo.net — Cisco Umbrella Rank: 655
pix.as.criteo.net — Cisco Umbrella Rank: 14815
csm.as.criteo.net — Cisco Umbrella Rank: 15360
276 KB
8 google.com.au
adservice.google.com.au — Cisco Umbrella Rank: 91302
2 KB
6 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 230
cdn.adnxs.com — Cisco Umbrella Rank: 1411
lax1-ib.adnxs.com — Cisco Umbrella Rank: 2090
acdn.adnxs.com
61 KB
6 openx.net
adpushup-d.openx.net — Cisco Umbrella Rank: 13451
u.openx.net
us-u.openx.net
2 KB
6 aralego.com
ads.aralego.com — Cisco Umbrella Rank: 28872
sync.aralego.com — Cisco Umbrella Rank: 2851
4 KB
5 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 759
rtb.sg1.as.criteo.com — Cisco Umbrella Rank: 30153
ads.as.criteo.com — Cisco Umbrella Rank: 15131
cat.sg1.as.criteo.com — Cisco Umbrella Rank: 15082
gum.criteo.com Failed
dis.criteo.com Failed
43 KB
4 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 371
2 KB
4 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 539
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 456
3 KB
4 rubiconproject.com
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 1064
fastlane.rubiconproject.com — Cisco Umbrella Rank: 519
eus.rubiconproject.com Failed
secure-assets.rubiconproject.com Failed
3 KB
4 aralego.net
cdn.aralego.net — Cisco Umbrella Rank: 8473
45 KB
3 akamaihd.net
qsearch-a.akamaihd.net — Cisco Umbrella Rank: 1614
res-a.akamaihd.net
25 KB
3 gstatic.com
fonts.gstatic.com
62 KB
3 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 194
44 KB
3 holmesmind.com
adx.holmesmind.com — Cisco Umbrella Rank: 369022
3 KB
2 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 654
1 KB
2 pubmatic.com
image6.pubmatic.com — Cisco Umbrella Rank: 634
ads.pubmatic.com Failed
1 KB
2 zemanta.com
b1sync.zemanta.com
1 KB
2 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 882
1008 B
2 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 976
pixel.quantserve.com — Cisco Umbrella Rank: 458
11 KB
2 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 746
407 B
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 45
502 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 78
72 KB
2 jquery.com
code.jquery.com — Cisco Umbrella Rank: 615
60 KB
2 adrecover.com
delivery.adrecover.com — Cisco Umbrella Rank: 12529
10 KB
1 ctnsnet.com
ius.ctnsnet.com — Cisco Umbrella Rank: 6246
623 B
1 inmobi.com
mweb.ck.inmobi.com — Cisco Umbrella Rank: 3963
464 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 54
1 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 219
5 KB
1 qccerttest.com
pxl.qccerttest.com — Cisco Umbrella Rank: 277114
550 B
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 933
663 B
1 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1278
360 B
1 adxpremium.services
rtb.adxpremium.services — Cisco Umbrella Rank: 7555
396 B
1 servenobid.com
ads.servenobid.com — Cisco Umbrella Rank: 1767
public.servenobid.com Failed
626 B
1 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1232
518 B
1 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 617
eb2.3lift.com Failed
504 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 422
2 KB
1 ampproject.net
d-984379383978768384.ampproject.net
0 emxdgt.com Failed
cs.emxdgt.com Failed
0 mfadsrvr.com Failed
rtb.mfadsrvr.com Failed
0 bidswitch.net Failed
x.bidswitch.net Failed
0 w55c.net Failed
pm.w55c.net Failed
0 1rx.io Failed
sync.1rx.io Failed
0 rfihub.com Failed
p.rfihub.com Failed
0 ladsp.jp Failed
cr-p3.ladsp.jp Failed
0 socdm.com Failed
tg.socdm.com Failed
0 turn.com Failed
ad.turn.com Failed
0 indexww.com Failed
js-sec.indexww.com Failed
0 omnitagjs.com Failed
hb-api.omnitagjs.com Failed
318 55
Domain Requested by
34 pagead2.googlesyndication.com cdn.ampproject.org
ads.aralego.com
pagead2.googlesyndication.com
adx.holmesmind.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.bg3.co
googleads.g.doubleclick.net
32 static.bg3.co www.bg3.co
25 tpc.googlesyndication.com googleads.g.doubleclick.net
securepubads.g.doubleclick.net
www.bg3.co
tpc.googlesyndication.com
pagead2.googlesyndication.com
20 cdn.ampproject.org www.bg3.co
cdn.ampproject.org
securepubads.g.doubleclick.net
13 securepubads.g.doubleclick.net cdn.aralego.net
cdn.adpushup.com
securepubads.g.doubleclick.net
www.bg3.co
12 googleads.g.doubleclick.net 3 redirects cdn.ampproject.org
googleads.g.doubleclick.net
pagead2.googlesyndication.com
www.bg3.co
11 cm.g.doubleclick.net 3 redirects googleads.g.doubleclick.net
u.openx.net
10 www.google.com 2 redirects googleads.g.doubleclick.net
www.bg3.co
tpc.googlesyndication.com
9 static.criteo.net ads.as.criteo.com
cdn.adpushup.com
static.criteo.net
9 adservice.google.com cdn.ampproject.org
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
8 contextual.media.net googleads.g.doubleclick.net
cdn.adpushup.com
contextual.media.net
www.bg3.co
8 adservice.google.com.au pagead2.googlesyndication.com
securepubads.g.doubleclick.net
7 e3.adpushup.com www.bg3.co
5 cdn.adpushup.com www.bg3.co
cdn.adpushup.com
4 match.adsrvr.org 3 redirects cdn.adpushup.com
4 cs.media.net contextual.media.net
4 lg3.media.net googleads.g.doubleclick.net
www.bg3.co
4 hblg.media.net www.bg3.co
googleads.g.doubleclick.net
4 adpushup-d.openx.net cdn.adpushup.com
4 cdn.aralego.net www.bg3.co
ads.aralego.com
3 lax1-ib.adnxs.com cdn.adpushup.com
www.bg3.co
cdn.adnxs.com
3 fonts.gstatic.com fonts.googleapis.com
3 pix.as.criteo.net ads.as.criteo.com
3 www.googletagservices.com googleads.g.doubleclick.net
securepubads.g.doubleclick.net
3 adx.holmesmind.com pagead2.googlesyndication.com
3 prebid-server.rubiconproject.com cdn.adpushup.com
3 sync.aralego.com ads.aralego.com
www.bg3.co
3 ads.aralego.com 1 redirects ads.aralego.com
2 ap.lijit.com 2 redirects
2 ssum-sec.casalemedia.com 2 redirects
2 image6.pubmatic.com 2 redirects
2 b1sync.zemanta.com 2 redirects contextual.media.net
2 warp.media.net googleads.g.doubleclick.net
cdn.adpushup.com
2 qsearch-a.akamaihd.net www.bg3.co
cdn.adpushup.com
2 aplogger.adpushup.com cdn.adpushup.com
2 partner.googleadservices.com pagead2.googlesyndication.com
2 htlb.casalemedia.com cdn.adpushup.com
2 onetag-sys.com cdn.adpushup.com
2 www.google-analytics.com www.bg3.co
www.googletagmanager.com
2 www.googletagmanager.com cdn.ampproject.org
cdn.adpushup.com
2 code.jquery.com delivery.adrecover.com
cdn.adpushup.com
2 delivery.adrecover.com www.bg3.co
1 us-u.openx.net u.openx.net
1 u.openx.net cdn.adpushup.com
1 acdn.adnxs.com cdn.adpushup.com
1 gum.criteo.com cdn.adpushup.com
contextual.media.net
1 res-a.akamaihd.net www.bg3.co
1 ius.ctnsnet.com 1 redirects
1 mweb.ck.inmobi.com 1 redirects
1 cdn.adnxs.com cdn.adpushup.com
1 662c115c0e3ccb5729ad6c5f93c0b573.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 ccd5150b2641588b54634302df65e07b.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 fonts.googleapis.com cdnjs.cloudflare.com
1 csm.as.criteo.net ads.as.criteo.com
1 934150ba64037595b99cf76f8cc62da6.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 cdnjs.cloudflare.com ads.as.criteo.com
1 cat.sg1.as.criteo.com ads.as.criteo.com
1 pixel.quantserve.com www.bg3.co
1 pxl.qccerttest.com www.bg3.co
1 ads.as.criteo.com googleads.g.doubleclick.net
1 rtb.sg1.as.criteo.com googleads.g.doubleclick.net
1 rules.quantcount.com secure.quantserve.com
1 secure.quantserve.com cdn.adpushup.com
1 a.teads.tv cdn.adpushup.com
1 fastlane.rubiconproject.com cdn.adpushup.com
1 rtb.adxpremium.services cdn.adpushup.com
1 ib.adnxs.com cdn.adpushup.com
contextual.media.net
acdn.adnxs.com
1 bidder.criteo.com cdn.adpushup.com
1 prebid.media.net cdn.adpushup.com
1 ads.servenobid.com cdn.adpushup.com
1 prebid.a-mo.net cdn.adpushup.com
1 tlx.3lift.com cdn.adpushup.com
1 cdn.jsdelivr.net cdn.adpushup.com
1 d-984379383978768384.ampproject.net cdn.ampproject.org
1 www.bg3.co
0 cs.emxdgt.com Failed contextual.media.net
0 rtb.mfadsrvr.com Failed contextual.media.net
0 x.bidswitch.net Failed contextual.media.net
0 dis.criteo.com Failed contextual.media.net
0 pm.w55c.net Failed contextual.media.net
0 sync.1rx.io Failed contextual.media.net
0 ads.pubmatic.com Failed contextual.media.net
0 p.rfihub.com Failed contextual.media.net
0 secure-assets.rubiconproject.com Failed contextual.media.net
0 cr-p3.ladsp.jp Failed u.openx.net
0 tg.socdm.com Failed u.openx.net
0 ad.turn.com Failed u.openx.net
0 eus.rubiconproject.com Failed cdn.adpushup.com
0 eb2.3lift.com Failed cdn.adpushup.com
0 public.servenobid.com Failed cdn.adpushup.com
0 js-sec.indexww.com Failed cdn.adpushup.com
0 hb-api.omnitagjs.com Failed cdn.adpushup.com
318 92

This site contains no links.

Subject Issuer Validity Valid
*.bg3.co
AlphaSSL CA - SHA256 - G2
2022-05-20 -
2023-06-21
a year crt.sh
misc-sni.google.com
GTS CA 1C3
2022-08-08 -
2022-10-31
3 months crt.sh
cdn.adpushup.com
R3
2022-06-29 -
2022-09-27
3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA
2022-08-03 -
2023-07-14
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-04-16 -
2023-04-16
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2022-08-08 -
2022-10-31
3 months crt.sh
*.aralego.com
Sectigo RSA Domain Validation Secure Server CA
2021-10-21 -
2022-11-20
a year crt.sh
*.google.com
GTS CA 1C3
2022-08-08 -
2022-10-31
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2022-08-08 -
2022-10-31
3 months crt.sh
*.adpushup.com
Sectigo ECC Domain Validation Secure Server CA
2022-08-02 -
2023-09-02
a year crt.sh
*.3lift.com
Amazon
2022-05-13 -
2023-06-11
a year crt.sh
*.a-mo.net
R3
2022-06-18 -
2022-09-16
3 months crt.sh
ads.servenobid.com
Amazon
2022-05-29 -
2023-06-27
a year crt.sh
*.openx.net
GeoTrust RSA CA 2018
2022-07-21 -
2023-08-21
a year crt.sh
*.media.net
Sectigo RSA Domain Validation Secure Server CA
2022-04-06 -
2023-05-04
a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-01-10 -
2023-01-03
a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-08-27 -
2022-11-22
3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018
2022-02-11 -
2023-03-14
a year crt.sh
*.adxpremium.services
Sectigo RSA Domain Validation Secure Server CA
2022-08-26 -
2023-08-05
a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1
2022-03-08 -
2023-04-04
a year crt.sh
teads.tv
R3
2022-08-17 -
2022-11-15
3 months crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1
2021-09-22 -
2022-09-21
a year crt.sh
*.googleadservices.com
GTS CA 1C3
2022-08-08 -
2022-10-31
3 months crt.sh
*.google.com.au
GTS CA 1C3
2022-08-08 -
2022-10-31
3 months crt.sh
*.holmesmind.com
Go Daddy Secure Certificate Authority - G2
2022-05-19 -
2023-06-20
a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2022-08-08 -
2022-10-31
3 months crt.sh
*.sg1.as.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-08-02 -
2022-11-01
3 months crt.sh
*.as.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-08-06 -
2022-10-31
3 months crt.sh
qccerttest.com
Amazon
2022-04-04 -
2023-05-03
a year crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-06-21 -
2022-09-23
3 months crt.sh
*.as.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-06-26 -
2022-09-22
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2022-08-08 -
2022-10-31
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2022-08-08 -
2022-10-31
3 months crt.sh
a248.e.akamai.net
DigiCert TLS RSA SHA256 2020 CA1
2022-06-28 -
2023-06-30
a year crt.sh
www.google.com
GTS CA 1C3
2022-08-08 -
2022-10-31
3 months crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018
2021-12-10 -
2022-12-09
a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020
2022-03-31 -
2023-05-02
a year crt.sh

This page contains 48 frames:

Primary Page: https://www.bg3.co/a/frettechun-xia-xi-lie-qin-zhi-shang-yan-xia-lu-ji-you.html
Frame ID: 4FBEE8BA46FB683744BC416CE4398F06
Requests: 111 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 142A4DC8807C36B188ED1BE8A7F18650
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 116BECA6AB6088CE3041CC9B7E6E452C
Requests: 5 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: 923D3A2BDBF51C0C67D59A4CAF86EA2F
Requests: 9 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: C3324766A9141B986E36325B095D846E
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-22152624563774328125&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=3509&oid=2&is_amp=5&amp_v=2208121708000&d_imp=1&c=63845009983&ga_cid=amp-6-J3JV8ln4DyLWd_OBUk5w&ga_hid=9983&dt=1661605487417&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffrettechun-xia-xi-lie-qin-zhi-shang-yan-xia-lu-ji-you.html&bdt=2499&dtd=292&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Frame ID: B4E56C74757D5566249300106C63F056
Requests: 7 HTTP requests in this frame

Frame: https://adx.holmesmind.com/adx-file/20220802/wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
Frame ID: 9EEDBF820CD073B78C8767F980A0CB8D
Requests: 8 HTTP requests in this frame

Frame: https://adx.holmesmind.com/adx-file/20220802/wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
Frame ID: F9537B86FD8346D57CAE8C38097AFBF5
Requests: 5 HTTP requests in this frame

Frame: https://ads.as.criteo.com/delivery/r/afr.php?z=YwoWcAAKqPAA-RLPAA8JzqGeRNFKwB_3AxLQew&u=%7C62LXOQ8QDfvraawMFkaOHnclXAaKBu2LfKl1EdWHNYo%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4GS8d0D9pqsgEM8_Ocsn1b_uSKJsWIPbbImC7Q9fUg2s2yqb7MYnZ-dzhRI3zuZr5XIe4bsI2RcXR3NW0VGjOE63G-4wDACaKw-ELde7To1cwfAUITppHjAYKjFL5eKw8_iJPnrNpMIw3p_2WSMG_7JQ6vKhOA6740oUKItBCr7TvwDFlfz267JxIQI42Q98vULCfqgY-gJlvifVNvP5s6qQ9MxSmjM7R45ezJnGR-yfX44w0SSHnvo4aCDIbJLSZlUqFdhgm2alL56QNIVCHhOXOLD9f0y7pPJUmYuFh4T-Is1dEihn3XyCuIyM6r6-vJi6-UPuV2_4hfOuiXrVV3BCqppBq0IG3uK6-s3BsIgWGMFbM25Xe979FaqwFw2qymH1F8g5lllDjfNJEsUC-xkfTL1eLZutaP8UrcOCfg5lHDrsCDbcsWqTHhzcRcDVgjrCJ8dEKbvni5vEJhfJmvYkVr_HKrECincYuA51Tak3dBkgbrtu8sdcEtzX1eeUQtyBB2AYlV06GzkBVaIBpnmiBo2sGCFB4LTyZVf9BCrNTdON-XQEyeAE-mZaA0RtUZUbp3YLTIQe8vmN8zyT7M-nlIYh85hpE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCWZcUcBYKY_DRKs-l5LcPzpO8yASY_NGxXMrx7aDBAcCNtwEQASAAYKWAgICQAYIBF2NhLXB1Yi0zMjE2MjMxOTM1NzEzMDM4oAG22aPQA8gBCakCuZhMXIAkpz6oAwGqBPMBT9DZSbgbuP8SpCrdGU1saPKyI995CATuY6FZhhDlCZhYn7Y0ie23AQVn2LFUR645Twe6GAo3OXZ76qPNH3xIiRlenL4njO4IlNw1O91Hpnv3qjFf5M_TnBT0J5j8U_QtzHmq0V4A2enyQ0J9cQleEmt4gaSPW-SfIgWSvj2InSQaLl9S6x2rsYr_GrMmKWOZHQUnvTDgfBYsSe8XM6402V5uUyeWhO5UpaSFehv7XqRVRpABNfjaCJFsG43ItuFeJs-kz9M7tQne5zn-xjJe-_PG3rraSGDTPN8aESbhfBOSiBTsPtz7waQZikix5xKCdQt6gAbAl8LrtqT9-V2gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2NiDy0EWMA8pZ_N_8jlVoCUgAtow%26client%3Dca-pub-3216231935713038%26adurl%3D
Frame ID: 58AE9EBD184F97D6C93DC34933E8D85D
Requests: 18 HTTP requests in this frame

Frame: https://934150ba64037595b99cf76f8cc62da6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: AA68B0D9CF1E57DE028B99256B21EEC2
Requests: 1 HTTP requests in this frame

Frame: https://ccd5150b2641588b54634302df65e07b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 09733FEF356AE4B36675495F8EF38FA2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661605490223&bpp=13&bdt=288&idt=340&shv=r20220822&mjsv=m202208230101&ptt=5&saldr=sa&correlator=5128949353106&frm=8&ife=1&pv=2&ga_vid=1225699553.1661605491&ga_sid=1661605491&ga_hid=764326721&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31069151&oid=2&pvsid=2035389648816233&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.8h18uca2tbtf&fsb=1&dtd=357
Frame ID: E0581FF748AD7D838D7CF89385FFBA4D
Requests: 1 HTTP requests in this frame

Frame: https://adx.holmesmind.com/adx-file/20220802/Jpdrj6FTFudMF9gFh20p69WOhIfPkDWiDdiuTHfZ.html
Frame ID: 0179E50F6EB401331477A21DC0A0B96D
Requests: 8 HTTP requests in this frame

Frame: https://662c115c0e3ccb5729ad6c5f93c0b573.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: DA1F3BE635276AB9A1AEFCBCF51A29D0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=C03fNchYKY7aiL9eR_tMPyuOR-AGs1_3wZLT2qJPiC8CNtwEQASAAYKWAgICQAYIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3oAGV9ZvfA8gBCagDAaoE1QFP0OvX8AZyXsRgG2CachGk7697zLD9SOc-7I6WS1UkR9uVSi9WsMMHjWGGirG6g1ISvAemOt8c74C7qg6b-CC88q_XtrbhhTRhGBAxxWbNizWtPWU5jtQ6uC_tHin2rgyIoMA5ZWbr56iiZXjxsv4ChMkjknIRGecSb_OhkSWSLiNwuxrkJXjsLxR0W4pCPexASekHUoA7Rd3CilmiCTW5wpKmgT2A9REt7WVbTf_eyFdM-c26MC8z8_-LCFLNjFnleFIDE2WNxmW19-4JkchtNxAAi6GABsPF35vKrc2Y6QGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQIAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi00NDg1MjM5NDI1OTI0Nzg3GOLMGQ&sigh=AFfvNZXi0Dw&uach_m=[UACH]&cid=CAQSKQCsnQUxj9rI2Wv6GHZAjUXFG6Fqu_O6WaFHbtmJ9N6wKAg0WlEnQr2zGAE
Frame ID: D953F3AF7ED0466D994048C03C4F761A
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220822/r20190131/zrt_lookup.html
Frame ID: D227601A0BBD4FE4F31335F41AF74389
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012208081650000/amp4ads-v0.mjs
Frame ID: AD8B33D2369BE38633A21B65ABFAAB3F
Requests: 13 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012208081650000/amp4ads-v0.mjs
Frame ID: 77653743F698FEC313DFDDDF60E34A55
Requests: 13 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstRW-rSYc8kTIqDcIe1qHbRpMrsCh-RjnlYH_uN7-ux7A50c0sLGicS7H5mbM-6nRCOJsOobFZB3B8IjkfhT6mWT4LI3c3u9Qqofr_72Rvf_P3g_X8c_vu0sKpNSz6hTaJIRhoPqv-z-5s5M7aEuwWq5DenjiPZWROT6nsfs0muVvgd-2ilQ3tEki8D0OJwNidZ94j3c4llTrrV4HG5-ZZBaULQ228Oh4v2grZybaKKJvOMeNfwYwyKe_JGYu4Fs3XqPJLuwqhpWZ5ZRAS6rB8TczgFGBjOlN4gkXklp6mthaoXLahwiM4BJQ&sai=AMfl-YTbFOV3sHpXrSwGo8QL3WzL9HUU5TOpYLtMSHVi9pH3GvxvYHZVAmYhCX6ye25vmGispwhQ0RImb3hdm0CyFumCc9D2tdw5hK0Xqgegyt_AgQE395DM72qUpem0nQ&sig=Cg0ArKJSzOM7e656n_qKEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: B136F5D953656DF9B6168D1783A6D8B1
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4126554779393986&output=html&adk=1812271804&adf=2253520751&plat=1%3A520%2C2%3A520%2C8%3A512%2C9%3A520%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1049088%2C32%3A32&format=0x0&url=https%3A%2F%2Fadx.holmesmind.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661605491651&bpp=3&bdt=465&idt=295&shv=r20220822&mjsv=m202208250101&ptt=9&saldr=aa&nras=1&correlator=1605525451437&frm=8&ife=1&pv=2&ga_vid=188311204.1661605492&ga_sid=1661605492&ga_hid=200177508&ga_fc=0&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=713434785&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31069064%2C31069172%2C31064018&oid=2&pvsid=1038135568532041&tmod=1100051554&uas=0&nvt=1&top=https%3A%2F%2Fwww.bg3.co%2F&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=4&bc=31&ifi=1&uci=1.ynnhoub56t0m&fsb=1&dtd=316
Frame ID: D7FD6CC488F763DE91353E5A2526218C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4126554779393986&output=html&h=280&slotname=4923695364&adk=3446667921&adf=552093739&pi=t.ma~as.4923695364&w=336&fwrn=16&psa=0&format=336x280&url=https%3A%2F%2Fadx.holmesmind.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661605491654&bpp=2&bdt=468&idt=332&shv=r20220822&mjsv=m202208250101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=1605525451437&frm=8&ife=1&pv=1&ga_vid=188311204.1661605492&ga_sid=1661605492&ga_hid=200177508&ga_fc=0&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=713434785&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31069064%2C31069172%2C31064018&oid=2&pvsid=1038135568532041&tmod=1100051554&uas=0&nvt=1&top=https%3A%2F%2Fwww.bg3.co%2F&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.b8wzoz5z7vhe&fsb=1&dtd=337
Frame ID: 9F7CB1D149043D5BA262A9DAFA4CD3B7
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 4F4725B7A483B0BA4BE0E85238B90164
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: CB6D5F5D15BFC0136AE8123A42B6F620
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: DEDD5B21C9FE86745F8B6D813DB5E857
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C6BDC4777526C19C7ADCCC2BE2AAF4DC
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 5896E46A64F08CE371A56AE85ED2A90A
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 2C57CEA2C5017458D91EAFF543DB8BB5
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 07AC55728C584542B20BC562A5FD6015
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E2B89C8F642899FB8E4404A63AAC89EA
Requests: 2 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CU3SX34C&prvid=99%2C77%2C20000%2C2033%2C262%2C241%2C3018%2C246%2C4%2C313%2C359%2C10000%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Frame ID: C65BE921CAE1F1A02FC2ED7250F097F6
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 1D20D14C5BE58323BE0AD4A12F442A6F
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B64EDCDD6150BB662B6CA8A81BB41F07
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 99DAAE28EFE8E60E6D4F360874CECD4B
Requests: 2 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=10&cv=31&https=1&cid=8CU2CV286&prvid=99%2C77%2C4%2C359%2C10000%2C229%2C9&itype=APPNEXUS_EXPERIMENT&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Frame ID: C18C97C4C841D7F4AE5F91D80B08C1FB
Requests: 2 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=10&cv=31&https=1&cid=8CU2CV286&prvid=99%2C77%2C4%2C359%2C10000%2C229%2C9&itype=APPNEXUS_EXPERIMENT&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Frame ID: 9E21C050435838B65141CE5378F23570
Requests: 2 HTTP requests in this frame

Frame: data://truncated
Frame ID: 3CCE3339C001D8E60C5BB5DD3EFDC082
Requests: 4 HTTP requests in this frame

Frame: data://truncated
Frame ID: 2BF532704938116A43A90C853E08ADC8
Requests: 4 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 6BD553FBC610AD7A25559EC04C4D22DA
Requests: 2 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Frame ID: 862522CD73228D68E3591AFF54E26E8A
Requests: 11 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: A2E607416A9EC42057C0D786053582EE
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1661605488670
Frame ID: 31CA22C70EB6CA9FC0847ADB7A1048BC
Requests: 1 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: 299FA368FEEA0B401E531114BDF1737A
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?&ld=1
Frame ID: 2A8149DF291023E0863D1CC5517C6CC4
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 4B98D98A62D136A92695B1CA9AA8B3B2
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 24C88EABEC4794A6E139B491AE79B8D8
Requests: 7 HTTP requests in this frame

Frame: https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=medianet
Frame ID: 6AF0B83D82C1CE818E487903949BE48A
Requests: 1 HTTP requests in this frame

Frame: https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3046070936835270000V10%26type%3Drkt%26refUrl%3D%26vid%3D16054946553046070936835270000V10%26ovsid%3D%7Buserid%7D
Frame ID: BC5230D05DB6F8FB13E21463490967DA
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3046070936835270000V10%26type%3Dpba%26refUrl%3D%26vid%3D16054946553046070936835270000V10%26ovsid%3DPM_UID
Frame ID: BD4F5C7BD7707DAF5B4AF3E6460AB4AA
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

FRETTE春夏系列寢織 上演夏旅紀遊 - 天天要聞

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/pagead/show_ads\.js

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js

Overall confidence: 100%
Detected patterns
  • [^a-z]mtc.*\.js

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net

Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)

Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

318
Requests

87 %
HTTPS

0 %
IPv6

55
Domains

92
Subdomains

61
IPs

8
Countries

5701 kB
Transfer

11701 kB
Size

40
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • https://ads.aralego.com/sdk HTTP 301
  • https://cdn.aralego.net/ucfad/sdk/apac-hk/sdk
Request Chain 104
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffrettechun-xia-xi-lie-qin-zhi-shang-yan-xia-lu-ji-you.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661605487975&bpp=14&bdt=1468&idt=583&shv=r20220822&mjsv=m202208240101&ptt=5&saldr=sa&correlator=6098308937653&frm=23&ife=1&pv=2&ga_vid=1143735976.1661605489&ga_sid=1661605489&ga_hid=185729078&ga_fc=0&ga_cid=amp-6-J3JV8ln4DyLWd_OBUk5w&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=2577654277&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31069152%2C44771547%2C31068920&oid=2&pvsid=2515766910733113&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ube8dqie059c&fsb=1&dtd=606 HTTP 302
  • https://adx.holmesmind.com/adx-file/20220802/wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
Request Chain 108
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffrettechun-xia-xi-lie-qin-zhi-shang-yan-xia-lu-ji-you.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661605487992&bpp=12&bdt=1467&idt=648&shv=r20220822&mjsv=m202208230101&ptt=5&saldr=sa&correlator=6098308937653&frm=23&ife=1&pv=1&ga_vid=427906467.1661605489&ga_sid=1661605489&ga_hid=353131747&ga_fc=0&ga_cid=amp-6-J3JV8ln4DyLWd_OBUk5w&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=10261&biw=1600&bih=1200&isw=336&ish=280&ifk=3041648624&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31069064%2C31069151%2C31064018%2C31068920&oid=2&pvsid=1502617573038382&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.jum5nkv6ooca&btvi=1&fsb=1&dtd=667 HTTP 302
  • https://adx.holmesmind.com/adx-file/20220802/wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
Request Chain 159
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661605490244&bpp=12&bdt=303&idt=409&shv=r20220822&mjsv=m202208220101&ptt=5&saldr=sa&correlator=1605525451437&frm=8&ife=1&pv=2&ga_vid=1786860486.1661605491&ga_sid=1661605491&ga_hid=459548624&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31069082%2C31062931&oid=2&pvsid=2976872081566487&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.6y0efhlv1njf&fsb=1&dtd=426 HTTP 302
  • https://adx.holmesmind.com/adx-file/20220802/Jpdrj6FTFudMF9gFh20p69WOhIfPkDWiDdiuTHfZ.html
Request Chain 228
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 231
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 257
  • https://mweb.ck.inmobi.com/sync/3?redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dinmobi_pte_limited%26google_hm%3D%24DSP_CKID&google_gid=CAESELTVif6x3LnHwc4LnwZOfGE&google_cver=1&google_push=AehlK4BLyCZhdCMVfZVZrlm-J1HwTyUpMrBnIDFkzIxn1p4nZv1wANYkklAkKKUOLhXQjllPcKZNhLDuLqQgdgUYJCgwQbmuShh4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=NmEyNmJlMTYtZTIxYy00ZGRlLWE0YTYtYWYyZWQ0OWI1ZTcz&google_gid=CAESELTVif6x3LnHwc4LnwZOfGE&google_cver=1&google_push=AehlK4BLyCZhdCMVfZVZrlm-J1HwTyUpMrBnIDFkzIxn1p4nZv1wANYkklAkKKUOLhXQjllPcKZNhLDuLqQgdgUYJCgwQbmuShh4
Request Chain 258
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEA5C-L181hRvA-kUEm4WmiE&google_cver=1&google_push=AehlK4ASncV9a8nZMJ_w1oFlCGp4uc4Ed-Eh367ZLan3Bt3UjtkIArpS7aRip-_L0XloGpkR4Y8C7VP_LphvB2uWqPNqjDCJWKrs HTTP 302
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEA5C-L181hRvA-kUEm4WmiE&google_push=AehlK4ASncV9a8nZMJ_w1oFlCGp4uc4Ed-Eh367ZLan3Bt3UjtkIArpS7aRip-_L0XloGpkR4Y8C7VP_LphvB2uWqPNqjDCJWKrs&s=2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AehlK4ASncV9a8nZMJ_w1oFlCGp4uc4Ed-Eh367ZLan3Bt3UjtkIArpS7aRip-_L0XloGpkR4Y8C7VP_LphvB2uWqPNqjDCJWKrs&google_hm=bVduTXh6V0lXamNSY3JFejVueGs=
Request Chain 259
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEN4Zk0F7a6A38veVNfpDgDA&google_cver=1&google_push=AehlK4DnFUQk4wbtfgbFOOqD9jD2TROUyaGnkRtuHlEgagYjkUwZPCXM0JPju0CdqeYQujhSN9synLgJVbV_GsVEylxxEXMrql-- HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEN4Zk0F7a6A38veVNfpDgDA&google_cver=1&google_push=AehlK4DnFUQk4wbtfgbFOOqD9jD2TROUyaGnkRtuHlEgagYjkUwZPCXM0JPju0CdqeYQujhSN9synLgJVbV_GsVEylxxEXMrql--&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=oqTH8GzVRRKN_6EpfIT3TA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AehlK4DnFUQk4wbtfgbFOOqD9jD2TROUyaGnkRtuHlEgagYjkUwZPCXM0JPju0CdqeYQujhSN9synLgJVbV_GsVEylxxEXMrql--
Request Chain 260
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEHYyvyaGOnNJEYhonsrHXeo&google_cver=1&google_push=AehlK4B5F_VPuAS-mCePJ_MyZN293d904GaOSzLnS3EpFueXrr64xnMOduJvsnuxt9Ih9ZvQVoBseP5srGIaApf7gLEji8HL3Tbt HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEHYyvyaGOnNJEYhonsrHXeo&google_push=AehlK4B5F_VPuAS-mCePJ_MyZN293d904GaOSzLnS3EpFueXrr64xnMOduJvsnuxt9Ih9ZvQVoBseP5srGIaApf7gLEji8HL3Tbt&s=184023&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEHYyvyaGOnNJEYhonsrHXeo&google_hm=YwoWdcgTHpa4MY_Qthh88QAAA00AAAIB&google_nid=index&google_push=AehlK4B5F_VPuAS-mCePJ_MyZN293d904GaOSzLnS3EpFueXrr64xnMOduJvsnuxt9Ih9ZvQVoBseP5srGIaApf7gLEji8HL3Tbt
Request Chain 261
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEClu3fJO8H7AfnuJhEE5oB4&google_cver=1&google_push=AehlK4C3548sitl5LygZOuUpAPMRFVtA3iAxG4Q8Xtq6PZM9MRfBIx3vhNmwv-AJxgARJ3fFoQ1oEo6rqjFrtBvrqKSRHK0Yrx2c HTTP 307
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEClu3fJO8H7AfnuJhEE5oB4&google_cver=1&google_push=AehlK4C3548sitl5LygZOuUpAPMRFVtA3iAxG4Q8Xtq6PZM9MRfBIx3vhNmwv-AJxgARJ3fFoQ1oEo6rqjFrtBvrqKSRHK0Yrx2c&sovrn_retry=true HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AehlK4C3548sitl5LygZOuUpAPMRFVtA3iAxG4Q8Xtq6PZM9MRfBIx3vhNmwv-AJxgARJ3fFoQ1oEo6rqjFrtBvrqKSRHK0Yrx2c&google_hm=FN0wBGZHBZ1CRQpZSYWmhGjd
Request Chain 262
  • https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESEBlEfmoRojelpEWjhS8yGno&google_cver=1&google_push=AehlK4DuJLdtCqpMcqKQS4e7EdiCtNGhkVXFjGwtESNhHsUxAIcTf0vqduGRhhwKyJI39qiobCYyHRiMx3z4jyz7a6z1O4VhA6r5Dg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AehlK4DuJLdtCqpMcqKQS4e7EdiCtNGhkVXFjGwtESNhHsUxAIcTf0vqduGRhhwKyJI39qiobCYyHRiMx3z4jyz7a6z1O4VhA6r5Dg&google_hm=yJx6PwuOQBakUFCLqYOWHaA
Request Chain 263
  • https://an.yandex.ru/mapuid/google/CAESEO5aT6Pe2U1Fdld7kUIuFfw?ext-param=AehlK4DvMUZggNsLX4fAEE-8NAubUnUNLZ7k7Iv7wDApXu5wotM7YwqImivH_ZoCvX5X8SAHubXnLJCyybfaA5dSJFFzJbaB_zz9lg&partner-tag=yandex_ag&google_cver=1 HTTP 302
  • https://an.yandex.ru/mapuid/google/CAESEO5aT6Pe2U1Fdld7kUIuFfw?redir-setuniq=1&ext-param=AehlK4DvMUZggNsLX4fAEE-8NAubUnUNLZ7k7Iv7wDApXu5wotM7YwqImivH_ZoCvX5X8SAHubXnLJCyybfaA5dSJFFzJbaB_zz9lg&partner-tag=yandex_ag&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEO5aT6Pe2U1Fdld7kUIuFfw&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
Request Chain 266
  • https://cm.g.doubleclick.net/pixel?cs=6&google_nid=media&google_cm=1&google_hm=MzA0NjA3MDkyNjgzNTI2MjAwMFYxMA%3D%3D&google_sc=1 HTTP 302
  • https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEIJSp7YhSOqWIfdunUnGBGY&google_cver=1
Request Chain 267
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=66eb5718-c2c5-41f9-847a-03a744a00fbc
Request Chain 281
  • https://cm.g.doubleclick.net/pixel?cs=10&google_nid=media&google_cm=1&google_hm=MzA0NjA3MDkzNjgzNTI4NjAwMFYxMA%3D%3D&google_sc=1 HTTP 302
  • https://cs.media.net/cksync?type=g&cs=10&google_gid=CAESEIJSp7YhSOqWIfdunUnGBGY&google_cver=1
Request Chain 282
  • https://cm.g.doubleclick.net/pixel?cs=10&google_nid=media&google_cm=1&google_hm=MzA0NjA3MDkzNjgzNTI5ODAwMFYxMA%3D%3D&google_sc=1 HTTP 302
  • https://cs.media.net/cksync?type=g&cs=10&google_gid=CAESEIJSp7YhSOqWIfdunUnGBGY&google_cver=1
Request Chain 299
  • https://eb2.3lift.com/sync HTTP 302
  • https://eb2.3lift.com/sync?&ld=1
Request Chain 304
  • https://match.adsrvr.org/track/cmf/openx?oxid=306a1fb4-426c-77c4-e22e-61287e827b4c&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=66eb5718-c2c5-41f9-847a-03a744a00fbc&ttd_puid=306a1fb4-426c-77c4-e22e-61287e827b4c&gdpr=0&gdpr_consent=
Request Chain 308
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIU0ei6o5MVEs-35n9Y5400&google_cver=1
Request Chain 315
  • https://us-u.openx.net/w/1.0/cm?id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3046070936835270000V10%26type%3Dopx%26refUrl%3D%26vid%3D16054946553046070936835270000V10%26ovsid%3D HTTP 302
  • https://contextual.media.net/cksync.html?cs=8&vsid=3046070936835270000V10&type=opx&refUrl=&vid=16054946553046070936835270000V10&ovsid=f846762b-e96c-4d24-8161-1f46cc6de990

318 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request frettechun-xia-xi-lie-qin-zhi-shang-yan-xia-lu-ji-you.html
www.bg3.co/a/
59 KB
17 KB
Document
General
Full URL
https://www.bg3.co/a/frettechun-xia-xi-lie-qin-zhi-shang-yan-xia-lu-ji-you.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
84.17.37.44 Central, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-84-17-37-44.cdn77.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
62303a8bdeeab2dd019e885346daaf8ede1130860dc8a81015a24b1d45c0668a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
max-age=3600
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Sat, 27 Aug 2022 13:04:44 GMT
ETag
"ebd8-jtYoA6JwgWwAqQ15biNb+1mcgeo"
Expires
Sat, 27 Aug 2022 14:04:44 GMT
Server
nginx/1.18.0 (Ubuntu)
Transfer-Encoding
chunked
Vary
Accept-Encoding
v0.js
cdn.ampproject.org/
276 KB
71 KB
Script
General
Full URL
https://cdn.ampproject.org/v0.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/frettechun-xia-xi-lie-qin-zhi-shang-yan-xia-lu-ji-you.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
5f8d71069d619040e5ea451d199616bf459fb1ebc73e2e5a5ade04b3c0f6d405
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
72591
x-xss-protection
0
server
sffe
date
Sat, 27 Aug 2022 13:04:45 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
private, max-age=3000, stale-while-revalidate=1206600
etag
"d68ac0b6f7bd5a0e"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 27 Aug 2022 13:04:45 GMT
amp-sidebar-0.1.js
cdn.ampproject.org/v0/
31 KB
10 KB
Script
General
Full URL
https://cdn.ampproject.org/v0/amp-sidebar-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/frettechun-xia-xi-lie-qin-zhi-shang-yan-xia-lu-ji-you.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
5c6e81664d4eceb22dec97dcfdf650d9043fe61c43c6a0bcfb8cb545a3bb6317
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9674
x-xss-protection
0
server
sffe
date
Sat, 27 Aug 2022 13:04:45 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
private, max-age=604800, stale-while-revalidate=604800
etag
"c8d982af404eb30c"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 27 Aug 2022 13:04:45 GMT
amp-auto-ads-0.1.js
cdn.ampproject.org/v0/
24 KB
9 KB
Script
General
Full URL
https://cdn.ampproject.org/v0/amp-auto-ads-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/frettechun-xia-xi-lie-qin-zhi-shang-yan-xia-lu-ji-you.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
d1555f710e3e03e1b2a96c77e01a8d363d3d2617884e6a42f2dd7211c1b4dc07
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7577
x-xss-protection
0
server
sffe
date
Sat, 27 Aug 2022 13:04:45 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
private, max-age=604800, stale-while-revalidate=604800
etag
"ba4554cc3d824f7e"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 27 Aug 2022 13:04:45 GMT
amp-analytics-0.1.js
cdn.ampproject.org/v0/
109 KB
31 KB
Script
General
Full URL
https://cdn.ampproject.org/v0/amp-analytics-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/frettechun-xia-xi-lie-qin-zhi-shang-yan-xia-lu-ji-you.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
cbcdb4c75801db2fc6e6686038fd68c3512f262c3e256ef1df50978975a699e5
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32017
x-xss-protection
0
server
sffe
date
Sat, 27 Aug 2022 13:04:45 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
private, max-age=604800, stale-while-revalidate=604800
etag
"c18a359d5e98957d"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 27 Aug 2022 13:04:45 GMT
sdk
cdn.aralego.net/ucfad/sdk/apac-hk/
Redirect Chain
  • https://ads.aralego.com/sdk
  • https://cdn.aralego.net/ucfad/sdk/apac-hk/sdk
42 KB
43 KB
Script
General
Full URL
https://cdn.aralego.net/ucfad/sdk/apac-hk/sdk
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/frettechun-xia-xi-lie-qin-zhi-shang-yan-xia-lu-ji-you.html
Protocol
H2
Server
104.26.5.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ae78cfe6ee6192120b022cb3c00d586542309c4b88076fe6f12c0f7ef65f015

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 13:04:46 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43300
last-modified
Mon, 25 Jul 2022 08:35:40 GMT
server
cloudflare
etag
"62de55dc-a924"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hyhvo8c7CR%2Fo1e2gDsAUA7GUgDjgXcDyzd%2F5MbsGSAPb2Eg%2BVEbudWpVci0tBl6rQtoJgmk2Ud9ni5VH0UJLaoK8A3uCokUcZDCRqUaCTUwM7J71uvCOi691QQAp6spzwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
741503d19dd8a932-SYD

Redirect headers

Location
https://cdn.aralego.net/ucfad/sdk/apac-hk/sdk
Connection
close
Content-length
0
adRecover.js
delivery.adrecover.com/43519/
35 KB
10 KB
Script
General
Full URL
https://delivery.adrecover.com/43519/adRecover.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/frettechun-xia-xi-lie-qin-zhi-shang-yan-xia-lu-ji-you.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.201 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-201.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
96ee24d7663a687fdc56a25bd030c0f39488914a1a3af94df7fd28cb7e4846d7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AU
date
Sat, 27 Aug 2022 13:04:45 GMT
content-encoding
br
last-modified
Sat, 27 Aug 2022 07:00:19 GMT
server
nginx/1.18.0
vary
Accept-Encoding
x-akamai-device
mobile:false&tablet:false
access-control-allow-origin
*
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=1
x-cf-geodata
AU
content-type
application/javascript
content-length
9527
expires
Sat, 27 Aug 2022 14:04:45 GMT
adpushup.js
cdn.adpushup.com/42753/
514 KB
119 KB
Script
General
Full URL
https://cdn.adpushup.com/42753/adpushup.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/frettechun-xia-xi-lie-qin-zhi-shang-yan-xia-lu-ji-you.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.161 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-161.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
fbb779a7370a139fb31695b848086c585e83ce2ee4f4633d6a47d8020ed39edd

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AU
date
Sat, 27 Aug 2022 13:04:45 GMT
content-encoding
br
last-modified
Wed, 24 Aug 2022 02:59:53 GMT
server
nginx/1.18.0
vary
Accept-Encoding
x-akamai-device
mobile:false&tablet:false
access-control-allow-origin
*
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=3
x-cf-geodata
AU
content-type
application/javascript
content-length
120977
expires
Sat, 27 Aug 2022 14:04:45 GMT
jquery-2.2.2.min.js
code.jquery.com/
84 KB
29 KB
Script
General
Full URL
https://code.jquery.com/jquery-2.2.2.min.js
Requested by
Host: delivery.adrecover.com
URL: https://delivery.adrecover.com/43519/adRecover.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
hwcdn.net
Software
nginx /
Resource Hash
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 13:04:46 GMT
content-encoding
gzip
last-modified
Wed, 16 Feb 2022 10:50:39 GMT
server
nginx
etag
W/"620cd6ff-14e98"
vary
Accept-Encoding
x-hw
1661605486.dop009.la3.t,1661605486.cds216.la3.hn,1661605486.cds210.la3.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
29880
b33f8087b3247f317bd0c2c43f2de942.jpg
static.bg3.co/imgs/202105/
72 KB
73 KB
Image
General
Full URL
https://static.bg3.co/imgs/202105/b33f8087b3247f317bd0c2c43f2de942.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/frettechun-xia-xi-lie-qin-zhi-shang-yan-xia-lu-ji-you.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
968de6d4e2b0a1aab3bbec4ecad8ee920c6dd1fb87a7d96965c34aa75dd3ddf8

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 13:04:47 GMT
cf-cache-status
MISS
last-modified
Sat, 22 May 2021 13:19:49 GMT
server
cloudflare
etag
"B33F8087B3247F317BD0C2C43F2DE942"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cwq1j2BzKsYhjaJJIQyYmrClS0xMbUfYag5pKa3Vp3z07anD%2BDblK8LErUCZqbvSQK2CTWvzyxldaITVkf%2BZIO42fzqsoYuCjbcZaGi4tQQrWCFeLKVA%2FmyKCXbS%2Bgw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
741503d18cdda876-SYD
content-length
74197
expires
Sat, 03 Sep 2022 13:04:46 GMT
ce011b572b1b7965d8efd93faadf25a7.jpg
static.bg3.co/imgs/202105/
646 KB
647 KB
Image
General
Full URL
https://static.bg3.co/imgs/202105/ce011b572b1b7965d8efd93faadf25a7.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/frettechun-xia-xi-lie-qin-zhi-shang-yan-xia-lu-ji-you.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0346ab5a96c6a4791857bc561062e9fc4a4da217e313a346301a3cca9d4d4e92

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 13:04:47 GMT
cf-cache-status
MISS
last-modified
Thu, 20 May 2021 14:40:56 GMT
server
cloudflare
etag
"CE011B572B1B7965D8EFD93FAADF25A7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AqaEff5BdU3BT3pvgZZSBCZ5FAKKJ1SQ%2B6faxgyyaGhVccxoHxxEAOcWvgeun2X4SDIAKR0pw53d93Z9Cr2EihZxPmgIrc9sHod8jpN5xv3BINrbi%2FnSlH3idf%2FJYe0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
741503d21d3ba876-SYD
content-length
661123
expires
Sat, 03 Sep 2022 13:04:46 GMT
f1c4fed815dcc15e356aebec6f94de15.jpg
static.bg3.co/imgs/202105/
645 KB
646 KB
Image
General
Full URL
https://static.bg3.co/imgs/202105/f1c4fed815dcc15e356aebec6f94de15.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/frettechun-xia-xi-lie-qin-zhi-shang-yan-xia-lu-ji-you.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ad60e3be7f4d97123ac3615e2f7230d09ac303d67025d91cf12c19777081628a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 13:04:47 GMT
cf-cache-status
MISS
last-modified
Thu, 20 May 2021 14:47:19 GMT
server
cloudflare
etag
"F1C4FED815DCC15E356AEBEC6F94DE15"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IIfC2z%2FXiIwlXm6epIfvk8n1W9OHCBCwXpEp2BGG2dn2JHT%2FVcLFn0VLCu4w08pEmPxYrfZwu%2ByhT8eW9ZepguFLq269p67dajjrAIEyVyYrpaoogjFG9rB3lM8XKCM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
741503d21d3ca876-SYD
content-length
660841
expires
Sat, 03 Sep 2022 13:04:46 GMT
11bfa13cbc48babcecc1d2ceee28b959.jpg
static.bg3.co/imgs/202012/
5 KB
6 KB
Image
General
Full URL
https://static.bg3.co/imgs/202012/11bfa13cbc48babcecc1d2ceee28b959.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/frettechun-xia-xi-lie-qin-zhi-shang-yan-xia-lu-ji-you.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f2cf341750d3b307949d4aeaf4822e6747548779aed9d4e9f251bf0a3741cd2

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 13:04:46 GMT
cf-cache-status
MISS
last-modified
Thu, 10 Dec 2020 10:21:39 GMT
server
cloudflare
etag
"11BFA13CBC48BABCECC1D2CEEE28B959"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xsjLClI9rdYiuzkjGok3rjMjZM0R%2B%2BUmFhbjwakNhM9nf65lxUCQ9MVqWxI0Dfp66XFkxkrnnNQbfZgwhEC6%2BEx8TA9UupKXf7AhPGjMl0ycLr3PpiI6Zpub2aakQ88%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
741503d18cdea876-SYD
content-length
5333
expires
Sat, 03 Sep 2022 13:04:46 GMT
97c161ea3e7faa241901267662bb44d3.jpg
static.bg3.co/imgs/202105/
6 KB
6 KB
Image
General
Full URL
https://static.bg3.co/imgs/202105/97c161ea3e7faa241901267662bb44d3.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/frettechun-xia-xi-lie-qin-zhi-shang-yan-xia-lu-ji-you.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c93237ed2d3ea7fd72f147acd808dc55ac1645c54d4f75c1aaf6dd5b24c26a75

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 13:04:46 GMT
cf-cache-status
MISS
last-modified
Thu, 20 May 2021 15:34:54 GMT
server
cloudflare
etag
"97C161EA3E7FAA241901267662BB44D3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fKfVK4I2oTYHErfiGJdSTFZAfn1EIm7HlZdnMYak%2BXc2kGvrI%2FZaRdbc4iYFbKxRtDwzuIwFTMQcgqIJIb2zOk6OYVyyvlhuG%2B5OFJGCozQ0cPeu%2B8Tt79us7IbdkIw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
741503d18cdfa876-SYD
content-length
5927
expires
Sat, 03 Sep 2022 13:04:46 GMT
46baff48bead8ee89f648b0ccd091549.jpg
static.bg3.co/imgs/202105/
12 KB
13 KB
Image
General
Full URL
https://static.bg3.co/imgs/202105/46baff48bead8ee89f648b0ccd091549.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/frettechun-xia-xi-lie-qin-zhi-shang-yan-xia-lu-ji-you.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
310d6154eb3b7f4dd01b96460cf6e2c15612455be57a900a85632965bb2f9aca

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 13:04:47 GMT
cf-cache-status
MISS
last-modified
Sat, 29 May 2021 00:37:10 GMT
server
cloudflare
etag
"46BAFF48BEAD8EE89F648B0CCD091549"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dh5iI%2B1raiEIh1pMieHjRMRlemZZhnsPPeumOohkq51evo%2B3Mppfg%2F8dB7NrQVPIdtO2O6zef%2FlstQMpvX%2BzY0ZfhBr%2FXUPgggZGFdjex8GAOQz2oTI1q7knuFIDftI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
741503d21d38a876-SYD
content-length
12678
expires
Sat, 03 Sep 2022 13:04:46 GMT
7f906eaa3e756d62db07f632c521d1b1.jpg
static.bg3.co/imgs/202105/
10 KB
10 KB
Image
General
Full URL
https://static.bg3.co/imgs/202105/7f906eaa3e756d62db07f632c521d1b1.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/frettechun-xia-xi-lie-qin-zhi-shang-yan-xia-lu-ji-you.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd862efe970dbc8b2bc627771371f5d92be3bb7eadaa95c2b30f5561fd36c872

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 13:04:46 GMT
cf-cache-status
MISS
last-modified
Mon, 24 May 2021 12:21:56 GMT
server
cloudflare
etag
"7F906EAA3E756D62DB07F632C521D1B1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BRYbEt3aG2wVwe8zvIN1rfY%2FG2ekZPfv7p8ueqKR0HSxbJ9EkvcEdQypeyIX06mdgLjOqUd4fby2rwaXOND9am04053N1p0KidjICR9AMutPiyEdTm4OlRW%2BN%2BQ9qg8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
741503d18cd8a876-SYD
content-length
10208
expires
Sat, 03 Sep 2022 13:04:46 GMT
0efc66efeb799c8b5f3a16771ed4ed1b.jpg
static.bg3.co/imgs/202105/
10 KB
10 KB
Image
General
Full URL
https://static.bg3.co/imgs/202105/0efc66efeb799c8b5f3a16771ed4ed1b.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/frettechun-xia-xi-lie-qin-zhi-shang-yan-xia-lu-ji-you.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c3ca3f47ae641ef3f739380d5807f6ff7e7790170c80746ec722cb5809589c5a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 13:04:46 GMT
cf-cache-status
MISS
last-modified
Sat, 22 May 2021 20:32:38 GMT
server
cloudflare
etag
"0EFC66EFEB799C8B5F3A16771ED4ED1B"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KF0KsoR3m6cEQZQTW8ibpnoeEX8Cm5%2FmCVfxr1pgR%2Bh5SlDCLnjQmXlimQFJqG6VZdeQsXIo2wYCjs21PGbiOtbh1ltcR%2FrtuZ4aAIdMaWFRMvA9Y3TaRUwJq9sUTsQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
741503d18cdba876-SYD
content-length
9916
expires
Sat, 03 Sep 2022 13:04:46 GMT
77d5d5ca842e8e4ac105d82bc9abcfcb.jpg
static.bg3.co/imgs/202105/
9 KB
9 KB
Image
General
Full URL
https://static.bg3.co/imgs/202105/77d5d5ca842e8e4ac105d82bc9abcfcb.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/frettechun-xia-xi-lie-qin-zhi-shang-yan-xia-lu-ji-you.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26a4252e292a4f69e01c0ea9b8055c61ef1fb66f59164bcf68c1a7e0cc96f45f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 13:04:46 GMT
cf-cache-status
MISS
last-modified
Wed, 26 May 2021 09:07:26 GMT
server
cloudflare
etag
"77D5D5CA842E8E4AC105D82BC9ABCFCB"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yFiy95whMtdusJqPldRS%2BKVGKp0DEYzlZRjxuwZAFs%2BqO2X5g8S9MZTGfK%2FqncgpoyFy7pSxXj8ZjjwbVh38WqOtEYginYNyxbswl9vlfrVa3R%2BRGPpattMtNT956Y4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
741503d18cdaa876-SYD
content-length
8873
expires
Sat, 03 Sep 2022 13:04:46 GMT
9a2d4c27d890021f945035445664f5a1.jpg
static.bg3.co/imgs/202105/
5 KB
6 KB
Image
General
Full URL
https://static.bg3.co/imgs/202105/9a2d4c27d890021f945035445664f5a1.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/frettechun-xia-xi-lie-qin-zhi-shang-yan-xia-lu-ji-you.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f64003cbe1aab2a61268e31c2e1d062ee24c5babd4f205c1879b6534dd2960b1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 13:04:46 GMT
cf-cache-status
MISS
last-modified
Sat, 22 May 2021 15:52:40 GMT
server
cloudflare
etag
"9A2D4C27D890021F945035445664F5A1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zxdwVUXrxnmC%2Fo37TkMOSw53tEw%2FEOwQ7Wccr9MJqFHUN6dfsM3Gfn2JI7Pu%2BjDhtdb%2FK56BSxTQTjOvH1r4Euf2E2Z0xcmPLBc4uCOU9YSsycN%2BLDMPXR3qL9RqQ%2Fg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
741503d18cd9a876-SYD
content-length
5485
expires
Sat, 03 Sep 2022 13:04:46 GMT
7c04f76621dcf9c860a3b07cefaa2428.jpg
static.bg3.co/imgs/202106/
6 KB
7 KB
Image
General
Full URL
https://static.bg3.co/imgs/202106/7c04f76621dcf9c860a3b07cefaa2428.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/frettechun-xia-xi-lie-qin-zhi-shang-yan-xia-lu-ji-you.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f68da585bb661e8001ba4c70e8ada2ccc64dfffac368fd8c514d2f1cf2cadcf2

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 13:04:46 GMT
cf-cache-status
MISS
last-modified
Sun, 13 Jun 2021 03:31:31 GMT
server
cloudflare
etag
"7C04F76621DCF9C860A3B07CEFAA2428"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xSbDcB3ueDuMAbhb02YYeyNKWLw3KetXt7hRGJFfI%2FnEOrRGSVId9zbloKXxJ14%2FYyAH6a1DqOEa0tQBXagwNmO0ke6l137sDdEZ1sFoGxfUs1bJ66FTcEy%2BUua8%2FDc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
741503d18cdca876-SYD
content-length
6650
expires
Sat, 03 Sep 2022 13:04:46 GMT
74eb577e96c18bf430aeae865c6d3023.jpg
static.bg3.co/imgs/202105/
68 KB
69 KB
Image
General
Full URL
https://static.bg3.co/imgs/202105/74eb577e96c18bf430aeae865c6d3023.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/frettechun-xia-xi-lie-qin-zhi-shang-yan-xia-lu-ji-you.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
680a29be3f13a3483a4194555684bdcc7064476c95da922cc011af5b26e8153d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 13:04:47 GMT
cf-cache-status
MISS
last-modified
Sat, 22 May 2021 13:19:50 GMT
server
cloudflare
etag
"74EB577E96C18BF430AEAE865C6D3023"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cl63YXuKVEQvxfdk%2FZY2ndAW0%2B1O6MNowE2s%2B27h%2BAc8lHGCf0SmnMIe7pQ3Foagxz9M4BWkSnGietRrlznZTFcb%2FIaPjvhNFrr95MQJwR9Fyzn4QEM0N6lj0413wl8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
741503d2fdbaa876-SYD
content-length
69908
expires
Sat, 03 Sep 2022 13:04:47 GMT
90ae733672d6cdd22001c0fc731841d1.jpg
static.bg3.co/imgs/202106/
645 KB
646 KB
Image
General
Full URL
https://static.bg3.co/imgs/202106/90ae733672d6cdd22001c0fc731841d1.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/frettechun-xia-xi-lie-qin-zhi-shang-yan-xia-lu-ji-you.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f45d8142061f8f4202823f6f63a809d0f99783ef6958407e14166538b80632c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 13:04:47 GMT
cf-cache-status
MISS
last-modified
Thu, 03 Jun 2021 03:45:04 GMT
server
cloudflare
etag
"90AE733672D6CDD22001C0FC731841D1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aI5ofmZU8he7ulctMsEttr5G7o3BP9FkKx9pi2riIp1wBmHkcrsBG5pHEHd3aNH9RwOnoKkJiUTMXmJcQMRa093OxL1fxALFk2qWek1bvxveHTRwOK7ArcreHtq3kN4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
741503d2fdbea876-SYD
content-length
660863
expires
Sat, 03 Sep 2022 13:04:47 GMT
7a051103c1ad2352943b8f5cdb49bd89.jpg
static.bg3.co/imgs/202105/
7 KB
7 KB
Image
General
Full URL
https://static.bg3.co/imgs/202105/7a051103c1ad2352943b8f5cdb49bd89.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/frettechun-xia-xi-lie-qin-zhi-shang-yan-xia-lu-ji-you.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7fbe43670adc1b1355a02414c9a7568e7bc75a72c90521dace689a6adc62e380

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 13:04:47 GMT
cf-cache-status
MISS
last-modified
Thu, 20 May 2021 14:39:21 GMT
server
cloudflare
etag
"7A051103C1AD2352943B8F5CDB49BD89"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z48PlPSRXAb9iYevmfgSotUk4EMtKivrLB8aEXoxbTE397wHhtvDBlEHSZzF%2B3B0n5hhIAxC8effGfCNjCTWjqdo%2FbgWxpqvgAHqGyX0SkhPI2ulNKB5hJ7U25rCgbU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
741503d2fdbfa876-SYD
content-length
6999
expires
Sat, 03 Sep 2022 13:04:47 GMT
2dda0c0d5a4a9a1bfd1dd2f7190c3814.jpg
static.bg3.co/imgs/202105/
7 KB
7 KB
Image
General
Full URL
https://static.bg3.co/imgs/202105/2dda0c0d5a4a9a1bfd1dd2f7190c3814.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/frettechun-xia-xi-lie-qin-zhi-shang-yan-xia-lu-ji-you.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
72f1d89a509fe4d5299f212708cfd03ae7987d73a9148ae660575414afdc9ecc

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 13:04:47 GMT
cf-cache-status
MISS
last-modified
Sun, 23 May 2021 01:51:06 GMT
server
cloudflare
etag
"2DDA0C0D5A4A9A1BFD1DD2F7190C3814"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d6uLFviBu70DhSUwBVZCOgXTz3GEOK8yRnPUdf1y2OEFkUUBO2Of2IbZxEt4%2F7ZLs%2BapJ53IekrCpXrtIEYWwxDkuauNbuEA6dJTvd7ADnLMVbmQsRFRoECmC9TIxBY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
741503d2fdc0a876-SYD
content-length
6793
expires
Sat, 03 Sep 2022 13:04:47 GMT
1b1dbd980ccd78255a78531a2ebbadf4.jpg
static.bg3.co/imgs/202105/
5 KB
6 KB
Image
General
Full URL
https://static.bg3.co/imgs/202105/1b1dbd980ccd78255a78531a2ebbadf4.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/frettechun-xia-xi-lie-qin-zhi-shang-yan-xia-lu-ji-you.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f897d8b843023a9b619bea24c98a05bd57dc9771de8f0ab63ef66c0a038ab14c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 13:04:47 GMT
cf-cache-status
MISS
last-modified
Fri, 28 May 2021 03:54:39 GMT
server
cloudflare
etag
"1B1DBD980CCD78255A78531A2EBBADF4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0Dz7N1cxDLtLTigRTyQO7vt8JTZNdRqE6s5v8JEPx61zZ%2FnU9HJXdGy0Ta%2BlUr32lNLi57dC1GBHQ78%2Fq3CS2RQVWIXpALMfImwweX8k1LKeODEh5XKmDZ34LsxeP60%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
741503d2fdc1a876-SYD
content-length
5620
expires
Sat, 03 Sep 2022 13:04:46 GMT
8cd1b0a0db474dba64476728002d2db6.jpg
static.bg3.co/imgs/202012/
5 KB
6 KB
Image
General
Full URL
https://static.bg3.co/imgs/202012/8cd1b0a0db474dba64476728002d2db6.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/frettechun-xia-xi-lie-qin-zhi-shang-yan-xia-lu-ji-you.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c2bd1ef66bd7bf19048d1caeb635ec749de0b96f86580bc16242aa9d9f56dd8

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 13:04:47 GMT
cf-cache-status
MISS
last-modified
Tue, 15 Dec 2020 14:26:43 GMT
server
cloudflare
etag
"8CD1B0A0DB474DBA64476728002D2DB6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ucE%2Fa570dMpvDd%2BB16yQWNosJd9Nv2Nw1BeWKhAmk3ADMbDuhz8b3JKEg2UKdGTW0VO%2F68vMsO9UcjKX9tyDEnJaYuOVxMZWkMYzSEntT9F7OLlq6vKjM3ikaROhhvw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
741503d2fdc3a876-SYD
content-length
5575
expires
Sat, 03 Sep 2022 13:04:46 GMT
52794e09a03982526d9d009f4af828d5.jpg
static.bg3.co/imgs/202105/
8 KB
8 KB
Image
General
Full URL
https://static.bg3.co/imgs/202105/52794e09a03982526d9d009f4af828d5.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/frettechun-xia-xi-lie-qin-zhi-shang-yan-xia-lu-ji-you.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d22d62449376f9a0b47bab525f433d016f962f7e5507641d25ab86e9f0fb246

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 13:04:47 GMT
cf-cache-status
MISS
last-modified
Sat, 22 May 2021 10:29:28 GMT
server
cloudflare
etag
"52794E09A03982526D9D009F4AF828D5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T6%2BQy8Q%2F8p5YyyVU8DRlIKQIa%2F5na%2FN%2Bsfie3EJZ%2Bn166SUOQbUHIDOjCjTwdP7O8vf3F6cQJu8CkMWqtOAySSqaC5aucVLrJNT9B6jUDkN9rILywxiIsLZ%2Be%2BSmdn8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
741503d2fdc4a876-SYD
content-length
7789
expires
Sat, 03 Sep 2022 13:04:47 GMT
ca4076d8a39737ae1af686e2392bfff8.jpg
static.bg3.co/imgs/202105/
6 KB
7 KB
Image
General
Full URL
https://static.bg3.co/imgs/202105/ca4076d8a39737ae1af686e2392bfff8.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/frettechun-xia-xi-lie-qin-zhi-shang-yan-xia-lu-ji-you.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
07c9514d479841e0d951c676a6953e57ae21c38e5600994ed208b8fdf694d199

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 13:04:47 GMT
cf-cache-status
MISS
last-modified
Tue, 25 May 2021 12:12:23 GMT
server
cloudflare
etag
"CA4076D8A39737AE1AF686E2392BFFF8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PiQRYsHxfCry4DbuZlsyW5dvS62ovwLQEzwa7SgJZiWWtOlBkDadNmi0b%2BkR%2BOnYwRJOlTQrpCXPeQx4yhW2N1CdNuYVzixyJ2KovhnGLN1vz2tWFL2u5V1qVNAoPqY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
741503d2fdc6a876-SYD
content-length
6649
expires
Sat, 03 Sep 2022 13:04:47 GMT
121f3dc976ff3aa38500c2402fb0ad70.jpg
static.bg3.co/imgs/202105/
5 KB
5 KB
Image
General
Full URL
https://static.bg3.co/imgs/202105/121f3dc976ff3aa38500c2402fb0ad70.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/frettechun-xia-xi-lie-qin-zhi-shang-yan-xia-lu-ji-you.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
695071987c12a1ad595b0bff4d16ef2b43401b5bb83bb67a64b854d3089b8ea1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 13:04:47 GMT
cf-cache-status
MISS
last-modified
Wed, 26 May 2021 21:10:33 GMT
server
cloudflare
etag
"121F3DC976FF3AA38500C2402FB0AD70"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UtU%2FFefYgORvy3%2B36UoMWsBB7J1pi4hCn3bQcoVDm%2BIWgL4s0xArlaVePOsyDM1mabEWy1CaZ5Ne7sAaieKG0E4VbCnAlwKzSfhKck177xOEjTevctcqxO2NHVA3m1o%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
741503d2fdc8a876-SYD
content-length
4951
expires
Sat, 03 Sep 2022 13:04:47 GMT
4e92453405733e4642a1c71e3961605f.jpg
static.bg3.co/imgs/202106/
17 KB
17 KB
Image
General
Full URL
https://static.bg3.co/imgs/202106/4e92453405733e4642a1c71e3961605f.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/frettechun-xia-xi-lie-qin-zhi-shang-yan-xia-lu-ji-you.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b75fc97f12153262c1bea6a3f0a55292f0238da4e4f312946a7482aa128ac35

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 13:04:47 GMT
cf-cache-status
MISS
last-modified
Tue, 01 Jun 2021 17:40:02 GMT
server
cloudflare
etag
"4E92453405733E4642A1C71E3961605F"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hnIvjulDBEkEvkZjIAh89w3fUTrQCP5atepkRY1Qqpw3VVZH0gZmYdswjwa6msH6E4WYOdZVBqevI8kisG19JeMpDhzSUGAxpIJYqqVt1myXT%2Ft0rAu%2BhrosaCA8ak8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
741503d2fdc9a876-SYD
content-length
17407
expires
Sat, 03 Sep 2022 13:04:47 GMT
98f4f32c56852f11cd468638d3c1c022.jpg
static.bg3.co/imgs/202105/
4 KB
4 KB
Image
General
Full URL
https://static.bg3.co/imgs/202105/98f4f32c56852f11cd468638d3c1c022.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/frettechun-xia-xi-lie-qin-zhi-shang-yan-xia-lu-ji-you.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a84b4e7610de90beff7f1efea51e39aaf7ca64e3996a2479fc3aadba1601515

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 13:04:47 GMT
cf-cache-status
MISS
last-modified
Thu, 20 May 2021 16:25:43 GMT
server
cloudflare
etag
"98F4F32C56852F11CD468638D3C1C022"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J7aiYav%2BwbC3BmGjx0DsWsVqCckgWNWCu3kFYVyzRhnFlRlotVP3uOODFfVmj2labvMDfgtuOke%2BWLSzqvKsEq3aGuIOpXdG0FxKcwJFa6%2Fxq4fBeiyZrk4UMOewlC0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
741503d2fdcaa876-SYD
content-length
4061
expires
Sat, 03 Sep 2022 13:04:46 GMT
9653661fe4136630593295e2e08c6226.jpg
static.bg3.co/imgs/202105/
43 KB
43 KB
Image
General
Full URL
https://static.bg3.co/imgs/202105/9653661fe4136630593295e2e08c6226.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/frettechun-xia-xi-lie-qin-zhi-shang-yan-xia-lu-ji-you.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e01e1a85b9fe90e524e05f308d43d9046322bd507c6cfcfe155a84f04001fb9

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 13:04:47 GMT
cf-cache-status
MISS
last-modified
Sat, 22 May 2021 13:19:51 GMT
server
cloudflare
etag
"9653661FE4136630593295E2E08C6226"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6eMPGNKgE7nTFCpdhJxvQbc3M8C1J9Iu6jJODtpkzx6ZlkqJ0EnNyaeOHH1MAX5W74t2SB3OQV3UV47B7lqACbi6er8Chczpe85KpY77blHoJwCPELiVI8dqY7cJAc4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
741503d2fdcba876-SYD
content-length
43947
expires
Sat, 03 Sep 2022 13:04:47 GMT
b1c0807d51d10299be1edcf8dd402830.jpg
static.bg3.co/imgs/202106/
6 KB
7 KB
Image
General
Full URL
https://static.bg3.co/imgs/202106/b1c0807d51d10299be1edcf8dd402830.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/frettechun-xia-xi-lie-qin-zhi-shang-yan-xia-lu-ji-you.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
45421b1117999f41f0a77836862ef980fced68b7ef2187e52a69f9498c5d0394

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 13:04:47 GMT
cf-cache-status
MISS
last-modified
Tue, 01 Jun 2021 14:50:51 GMT
server
cloudflare
etag
"B1C0807D51D10299BE1EDCF8DD402830"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YydzHgbCI9Hig4K1i0PaJUoUYmUcL%2BiLKL4pmWyO6wdt1gOimS0oVPK2lmwfhBtUGN7VS5uV10cBXtKS8vIGS%2Fpw%2BwtyeMaMaFUjyLXv6RWXe15bavqjKrIPBRBtVv0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
741503d2fdcca876-SYD
content-length
6361
expires
Sat, 03 Sep 2022 13:04:47 GMT
0041ca478422b38b113ce0d47e0b1637.jpg
static.bg3.co/imgs/202105/
12 KB
12 KB
Image
General
Full URL
https://static.bg3.co/imgs/202105/0041ca478422b38b113ce0d47e0b1637.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/frettechun-xia-xi-lie-qin-zhi-shang-yan-xia-lu-ji-you.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48b36b1879dbd6ce673a05b43b340a10f4c8232553f0897d9ccd97303bce0512

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 13:04:47 GMT
cf-cache-status
MISS
last-modified
Wed, 26 May 2021 07:45:33 GMT
server
cloudflare
etag
"0041CA478422B38B113CE0D47E0B1637"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gbYhjsNoodOgwDCa%2FAmkqC9v%2F3KIJUKOEBBB3vrmWdnTIjyisSnt5tklcosrxbKtIyqaLsnh81HvsFgxsDRhPmi82ZR0M7oIsDosVo1rkiUEVT7OLVga8%2BoTFx9jLeY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
741503d2fdcda876-SYD
content-length
12415
expires
Sat, 03 Sep 2022 13:04:47 GMT
2382edd6ca8e7b40e619e2f0643686e1.jpg
static.bg3.co/imgs/202105/
4 KB
4 KB
Image
General
Full URL
https://static.bg3.co/imgs/202105/2382edd6ca8e7b40e619e2f0643686e1.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/frettechun-xia-xi-lie-qin-zhi-shang-yan-xia-lu-ji-you.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
19cafd6b3b7d4a9749f727caa20956e00a703103be6289d325954f03b15a4c1a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 13:04:47 GMT
cf-cache-status
MISS
last-modified
Tue, 25 May 2021 16:42:44 GMT
server
cloudflare
etag
"2382EDD6CA8E7B40E619E2F0643686E1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bHDBY1mK5OdL0rh%2FOIinTbUkA3qGmFeyoDjgtVO6lmmK0M7VdoWSyyshAseJCnxRWMPd9aMh5Si5wOW4b3kb6xjDFcoyZOvdBd1Bqe2fNnp1dpAmG6jYEmfxKqT8mIE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
741503d2fdd0a876-SYD
content-length
4198
expires
Sat, 03 Sep 2022 13:04:47 GMT
7225dd2f6eaf597199bdb51f1a0a4e7d.jpg
static.bg3.co/imgs/202107/
4 KB
5 KB
Image
General
Full URL
https://static.bg3.co/imgs/202107/7225dd2f6eaf597199bdb51f1a0a4e7d.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/frettechun-xia-xi-lie-qin-zhi-shang-yan-xia-lu-ji-you.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce888eff79ddf55f5aec373177d152da27406a08145668aea1e1fea0844e2638

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 13:04:47 GMT
cf-cache-status
MISS
last-modified
Fri, 09 Jul 2021 06:24:40 GMT
server
cloudflare
etag
"7225DD2F6EAF597199BDB51F1A0A4E7D"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0qFj%2F%2FFMm7ZwePV1dFunRJ%2F7JBS%2BTsyR1%2FG9gabV%2BR%2FCcQo4Y0Mb%2BfO4ss%2BD0pRTilx%2FkdUwbNW%2BZkrhez6ggklb3eF2SBNlErJzs%2FUIVpL3M%2FW3jTY5dbsyw9lq5do%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
741503d2fdd1a876-SYD
content-length
4324
expires
Sat, 03 Sep 2022 13:04:47 GMT
ffc9d26d92ccbb0db560353fec6d0bbc.jpg
static.bg3.co/imgs/202105/
6 KB
7 KB
Image
General
Full URL
https://static.bg3.co/imgs/202105/ffc9d26d92ccbb0db560353fec6d0bbc.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/frettechun-xia-xi-lie-qin-zhi-shang-yan-xia-lu-ji-you.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a4a38aa390f7121eddf5ead56cd065be2d1a21dc1d2849a5878d7f78c6c99dfd

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 13:04:47 GMT
cf-cache-status
MISS
last-modified
Mon, 24 May 2021 09:25:11 GMT
server
cloudflare
etag
"FFC9D26D92CCBB0DB560353FEC6D0BBC"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZVPOYBgblMJ%2FLPFRGgJ5TT4Yv4s1JY8XaImplT5om%2Bbm8o6L33HVOK8YeK5MykR1dW1XBnV0KirqJbmqZYlIvxryh12hvS5YK6GJ4dNf4jKyaQWN2qRaR9HKEH6OOXs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
741503d2fdd3a876-SYD
content-length
6480
expires
Sat, 03 Sep 2022 13:04:46 GMT
6e4070720a5af0ddd09c8beebda7e7b4.jpg
static.bg3.co/imgs/202105/
7 KB
7 KB
Image
General
Full URL
https://static.bg3.co/imgs/202105/6e4070720a5af0ddd09c8beebda7e7b4.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/frettechun-xia-xi-lie-qin-zhi-shang-yan-xia-lu-ji-you.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
426672611bbbc647117d08bde6639d92d1e87f0c28396dcd455acb8b7b6fee2f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 13:04:47 GMT
cf-cache-status
MISS
last-modified
Sun, 23 May 2021 00:13:11 GMT
server
cloudflare
etag
"6E4070720A5AF0DDD09C8BEEBDA7E7B4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5nZ%2FfZH9aJa0KFn7Ys0%2B3SMh8V3wj4uJRKUET7CiDqqi5ukTAiChFSU2x6xkTUBLkAYDd1Jep64ak8xU8uVOX1G7Dyd7N5XX3Xe7NmDw%2FHfKIx7X0EcnDRgWJK1cqrk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
741503d2fdd5a876-SYD
content-length
7049
expires
Sat, 03 Sep 2022 13:04:47 GMT
34bec3a457d192a51f2d5fd29b5b346a.jpg
static.bg3.co/imgs/202105/
5 KB
6 KB
Image
General
Full URL
https://static.bg3.co/imgs/202105/34bec3a457d192a51f2d5fd29b5b346a.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/frettechun-xia-xi-lie-qin-zhi-shang-yan-xia-lu-ji-you.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a0c1c270cb5596a9d3173f7c23568083fc137d184179101e02a54ed205b2853

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 13:04:47 GMT
cf-cache-status
MISS
last-modified
Sat, 22 May 2021 14:08:46 GMT
server
cloudflare
etag
"34BEC3A457D192A51F2D5FD29B5B346A"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WZFekWw0mvZxRlP%2FZH5Cwa7Ey3pYWJKyabICVuBBtrPLJKpafvl6VbxakOVblluDkevcU3%2BO5xtqfXuG7nDKttLuivqgBTS9cnklaQFzH5gP0bTKMatceXKk6%2FhIrJ0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
741503d2fdd6a876-SYD
content-length
5618
expires
Sat, 03 Sep 2022 13:04:47 GMT
bd1ac52a9b55a45e803fcbe752dde2b9.jpg
static.bg3.co/imgs/202105/
8 KB
8 KB
Image
General
Full URL
https://static.bg3.co/imgs/202105/bd1ac52a9b55a45e803fcbe752dde2b9.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/frettechun-xia-xi-lie-qin-zhi-shang-yan-xia-lu-ji-you.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8fee654b0181484237a2ef15cafbb05b9672af9839c16bbf93a7e47b93fef884

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 13:04:47 GMT
cf-cache-status
MISS
last-modified
Mon, 24 May 2021 11:14:16 GMT
server
cloudflare
etag
"BD1AC52A9B55A45E803FCBE752DDE2B9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ldBY1uc0u0BCKQMo8yrkhdS3suXVteVs7xJX5eIM3A5PrtcGCug2J3X%2BNUKVxD1DMTvLtcTKJMBd90ngw9hTS5cJ6wFQRjK9kTsDdA0NcvdolMqfyp2TMVcss6sIEfA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
741503d2fdd8a876-SYD
content-length
7706
expires
Sat, 03 Sep 2022 13:04:47 GMT
bfc9ea6993dee54b9e4d05036d06adb4.jpg
static.bg3.co/imgs/202105/
6 KB
7 KB
Image
General
Full URL
https://static.bg3.co/imgs/202105/bfc9ea6993dee54b9e4d05036d06adb4.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/frettechun-xia-xi-lie-qin-zhi-shang-yan-xia-lu-ji-you.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a262a5112396b9c0482177af06d68b939c66fcd4600fd6f89467e7131662741c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 13:04:47 GMT
cf-cache-status
MISS
last-modified
Thu, 20 May 2021 16:32:28 GMT
server
cloudflare
etag
"BFC9EA6993DEE54B9E4D05036D06ADB4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z75pq8HGIzMaZj82F0V2Oeszfqqqy7pH88HV%2BTDb1CnyY0qqub9b4ZawnPk5D1ZiwQ8TxUqcA1LQ9U5OU1Akrq4QTxdpCc0pAXXQkIPSKWnniAAkKcbS50UwvAqLszs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
741503d2fdd9a876-SYD
content-length
6499
expires
Sat, 03 Sep 2022 13:04:46 GMT
amp-auto-lightbox-0.1.js
cdn.ampproject.org/rtv/012208121708000/v0/
8 KB
3 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012208121708000/v0/amp-auto-lightbox-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
740ffa5ffc4ed6a504bcc5f6f9fe5bcd3af393bf1a3d621944bac18722075553
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
231169
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2995
x-xss-protection
0
server
sffe
date
Wed, 24 Aug 2022 20:51:57 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"2d2f0c9c768f6ba9"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 24 Aug 2023 20:51:57 GMT
amp-ad-0.1.js
cdn.ampproject.org/rtv/012208121708000/v0/
81 KB
23 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012208121708000/v0/amp-ad-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
6dd09c80d743e5c5e9bd8ab6ceed8f1a48d40e914681043e0cacd30f584ec1df
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
231255
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23065
x-xss-protection
0
server
sffe
date
Wed, 24 Aug 2022 20:50:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"069ae92740d24a46"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 24 Aug 2023 20:50:31 GMT
ama
pagead2.googlesyndication.com/getconfig/
5 KB
1 KB
Fetch
General
Full URL
https://pagead2.googlesyndication.com/getconfig/ama?client=ca-pub-3216231935713038&plah=www.bg3.co&ama_t=amp&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffrettechun-xia-xi-lie-qin-zhi-shang-yan-xia-lu-ji-you.html&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
cafe /
Resource Hash
4dc189b45c6485c80edecc3b8b60fdd033b1408ec6e11fa940f4ac977a8d8904
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 27 Aug 2022 13:04:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
589
x-xss-protection
0
amp-loader-0.1.js
cdn.ampproject.org/rtv/012208121708000/v0/
12 KB
4 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012208121708000/v0/amp-loader-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
a0959a3ef0c2403f6026292415a5ecd2f9eabf8d11ff040609eb8c5d88734810
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
231141
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3841
x-xss-protection
0
server
sffe
date
Wed, 24 Aug 2022 20:52:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"a89096bd4dac0edc"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 24 Aug 2023 20:52:25 GMT
jquery-3.6.0.min.js
code.jquery.com/
87 KB
30 KB
Script
General
Full URL
https://code.jquery.com/jquery-3.6.0.min.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
hwcdn.net
Software
nginx /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 13:04:46 GMT
content-encoding
gzip
last-modified
Wed, 16 Feb 2022 10:50:39 GMT
server
nginx
etag
W/"620cd6ff-15d9d"
vary
Accept-Encoding
x-hw
1661605486.dop009.la3.t,1661605486.cds216.la3.hn,1661605486.cds267.la3.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30875
ucfad-formats.css
cdn.aralego.net/css/dev/
975 B
865 B
Stylesheet
General
Full URL
https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 13:04:46 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4207
cf-polished
origSize=1191
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 16 Mar 2018 07:19:46 GMT
server
cloudflare
etag
W/"5aab7012-4a7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tlqr1aN%2FV0vZcuLVoAYgR3ZBJD2J2v2WDQQwio46Sn7s4zLq24JVBH4b5PvVrmFwuUrWRO0NiOINPjz8Hqj0q1DYjWL6G9Ep9dESOSnessgbohdIJvJXXorZSfMy4fuvsg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
741503d39f12a7f3-SYD
cf-bgj
minify
idRequest
sync.aralego.com/
46 B
488 B
XHR
General
Full URL
https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.58.188.181 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software
/
Resource Hash
0cd9528219ef70262bf6d74aaf63531acf8e2ab42f97aa8c3dd16981715c8114

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 27 Aug 2022 13:04:47 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Allow-Credentials
true
Connection
close
Content-Length
46
idRequest
sync.aralego.com/
46 B
488 B
XHR
General
Full URL
https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.58.188.181 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software
/
Resource Hash
0cd9528219ef70262bf6d74aaf63531acf8e2ab42f97aa8c3dd16981715c8114

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 27 Aug 2022 13:04:47 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Allow-Credentials
true
Connection
close
Content-Length
46
ad_request
ads.aralego.com/
508 B
1 KB
XHR
General
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffrettechun-xia-xi-lie-qin-zhi-shang-yan-xia-lu-ji-you.html&adid=ad-627443DBE4283AB9F7A46EA83243447&w=336&h=280&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.2515030651753005&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.120.88.131 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software
/
Resource Hash
e813a8d8d41c0dbdc33020ad6ef27d16afd2b590ceeb998e267409c8f666b829

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 27 Aug 2022 13:04:46 GMT
X-Width
336
X-Height
280
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Expose-Headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
X-AdSource
PSA
X-Adtype
html
Connection
close
Access-Control-Allow-Credentials
true
Content-Length
508
X-AdStyle
banner
ad_request
ads.aralego.com/
508 B
1 KB
XHR
General
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffrettechun-xia-xi-lie-qin-zhi-shang-yan-xia-lu-ji-you.html&adid=ad-627443DBE4283AB9F7A46EA83243447&w=336&h=280&ver=UCX_WEB-20200113&pos=1&seq=1&cb=0.603344287055747&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.120.88.131 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software
/
Resource Hash
e813a8d8d41c0dbdc33020ad6ef27d16afd2b590ceeb998e267409c8f666b829

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 27 Aug 2022 13:04:47 GMT
X-Width
336
X-Height
280
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Expose-Headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
X-AdSource
PSA
X-Adtype
html
Connection
close
Access-Control-Allow-Credentials
true
Content-Length
508
X-AdStyle
banner
amp-sticky-ad-1.0.js
cdn.ampproject.org/rtv/012208121708000/v0/
39 KB
10 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012208121708000/v0/amp-sticky-ad-1.0.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
73cebcd1f01c0af24cf0b3dfdc4989de4feed5f04fc5d399f6096d5194201400
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
231141
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10236
x-xss-protection
0
server
sffe
date
Wed, 24 Aug 2022 20:52:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"3e723257ea406594"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 24 Aug 2023 20:52:25 GMT
block.jpg
delivery.adrecover.com/
631 B
915 B
Image
General
Full URL
https://delivery.adrecover.com/block.jpg?ts=1661605486767
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/frettechun-xia-xi-lie-qin-zhi-shang-yan-xia-lu-ji-you.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.201 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-201.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AU
date
Sat, 27 Aug 2022 13:04:46 GMT
last-modified
Wed, 23 Jun 2021 06:37:54 GMT
server
nginx/1.18.0
etag
"60d2d6c2-277"
vary
Accept-Encoding
x-akamai-device
mobile:false&tablet:false
access-control-allow-origin
*
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=1
accept-ranges
bytes
content-type
image/jpeg
content-length
631
expires
Sat, 27 Aug 2022 14:04:46 GMT
amp-ad-network-adsense-impl-0.1.js
cdn.ampproject.org/rtv/012208121708000/v0/
214 KB
57 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012208121708000/v0/amp-ad-network-adsense-impl-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
0962992388017b566b3a129965a7dcd3da217015293874236154b9d4613f176e
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
231005
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
57837
x-xss-protection
0
server
sffe
date
Wed, 24 Aug 2022 20:54:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"d9de18c3b0ae27e6"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 24 Aug 2023 20:54:41 GMT
pb.42753.1661278076254.v6.js
cdn.adpushup.com/prebid/
342 KB
92 KB
Script
General
Full URL
https://cdn.adpushup.com/prebid/pb.42753.1661278076254.v6.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.161 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-161.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
e144e8b6ee619780391596ee29839469ce3f0914740edf0a6e42e109ab003f21

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AU
date
Sat, 27 Aug 2022 13:04:47 GMT
content-encoding
br
last-modified
Tue, 23 Aug 2022 18:08:10 GMT
server
nginx/1.18.0
etag
W/"6305178a-557f3"
vary
Accept-Encoding
x-akamai-device
mobile:false&tablet:false
access-control-allow-origin
*
cache-control
max-age=31536000
server-timing
cdn-cache; desc=HIT, edge; dur=2
content-type
application/javascript
content-length
93716
expires
Sun, 27 Aug 2023 13:04:47 GMT
42914044-a16c-41e7-8a0a-54f5cc1d7608
https://www.bg3.co/
4 KB
0
Other
General
Full URL
blob:https://www.bg3.co/42914044-a16c-41e7-8a0a-54f5cc1d7608
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/frettechun-xia-xi-lie-qin-zhi-shang-yan-xia-lu-ji-you.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
41f36457d5ec5bd7d115c29bea53e0d1ff77de7418837ef39e897f3b7d497e8a

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
3743
gtag.json
cdn.ampproject.org/rtv/012208121708000/v0/analytics-vendors/
2 KB
931 B
Fetch
General
Full URL
https://cdn.ampproject.org/rtv/012208121708000/v0/analytics-vendors/gtag.json
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
a8993772c9eb591474f38d257bebc8c4286703e1af72d04c8c294be5fff7b649
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
231361
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
901
x-xss-protection
0
server
sffe
date
Wed, 24 Aug 2022 20:48:46 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
application/json
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"f8ad7a45fe031326"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 24 Aug 2023 20:48:46 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 142A
117 KB
39 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
cafe /
Resource Hash
7fb70ba34e95710c4ca6e83db74f6adf908bb3d2d193c4b4f17b4dbf550bc354
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 13:04:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40160
x-xss-protection
0
server
cafe
etag
8275229136962704732
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 27 Aug 2022 13:04:47 GMT
integrator.json
adservice.google.com/adsid/
86 B
572 B
Fetch
General
Full URL
https://adservice.google.com/adsid/integrator.json?domain=www.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f155.1e100.net
Software
cafe /
Resource Hash
14cfb5058acaf3af2f07088f1582f29941d7a4cc74fd1cea5050cecad862d154
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 27 Aug 2022 13:04:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
access-control-allow-origin
https://www.bg3.co
cache-control
private, no-cache, no-store
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
83
x-xss-protection
0
nameframe.html
d-984379383978768384.ampproject.net/2208121708000/
0
0
Other
General
Full URL
https://d-984379383978768384.ampproject.net/2208121708000/nameframe.html
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f94.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

amp
www.googletagmanager.com/gtag/
610 B
808 B
Fetch
General
Full URL
https://www.googletagmanager.com/gtag/amp?__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
8492f3fc13f89700f09e8a96308911979a6289be084af2c497ea54dbd7dd7f5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=utf-8

Response headers

date
Sat, 27 Aug 2022 13:04:47 GMT
content-encoding
br
vary
*
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="amp.json"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
258
x-xss-protection
0
pragma
no-cache
amp-access-control-allow-source-origin
https://www.bg3.co
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
expires
Fri, 01 Jan 1990 00:00:00 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 116B
117 KB
39 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
cafe /
Resource Hash
36df198b5853cb6a659189147fadeb7e4a8939bce04a509d7cc8c8d77327ff17
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 13:04:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40217
x-xss-protection
0
server
cafe
etag
2503069172447063104
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 27 Aug 2022 13:04:47 GMT
cookieSyncIframe.html
cdn.aralego.net/ucfad/cookie/ Frame 923D
714 B
828 B
Document
General
Full URL
https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

access-control-allow-credentials
true
age
937
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
741503d98bc2a7f3-SYD
content-encoding
br
content-type
text/html
date
Sat, 27 Aug 2022 13:04:47 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified
Wed, 09 Feb 2022 05:59:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1GYirJzwHwuVXWlDTxIU4Yl81FinI%2FveFcB1N4Y4HMPC2hJ7cunwJMMUHSpnMV8Emy5fFpwsVXNXLT%2Fy2w7xU%2FRtpOxau9GOrJ7%2F39ZsLrLAs5xe5HjHbQ0cQoJpqhgsNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
idsync
sync.aralego.com/
35 B
384 B
Image
General
Full URL
https://sync.aralego.com/idsync?gdpr=1&euconsent-v2=${GDPR_CONSENT_607}&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/frettechun-xia-xi-lie-qin-zhi-shang-yan-xia-lu-ji-you.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.58.188.181 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 27 Aug 2022 13:04:47 GMT
Connection
close
Content-Length
35
Content-Type
image/gif
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 923D
83 KB
28 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f154.1e100.net
Software
sffe /
Resource Hash
7756d206dc3ead613edcff96d9a65e380e24c1dd9c973425762d0628bfc3faaf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 13:04:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28647
x-xss-protection
0
server
sffe
etag
"1315 / 61 of 1000 / last-modified: 1661551853"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 27 Aug 2022 13:04:48 GMT
cookieSyncIframe.html
cdn.aralego.net/ucfad/cookie/ Frame C332
714 B
835 B
Document
General
Full URL
https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

access-control-allow-credentials
true
age
937
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
741503da4c94a7f3-SYD
content-encoding
br
content-type
text/html
date
Sat, 27 Aug 2022 13:04:47 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified
Wed, 09 Feb 2022 05:59:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t%2Fu%2BeEBYI5g%2Fbjivk7pwv%2FCdbkY6PJ%2BT8X%2BgWarm9gzqknfovLaBZY%2FTfl%2BLk2Xy9MVphzjwPMWZ%2F0ZUM41hOZxAKPdfgEumHpkecKIsqhKsQ5h6XRTsgpwGo2b2mKa76g%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame C332
83 KB
29 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f154.1e100.net
Software
sffe /
Resource Hash
7756d206dc3ead613edcff96d9a65e380e24c1dd9c973425762d0628bfc3faaf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 13:04:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28647
x-xss-protection
0
server
sffe
etag
"1315 / 481 of 1000 / last-modified: 1661551853"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 27 Aug 2022 13:04:48 GMT
quantcast.js
cdn.adpushup.com/pbuseridscripts/
450 B
618 B
Script
General
Full URL
https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.161 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-161.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AU
date
Sat, 27 Aug 2022 13:04:47 GMT
content-encoding
gzip
last-modified
Mon, 28 Jun 2021 04:15:23 GMT
server
nginx/1.18.0
etag
"60d94cdb-1c2"
vary
Accept-Encoding
x-akamai-device
mobile:false&tablet:false
access-control-allow-origin
*
cache-control
max-age=31536000
server-timing
cdn-cache; desc=HIT, edge; dur=10
accept-ranges
bytes
content-type
application/javascript
content-length
317
expires
Sun, 27 Aug 2023 13:04:47 GMT
linkPreview.js
cdn.adpushup.com/42753/
72 KB
17 KB
Script
General
Full URL
https://cdn.adpushup.com/42753/linkPreview.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/frettechun-xia-xi-lie-qin-zhi-shang-yan-xia-lu-ji-you.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.161 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-161.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
968012b3a49390a10d31c6d36b2aab796ec167a83378b5f9787756ee7cb035c5

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AU
date
Sat, 27 Aug 2022 13:04:47 GMT
content-encoding
br
last-modified
Thu, 14 Jul 2022 19:44:27 GMT
server
nginx/1.18.0
etag
W/"62d0721b-11ed1"
vary
Accept-Encoding
x-akamai-device
mobile:false&tablet:false
access-control-allow-origin
*
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=3
content-type
application/javascript
content-length
17440
expires
Sat, 27 Aug 2022 14:04:47 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/
83 KB
28 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f154.1e100.net
Software
sffe /
Resource Hash
7756d206dc3ead613edcff96d9a65e380e24c1dd9c973425762d0628bfc3faaf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 13:04:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28647
x-xss-protection
0
server
sffe
etag
"1315 / 328 of 1000 / last-modified: 1661551853"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 27 Aug 2022 13:04:48 GMT
sync
e3.adpushup.com/AdPushupFeedbackWebService/user/
70 B
476 B
Image
General
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/user/sync
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/frettechun-xia-xi-lie-qin-zhi-shang-yan-xia-lu-ji-you.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Aug 2022 13:04:48 GMT
ap-cookie-status
cookies ap_uid and ap_usid are set
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/
70 B
131 B
Image
General
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2NjE2MDU0ODc5MjAsInBhY2tldElkIjoiMDAwMEE3MDEtNDZmODk2NTAtZWQ1My00OWIwLTkwZTEtNWI5Y2Q1YWY1OTFiIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2ZyZXR0ZWNodW4teGlhLXhpLWxpZS1xaW4temhpLXNoYW5nLXlhbi14aWEtbHUtamkteW91Lmh0bWwiLCJtb2RlIjo0LCJlcnJvckNvZGUiOjAsInJlZmVycmVyIjoiIiwicGFnZUdyb3VwIjoiQVJUSUNMRSIsInBhZ2VWYXJpYXRpb25JZCI6Ijk2NzUwMTI1LWI5MGMtNDk3YS04Njk5LTczMTcxZjdiNDkzNSIsInBhZ2VWYXJpYXRpb25OYW1lIjoiQWRQdXNodXAiLCJwYWdlVmFyaWF0aW9uVHlwZSI6MSwicGxhdGZvcm0iOiJERVNLVE9QIiwiaXNHZW5pZWUiOmZhbHNlLCJzZWN0aW9ucyI6bnVsbH0%3D
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/frettechun-xia-xi-lie-qin-zhi-shang-yan-xia-lu-ji-you.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Aug 2022 13:04:48 GMT
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/
70 B
131 B
Image
General
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2NjE2MDU0ODc5MjAsInBhY2tldElkIjoiMDAwMEE3MDEtNDZmODk2NTAtZWQ1My00OWIwLTkwZTEtNWI5Y2Q1YWY1OTFiIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2ZyZXR0ZWNodW4teGlhLXhpLWxpZS1xaW4temhpLXNoYW5nLXlhbi14aWEtbHUtamkteW91Lmh0bWwiLCJtb2RlIjo1LCJlcnJvckNvZGUiOjEsInJlZmVycmVyIjoiIiwicGFnZUdyb3VwIjoiQVJUSUNMRSIsInBhZ2VWYXJpYXRpb25JZCI6Ijk2NzUwMTI1LWI5MGMtNDk3YS04Njk5LTczMTcxZjdiNDkzNSIsInBhZ2VWYXJpYXRpb25OYW1lIjoiQWRQdXNodXAiLCJwYWdlVmFyaWF0aW9uVHlwZSI6MSwicGxhdGZvcm0iOiJERVNLVE9QIiwiaXNHZW5pZWUiOmZhbHNlLCJzZWN0aW9ucyI6bnVsbH0%3D
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/frettechun-xia-xi-lie-qin-zhi-shang-yan-xia-lu-ji-you.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Aug 2022 13:04:48 GMT
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/
70 B
131 B
Image
General
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2NjE2MDU0ODc5MjAsInBhY2tldElkIjoiMDAwMEE3MDEtNDZmODk2NTAtZWQ1My00OWIwLTkwZTEtNWI5Y2Q1YWY1OTFiIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2ZyZXR0ZWNodW4teGlhLXhpLWxpZS1xaW4temhpLXNoYW5nLXlhbi14aWEtbHUtamkteW91Lmh0bWwiLCJtb2RlIjoxLCJlcnJvckNvZGUiOjEsInJlZmVycmVyIjoiIiwicGFnZUdyb3VwIjoiQVJUSUNMRSIsInBhZ2VWYXJpYXRpb25JZCI6Ijk2NzUwMTI1LWI5MGMtNDk3YS04Njk5LTczMTcxZjdiNDkzNSIsInBhZ2VWYXJpYXRpb25OYW1lIjoiQWRQdXNodXAiLCJwYWdlVmFyaWF0aW9uVHlwZSI6MSwicGxhdGZvcm0iOiJERVNLVE9QIiwiaXNHZW5pZWUiOmZhbHNlLCJzZWN0aW9ucyI6W3sic2VjdGlvbklkIjoiNzdhOWMyMmYtYWMwMi00NWRkLTk2YmMtYjA4OTZhOGE3ZDVhIiwic2VjdGlvbk5hbWUiOiJBUF9MX0RfQVJUSUNMRV83MjhYMjUwXzc3YTljIiwic3RhdHVzIjoxLCJuZXR3b3JrIjoiYWRwVGFncyIsIm5ldHdvcmtBZFVuaXRJZCI6IkFEUF80Mjc1M183MjhYMjUwXzc3YTljMjJmLWFjMDItNDVkZC05NmJjLWIwODk2YThhN2Q1YSIsInNlcnZpY2VzIjpbMSwzXSwiYWRVbml0VHlwZSI6MX1dfQ%3D%3D
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/frettechun-xia-xi-lie-qin-zhi-shang-yan-xia-lu-ji-you.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Aug 2022 13:04:48 GMT
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/
70 B
131 B
Image
General
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2NjE2MDU0ODc5MjYsInBhY2tldElkIjoiMDAwMEE3MDEtNDZmODk2NTAtZWQ1My00OWIwLTkwZTEtNWI5Y2Q1YWY1OTFiIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2ZyZXR0ZWNodW4teGlhLXhpLWxpZS1xaW4temhpLXNoYW5nLXlhbi14aWEtbHUtamkteW91Lmh0bWwiLCJtb2RlIjoxLCJlcnJvckNvZGUiOjEsInJlZmVycmVyIjoiIiwicGFnZUdyb3VwIjoiQVJUSUNMRSIsInBhZ2VWYXJpYXRpb25JZCI6Ijk2NzUwMTI1LWI5MGMtNDk3YS04Njk5LTczMTcxZjdiNDkzNSIsInBhZ2VWYXJpYXRpb25OYW1lIjoiQWRQdXNodXAiLCJwYWdlVmFyaWF0aW9uVHlwZSI6MSwicGxhdGZvcm0iOiJERVNLVE9QIiwiaXNHZW5pZWUiOmZhbHNlLCJzZWN0aW9ucyI6W3sic2VjdGlvbklkIjoiZDFjMTBhNzItMjdiNC00OTMxLThjZTctOTlhMThlYmJkYmFlIiwic2VjdGlvbk5hbWUiOiJBUF9JX0RfQVJUSUNMRV83MjhYOTBfZDFjMTAiLCJzdGF0dXMiOjEsIm5ldHdvcmsiOiJhZHBUYWdzIiwibmV0d29ya0FkVW5pdElkIjoiU1RJQ0tZX0FEUF80Mjc1M183MjhYOTBfZDFjMTBhNzItMjdiNC00OTMxLThjZTctOTlhMThlYmJkYmFlIiwic2VydmljZXMiOls1LDNdLCJhZFVuaXRUeXBlIjozfV19
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/frettechun-xia-xi-lie-qin-zhi-shang-yan-xia-lu-ji-you.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Aug 2022 13:04:48 GMT
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/
70 B
131 B
Image
General
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2NjE2MDU0ODc5MjgsInBhY2tldElkIjoiMDAwMEE3MDEtNDZmODk2NTAtZWQ1My00OWIwLTkwZTEtNWI5Y2Q1YWY1OTFiIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2ZyZXR0ZWNodW4teGlhLXhpLWxpZS1xaW4temhpLXNoYW5nLXlhbi14aWEtbHUtamkteW91Lmh0bWwiLCJtb2RlIjoxLCJlcnJvckNvZGUiOjEsInJlZmVycmVyIjoiIiwicGFnZUdyb3VwIjoiQVJUSUNMRSIsInBhZ2VWYXJpYXRpb25JZCI6Ijk2NzUwMTI1LWI5MGMtNDk3YS04Njk5LTczMTcxZjdiNDkzNSIsInBhZ2VWYXJpYXRpb25OYW1lIjoiQWRQdXNodXAiLCJwYWdlVmFyaWF0aW9uVHlwZSI6MSwicGxhdGZvcm0iOiJERVNLVE9QIiwiaXNHZW5pZWUiOmZhbHNlLCJzZWN0aW9ucyI6W3sic2VjdGlvbklkIjoiMTA0YjI4MmEtYmQxMS00ZDhkLWFkNjQtMDQ5MjA2M2I2Y2JhIiwic2VjdGlvbk5hbWUiOiJBUF9JX0RfQVJUSUNMRV8xMjBYNjAwXzEwNGIyIiwic3RhdHVzIjoxLCJuZXR3b3JrIjoiYWRwVGFncyIsIm5ldHdvcmtBZFVuaXRJZCI6IlNUSUNLWV9BRFBfNDI3NTNfMTIwWDYwMF8xMDRiMjgyYS1iZDExLTRkOGQtYWQ2NC0wNDkyMDYzYjZjYmEiLCJzZXJ2aWNlcyI6WzUsM10sImFkVW5pdFR5cGUiOjN9XX0%3D
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/frettechun-xia-xi-lie-qin-zhi-shang-yan-xia-lu-ji-you.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Aug 2022 13:04:48 GMT
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
collect
www.google-analytics.com/r/
35 B
396 B
Image
General
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=a1&ds=AMP&aip&_s=1&dt=FRETTE%E6%98%A5%E5%A4%8F%E7%B3%BB%E5%88%97%E5%AF%A2%E7%B9%94%E3%80%80%E4%B8%8A%E6%BC%94%E5%A4%8F%E6%97%85%E7%B4%80%E9%81%8A%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&sr=1600x1200&cid=amp-6-J3JV8ln4DyLWd_OBUk5w&tid=UA-172083736-2&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffrettechun-xia-xi-lie-qin-zhi-shang-yan-xia-lu-ji-you.html&dr=&sd=24&ul=en-us&de=UTF-8&t=pageview&jid=0.3599608985417708&gjid=0.4084871595365849&_r=1&a=9983&z=0.8128952852803584&gtm=2pu000
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/frettechun-xia-xi-lie-qin-zhi-shang-yan-xia-lu-ji-you.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f113.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Aug 2022 13:04:48 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208240101/ Frame 142A
342 KB
120 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208240101/show_ads_impl_fy2021.js?bust=31069152
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
cafe /
Resource Hash
f635632e2628ccd042ca87a2c91b47aba7e93229144d513527b98654669ad2b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 13:04:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
123323
x-xss-protection
0
server
cafe
etag
17026045354479992840
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sat, 27 Aug 2022 13:04:48 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208230101/ Frame 116B
342 KB
120 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208230101/show_ads_impl_fy2021.js?bust=31069151
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
cafe /
Resource Hash
5c78e1a303886cac32f78421019b58a14d3b74d8eb268802db33e6437d4b7923
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 13:04:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
123349
x-xss-protection
0
server
cafe
etag
3297474072399627439
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sat, 27 Aug 2022 13:04:48 GMT
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/
2 KB
2 KB
XHR
General
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20220827
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1661278076254.v6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.87.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c03afe161b10b51214f2528481a2d43a401b5df3a5597613e4212348309b8eb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 27 Aug 2022 13:04:48 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
36210
x-jsd-version
1.0.1444
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19160-FRA, cache-cdg20757-CDG
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"665-s3IXjRy+ej4RLkZJmAwTYJE3iCw"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XbPHhhCdY3rse%2BwbKMfX11sAq3Ud6JIru3myv4DwvNTxw%2B3%2F4mdwTYQlgbgMsK1Lw9kGjJm8VOatNWVSEugFHd2HQ%2FCCVrzXPXcUwekg4WgKu%2Bc%2B3cKdi9FtWgy6TzfsqcA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
741503dde85eaabe-SYD
access-control-expose-headers
*
auction
tlx.3lift.com/header/
19 B
504 B
XHR
General
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=6.19.0&referrer=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffrettechun-xia-xi-lie-qin-zhi-shang-yan-xia-lu-ji-you.html&tmax=3000
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1661278076254.v6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.137.217.248 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-46-137-217-248.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 27 Aug 2022 13:04:48 GMT
accept-ch
sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile,sec-ch-downlink,user-agent,sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height,sec-ch-ua-platform,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
c
prebid.a-mo.net/a/
0
518 B
XHR
General
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1661278076254.v6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.89.200 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bg3.co
date
Sat, 27 Aug 2022 13:04:47 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
x-envoy-upstream-service-time
2
vary
origin, Accept-Encoding
adreq
ads.servenobid.com/
818 B
626 B
XHR
General
Full URL
https://ads.servenobid.com/adreq?cb=4586
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1661278076254.v6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.51.145.107 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-145-107.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
f1e691269432cba8bed2110866d1a1a67546edcb41cb7e9f5e3fc9de6736a59e

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 27 Aug 2022 13:04:49 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
arj
adpushup-d.openx.net/w/1.0/
174 B
382 B
XHR
General
Full URL
https://adpushup-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffrettechun-xia-xi-lie-qin-zhi-shang-yan-xia-lu-ji-you.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=ba08bac9-7cf2-4873-889b-e32d74bde107%2C7ca0305b-45b3-4399-9013-b55459cdbffc%2Ceac66a51-84a4-4cdd-b8ba-3a1311239217&nocache=1661605488069&pubcid=e3c620ed-ebeb-4833-b8f8-a9c01aa548b1&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&aus=728x250%2C728x90%2C690x90%2C690x250%2C675x90%2C675x250%2C670x90%2C670x250%2C650x90%2C650x250%2C650x150%2C630x90%2C630x250%2C602x100%2C600x90%2C600x250%2C580x90%2C570x90%2C550x150%2C468x60%2C320x50%2C320x100%2C300x50%2C300x100%2C300x75%2C300x250%2C250x250%2C200x200%7C728x90%2C690x90%2C675x90%2C670x90%2C650x90%2C630x90%2C600x90%2C580x90%2C570x90%2C468x60%2C320x50%2C300x50%2C300x75%7C120x600&divids=ADP_42753_728X250_77a9c22f-ac02-45dd-96bc-b0896a8a7d5a%2CSTICKY_ADP_42753_728X90_d1c10a72-27b4-4931-8ce7-99a18ebbdbae%2CSTICKY_ADP_42753_120X600_104b282a-bd11-4d8d-ad64-0492063b6cba&aucs=%2C%2C&auid=545618347%2C545618347%2C545618347
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1661278076254.v6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
25fcf0806bf713ff336d57c035de6c134c3df5e45571cae6bc6330e0d7541b20

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 27 Aug 2022 13:04:48 GMT
content-encoding
gzip
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
164
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
avjp
adpushup-d.openx.net/v/1.0/
106 B
504 B
XHR
General
Full URL
https://adpushup-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffrettechun-xia-xi-lie-qin-zhi-shang-yan-xia-lu-ji-you.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=3d1b1d04-6d0d-492e-9df0-50951e5e4d17&nocache=1661605488069&pubcid=e3c620ed-ebeb-4833-b8f8-a9c01aa548b1&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A120%2C%22h%22%3A600%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22api%22%3A%5B2%5D%2C%22playbackmethod%22%3A6%2C%22linearity%22%3A1%7D%7D%5D%7D&auid=545618481&vwd=120&vht=600&vos=101&vmimes=video%2Fmp4%2Cvideo%2Fwebm
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1661278076254.v6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 27 Aug 2022 13:04:48 GMT
via
1.1 google
server
OXGW/0.0.0
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
avjp
adpushup-d.openx.net/v/1.0/
106 B
296 B
XHR
General
Full URL
https://adpushup-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffrettechun-xia-xi-lie-qin-zhi-shang-yan-xia-lu-ji-you.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=41857938-9da4-407b-9af9-06b91006f0d8&nocache=1661605488070&pubcid=e3c620ed-ebeb-4833-b8f8-a9c01aa548b1&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22api%22%3A%5B2%5D%2C%22playbackmethod%22%3A6%2C%22linearity%22%3A1%7D%7D%5D%7D&auid=545618481&vwd=728&vht=90&vos=101&vmimes=video%2Fmp4%2Cvideo%2Fwebm
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1661278076254.v6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 27 Aug 2022 13:04:48 GMT
via
1.1 google
server
OXGW/0.0.0
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
avjp
adpushup-d.openx.net/v/1.0/
106 B
296 B
XHR
General
Full URL
https://adpushup-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffrettechun-xia-xi-lie-qin-zhi-shang-yan-xia-lu-ji-you.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=29e63512-7ea1-4ac9-aae8-a91db749e1b4&nocache=1661605488070&pubcid=e3c620ed-ebeb-4833-b8f8-a9c01aa548b1&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A400%2C%22h%22%3A225%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22api%22%3A%5B2%5D%2C%22playbackmethod%22%3A6%2C%22linearity%22%3A1%7D%7D%5D%7D&auid=545618481&vwd=400&vht=225&vos=101&vmimes=video%2Fmp4%2Cvideo%2Fwebm
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1661278076254.v6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 27 Aug 2022 13:04:48 GMT
via
1.1 google
server
OXGW/0.0.0
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
v1
hb-api.omnitagjs.com/hb-api/prebid/
0
0

prebid
prebid.media.net/rtb/
1 KB
919 B
XHR
General
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUPEPKI9
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1661278076254.v6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
7e1d89a2853fa4deb7da5d312fc314996980c1e8d6c603fe8aff8b825e451bab

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 27 Aug 2022 13:04:48 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
102
alt-svc
clear
via
1.1 google
prebid-request
onetag-sys.com/
15 B
407 B
XHR
General
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1661278076254.v6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.79.234.100 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip100.ip-51-79-234.net
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
access-control-allow-headers
content-type, origin, referer, user-agent
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://www.bg3.co
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
41
cdb
bidder.criteo.com/
0
212 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.19.0&cb=31515838111
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1661278076254.v6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.145 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 27 Aug 2022 13:04:47 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
prebid
ib.adnxs.com/ut/v3/
48 KB
13 KB
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1661278076254.v6.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.151.68 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
904.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
5d3ec097e4d388b45acf79691a9b664ab7a18cd0f115ebc40dd2c3b057675cd0
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 27 Aug 2022 13:04:48 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
173.245.209.160; 173.245.209.160; 904.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
98b08366-e023-4683-b6d8-3f633b44c2b0
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
auction
rtb.adxpremium.services/openrtb2/
59 B
396 B
XHR
General
Full URL
https://rtb.adxpremium.services/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1661278076254.v6.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
135.125.163.79 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3190286.ip-135-125-163.eu
Software
/
Resource Hash
1c877b4b7e75bf2c8432415bb762ed9bfc73830abf68497eff686fcc9fa44f9f

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 27 Aug 2022 13:04:50 GMT
x-prebid
pbs-go/unknown
vary
Origin
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
59
expires
0
auction
prebid-server.rubiconproject.com/openrtb2/
185 B
405 B
XHR
General
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1661278076254.v6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.72.150.84 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-72-150-84.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
655af67ebe93f6012d7326e7bdee1359cacba6e681f757dd56c54cd4bbf78569

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 27 Aug 2022 13:04:48 GMT
content-encoding
gzip
x-prebid
pbs-java/1.96.0
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
173
expires
0
auction
prebid-server.rubiconproject.com/openrtb2/
185 B
405 B
XHR
General
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1661278076254.v6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.72.150.84 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-72-150-84.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
d7689a57b0416971095f20696868bcb7a23d9797bd19917709e794bc51058730

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 27 Aug 2022 13:04:48 GMT
content-encoding
gzip
x-prebid
pbs-java/1.96.0
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
174
expires
0
auction
prebid-server.rubiconproject.com/openrtb2/
185 B
406 B
XHR
General
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1661278076254.v6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.72.150.84 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-72-150-84.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
c29926b9ad980ae58538fa8aa23b29a626379d648d4f31270af5fac26e724c15

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 27 Aug 2022 13:04:49 GMT
content-encoding
gzip
x-prebid
pbs-java/1.96.0
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
175
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/
472 B
2 KB
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20616&site_id=395958&zone_id=2209398&size_id=15%3B2%3B8&alt_size_ids=2%2C1%2C13%2C14%2C19%2C43%2C44%2C117%3B1%2C43%2C44%3B&rp_schain=1.0,1!adpushup.com,062d9a21f747ddee7c25d4297776e0aa,1,,,&eid_pubcid.org=e3c620ed-ebeb-4833-b8f8-a9c01aa548b1%5E1&rf=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffrettechun-xia-xi-lie-qin-zhi-shang-yan-xia-lu-ji-you.html&tk_flint=pbjs_lite_v6.19.0&x_source.tid=ee10ac6f-26be-450b-b263-0e59be181fb1%3Bbce8c462-35e1-48c5-b665-99a07f5455aa%3B9fbaaaf1-21a3-48ad-ab0e-597545f9bfb7&l_pb_bid_id=638c40654af2273%3B643acbaa8484323%3B65be91ca1034bd2&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=3&rand=0.0746493530709662
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1661278076254.v6.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
8c4ad01d08f0011b7d553e918c6d359cdbe076e847d074adad1fe0f8c557333b

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 27 Aug 2022 13:04:49 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.bg3.co
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
472
Expires
Wed, 17 Sep 1975 21:32:10 GMT
bid-request
a.teads.tv/hb/
16 B
360 B
XHR
General
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1661278076254.v6.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.195.153.54 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-153-54.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 27 Aug 2022 13:04:49 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Sat, 27 Aug 2022 13:04:49 GMT
cygnus
htlb.casalemedia.com/
37 B
635 B
XHR
General
Full URL
https://htlb.casalemedia.com/cygnus?s=693656&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22707d44d3591035c%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Ffrettechun-xia-xi-lie-qin-zhi-shang-yan-xia-lu-ji-you.html%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A7%2C%22msi%22%3A7%2C%22mfu%22%3A3%2C%22bu%22%3A3%2C%22iu%22%3A0%2C%22nu%22%3A3%2C%22ou%22%3A3%2C%22allu%22%3A3%2C%22ren%22%3Atrue%2C%22version%22%3A%226.19.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22770d015964a398f%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A320%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22320x50%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22300x50%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A250%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22250x250%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%22800783d8fde2454%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A320%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22320x50%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22300x50%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%228127ed7e27f7c47%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A120%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22120x600%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpushup.com%22%2C%22sid%22%3A%22062d9a21f747ddee7c25d4297776e0aa%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22e3c620ed-ebeb-4833-b8f8-a9c01aa548b1%22%7D%5D%7D%5D%7D%7D
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1661278076254.v6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0054b3a920f40c3dce6071d17392be43591699d507882788f429bb8db7d3f570

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 27 Aug 2022 13:04:48 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=caTK9fXpYgzvjQIOjPnmAORGa4nhfXuAGAhX26cT6FDge4N%2F370HT1Jw3sksNIr2Kdt1yDSH%2FBVrWgwPFR1Q373ZBbRDYKcYzltK0WHaKb%2Fm22qsG%2FxVaoCKuJowm8EcIcx0NYhl"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
741503de38035509-SYD
expires
0
cygnus
htlb.casalemedia.com/
37 B
314 B
XHR
General
Full URL
https://htlb.casalemedia.com/cygnus?s=693656&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%22707d44d3591035c%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Ffrettechun-xia-xi-lie-qin-zhi-shang-yan-xia-lu-ji-you.html%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A3%2C%22bu%22%3A3%2C%22iu%22%3A0%2C%22nu%22%3A3%2C%22ou%22%3A3%2C%22allu%22%3A3%2C%22ren%22%3Atrue%2C%22version%22%3A%226.19.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22800783d8fde2454%22%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22728x90%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B728%2C90%5D%5D%2C%22api%22%3A%5B2%5D%2C%22linearity%22%3A1%2C%22placement%22%3A4%2C%22w%22%3A728%2C%22h%22%3A90%7D%7D%2C%7B%22id%22%3A%228127ed7e27f7c47%22%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22120x600%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B120%2C600%5D%5D%2C%22api%22%3A%5B2%5D%2C%22linearity%22%3A1%2C%22placement%22%3A4%2C%22w%22%3A120%2C%22h%22%3A600%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpushup.com%22%2C%22sid%22%3A%22062d9a21f747ddee7c25d4297776e0aa%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22e3c620ed-ebeb-4833-b8f8-a9c01aa548b1%22%7D%5D%7D%5D%7D%7D
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1661278076254.v6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0054b3a920f40c3dce6071d17392be43591699d507882788f429bb8db7d3f570

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 27 Aug 2022 13:04:48 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TmDq8wBWIj%2F0BuD8QetbampNZW13nysB088nI%2BW5I0e24Sh0hRHHYq%2FDgm9fIh99atUkM68u2jZYN%2FhJkS2FEhlU%2BADetx7jDzqMlexUfbYaFZu%2Bt0rptSQy8cdm%2FKYboJnePS9i"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
741503de38045509-SYD
expires
0
ads
googleads.g.doubleclick.net/pagead/ Frame B4E5
25 KB
11 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-22152624563774328125&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=3509&oid=2&is_amp=5&amp_v=2208121708000&d_imp=1&c=63845009983&ga_cid=amp-6-J3JV8ln4DyLWd_OBUk5w&ga_hid=9983&dt=1661605487417&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffrettechun-xia-xi-lie-qin-zhi-shang-yan-xia-lu-ji-you.html&bdt=2499&dtd=292&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012208121708000/v0/amp-ad-0.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
cafe /
Resource Hash
a3091ebecde91deb56d669ff7133df84f03b3b03bc1865d79ea285931bd59c55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
10887
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 27 Aug 2022 13:04:49 GMT
expires
Sat, 27 Aug 2022 13:04:49 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
quant.js
secure.quantserve.com/
26 KB
10 KB
Script
General
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.229.10.211 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8bac9c023fad9d6721b69f7fe5cfbd0da812fd66ec2c428ae4a141cc44f2e4e9

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 13:04:48 GMT
content-encoding
gzip
etag
"TFjIU174W8I7nbu1DVEZpA=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Sat, 03 Sep 2022 13:04:48 GMT
cookie.js
partner.googleadservices.com/gampad/ Frame 142A
379 B
315 B
Script
General
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208240101/show_ads_impl_fy2021.js?bust=31069152
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
cafe /
Resource Hash
f805a9e156dd05799e3f01a02726beb1830c39a30c85003581f4b4069d43e997
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 13:04:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
246
x-xss-protection
0
integrator.js
adservice.google.com.au/adsid/ Frame 142A
107 B
792 B
Script
General
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208240101/show_ads_impl_fy2021.js?bust=31069152
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 27 Aug 2022 13:04:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 142A
107 B
196 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208240101/show_ads_impl_fy2021.js?bust=31069152
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 27 Aug 2022 13:04:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
adx.holmesmind.com/adx-file/20220802/ Frame 9EED
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&url=https%3A%2F%2Fw...
  • https://adx.holmesmind.com/adx-file/20220802/wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
673 B
1 KB
Document
General
Full URL
https://adx.holmesmind.com/adx-file/20220802/wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208240101/show_ads_impl_fy2021.js?bust=31069152
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.251.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-251-100.sin5.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
21902e4026c2f774fbd13f64845d6fd3a823c1ea64ee93e76a9fe06a49a74711

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
1789
content-length
673
content-type
text/html
date
Sat, 27 Aug 2022 12:35:01 GMT
etag
"48eae0cda160246f65db69ea3a0e8b6a"
last-modified
Tue, 02 Aug 2022 04:45:52 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 5222092a3a10e1d8270e47e821db1ef4.cloudfront.net (CloudFront)
x-amz-cf-id
lVo-srs9uQ2vu1EmM3S3MrwnVMXcp5rtxPfevYb2jLtDzLeBOavXSQ==
x-amz-cf-pop
SIN5-C1
x-amz-version-id
AXCXhborHznj.8nLhhiA1470QYBmIoZE
x-cache
Hit from cloudfront

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 27 Aug 2022 13:04:49 GMT
location
https://adx.holmesmind.com/adx-file/20220802/wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
cookie.js
partner.googleadservices.com/gampad/ Frame 116B
379 B
693 B
Script
General
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208230101/show_ads_impl_fy2021.js?bust=31069151
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
cafe /
Resource Hash
85e0d236edb3aa4832ad8f75bf295bcc6ece1e607b0d74707776eb12f8034ad2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 13:04:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
248
x-xss-protection
0
integrator.js
adservice.google.com.au/adsid/ Frame 116B
107 B
165 B
Script
General
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208230101/show_ads_impl_fy2021.js?bust=31069151
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 27 Aug 2022 13:04:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 116B
107 B
165 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208230101/show_ads_impl_fy2021.js?bust=31069151
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 27 Aug 2022 13:04:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
adx.holmesmind.com/adx-file/20220802/ Frame F953
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&url=https%3A%2F%2Fw...
  • https://adx.holmesmind.com/adx-file/20220802/wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
673 B
1 KB
Document
General
Full URL
https://adx.holmesmind.com/adx-file/20220802/wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208230101/show_ads_impl_fy2021.js?bust=31069151
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.251.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-251-100.sin5.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
21902e4026c2f774fbd13f64845d6fd3a823c1ea64ee93e76a9fe06a49a74711

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
1789
content-length
673
content-type
text/html
date
Sat, 27 Aug 2022 12:35:01 GMT
etag
"48eae0cda160246f65db69ea3a0e8b6a"
last-modified
Tue, 02 Aug 2022 04:45:52 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 5222092a3a10e1d8270e47e821db1ef4.cloudfront.net (CloudFront)
x-amz-cf-id
4o4d4lcEto3nkvHf-6NttA-lzTvJNLNVp6jyAQ3DIqQOJaNz1dEH_A==
x-amz-cf-pop
SIN5-C1
x-amz-version-id
AXCXhborHznj.8nLhhiA1470QYBmIoZE
x-cache
Hit from cloudfront

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 27 Aug 2022 13:04:49 GMT
location
https://adx.holmesmind.com/adx-file/20220802/wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
rules-p-54Nt-1NAaEEe0.js
rules.quantcount.com/
209 B
663 B
Script
General
Full URL
https://rules.quantcount.com/rules-p-54Nt-1NAaEEe0.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.254.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-254-108.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
aa446b1f105b20f07c49f55c8ea00ef9bc42d7f0c5f747319823f00a480ff7f6

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 12:05:40 GMT
via
1.1 ffa0d2acb6ab662531e95cf2a187fa40.cloudfront.net (CloudFront)
age
3550
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
209
last-modified
Fri, 26 Aug 2022 18:04:08 GMT
server
AmazonS3
etag
"f6459e80de21135a46e02ad9e79f6802"
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-cf-pop
SIN52-C3
accept-ranges
bytes
x-amz-cf-id
FLCNvnPGrpr9SZ4drz0OHZv-ZjruXQejYsJtTy5_IjMnv92G4coPsA==
log
aplogger.adpushup.com/
0
53 B
Ping
General
Full URL
https://aplogger.adpushup.com/log?event=glimpse_pageView&data=eyJzZXNzaW9uSWQiOiI3NDgwNTZfMTY2MTYwNTQ4OTE3MSIsInVzZXJJZCI6IjE2NjE5M18xNjYxNjA1NDg5MTcxIiwic2l0ZUlkIjo0Mjc1MywicGxhdGZvcm0iOiJERVNLVE9QIiwicGFnZUlkIjoiNDE5MjA1XzE2NjE2MDU0ODkxNzIiLCJwYWdlUGF0aCI6IiUyRmElMkZmcmV0dGVjaHVuLXhpYS14aS1saWUtcWluLXpoaS1zaGFuZy15YW4teGlhLWx1LWppLXlvdS5odG1sIiwiaG9zdG5hbWUiOiJ3d3cuYmczLmNvIiwidXJsIjoiaHR0cHMlM0ElMkYlMkZ3d3cuYmczLmNvJTJGYSUyRmZyZXR0ZWNodW4teGlhLXhpLWxpZS1xaW4temhpLXNoYW5nLXlhbi14aWEtbHUtamkteW91Lmh0bWwiLCJwaGFzZSI6MCwidXNlclR5cGUiOiJORVciLCJwcmV2aWV3VmFyaWF0aW9uIjoiZGVzY3JpcHRpb25QYWdlIiwiZXhwZXJpbWVudFBhZ2UiOnRydWUsInRpbWVzdGFtcCI6MTY2MTYwNTQ4OTE3Mn0=
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.211.156.162 Mumbai, India, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 13:04:49 GMT
server
nginx/1.14.0 (Ubuntu)
L2EvZnJldHRlY2h1bi14aWEteGktbGllLXFpbi16aGktc2hhbmcteWFuLXhpYS1sdS1qaS15b3UuaHRtbA==.json
cdn.adpushup.com/42753/
555 B
818 B
XHR
General
Full URL
https://cdn.adpushup.com/42753/L2EvZnJldHRlY2h1bi14aWEteGktbGllLXFpbi16aGktc2hhbmcteWFuLXhpYS1sdS1qaS15b3UuaHRtbA==.json
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.161 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-161.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AU
date
Sat, 27 Aug 2022 13:04:49 GMT
server
nginx/1.18.0
vary
Accept-Encoding
x-akamai-device
mobile:false&tablet:false
access-control-allow-origin
*
cache-control
max-age=3600
server-timing
cdn-cache; desc=MISS, edge; dur=17, origin; dur=223
content-type
text/html
content-length
555
expires
Sat, 27 Aug 2022 14:04:49 GMT
pubads_impl_2022082202.js
securepubads.g.doubleclick.net/gpt/
384 KB
131 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082202.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f154.1e100.net
Software
sffe /
Resource Hash
07572f31a00b1843fc6d9a1eb3155eaf2a46089213d6740f302cf34f83738040
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 17:43:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
156070
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133587
x-xss-protection
0
last-modified
Tue, 23 Aug 2022 21:21:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 25 Aug 2023 17:43:39 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/
109 B
118 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.bg3.co
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f154.1e100.net
Software
cafe /
Resource Hash
57ba9c79273602051bd0fa9f6dcd52a3f199dc59f134308efeeaad35424b8311
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 27 Aug 2022 13:04:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
93
x-xss-protection
0
expires
Sat, 27 Aug 2022 13:04:49 GMT
pubads_impl_2022082202.js
securepubads.g.doubleclick.net/gpt/ Frame C332
384 KB
131 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082202.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f154.1e100.net
Software
sffe /
Resource Hash
07572f31a00b1843fc6d9a1eb3155eaf2a46089213d6740f302cf34f83738040
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 17:43:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
156070
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133587
x-xss-protection
0
last-modified
Tue, 23 Aug 2022 21:21:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 25 Aug 2023 17:43:39 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/ Frame B4E5
3 KB
2 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-22152624563774328125&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=3509&oid=2&is_amp=5&amp_v=2208121708000&d_imp=1&c=63845009983&ga_cid=amp-6-J3JV8ln4DyLWd_OBUk5w&ga_hid=9983&dt=1661605487417&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffrettechun-xia-xi-lie-qin-zhi-shang-yan-xia-lu-ji-you.html&bdt=2499&dtd=292&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 12:54:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
629
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 10 Sep 2022 12:54:20 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/ Frame B4E5
17 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-22152624563774328125&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=3509&oid=2&is_amp=5&amp_v=2208121708000&d_imp=1&c=63845009983&ga_cid=amp-6-J3JV8ln4DyLWd_OBUk5w&ga_hid=9983&dt=1661605487417&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffrettechun-xia-xi-lie-qin-zhi-shang-yan-xia-lu-ji-you.html&bdt=2499&dtd=292&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
cafe /
Resource Hash
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 12:55:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
539
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7599
x-xss-protection
0
server
cafe
etag
9215437806027971270
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 10 Sep 2022 12:55:50 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B4E5
140 KB
44 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-22152624563774328125&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=3509&oid=2&is_amp=5&amp_v=2208121708000&d_imp=1&c=63845009983&ga_cid=amp-6-J3JV8ln4DyLWd_OBUk5w&ga_hid=9983&dt=1661605487417&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffrettechun-xia-xi-lie-qin-zhi-shang-yan-xia-lu-ji-you.html&bdt=2499&dtd=292&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
sffe /
Resource Hash
40b5f6acfe971488e28b4570d0b485406d6a56cbdf45e86f0df9b1f040eb6d0d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 13:04:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44079
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1661341966742178"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 27 Aug 2022 13:04:49 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame B4E5
0
333 B
Image
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CS8AccBYKY_DRKs-l5LcPzpO8yASY_NGxXMrx7aDBAcCNtwEQASAAYKWAgICQAYIBF2NhLXB1Yi0zMjE2MjMxOTM1NzEzMDM4oAG22aPQA8gBCakCuZhMXIAkpz6oAwGqBPABT9DZSbgbuP8SpCrdGU1saPKyI995CATuY6FZhhDlCZhYn7Y0ie23AQVn2LFUR645Twe6GAo3OXZ76qPNH3xIiRlenL4njO4IlNw1O91Hpnv3qjFf5M_TnBT0J5j8U_QtzHmq0V4A2enyQ0J9cQleEmt4gaSPW-SfIgWSvj2InSQaLl9S6x2rsYr_GrMmKWOZHQUnvTDgfBYsSe8XM6402V5uUyeWhO5UpaSFehv7XqRVRpABNfjaCJFsG43ItuFeJs-kz9M7tQne53v856C7NXq4ITOr1ouFphwzBSx2dj2KYJwfaEYyf7o1kq9admx9gAbAl8LrtqT9-V2gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQIAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi0zMjE2MjMxOTM1NzEzMDM4GAA&sigh=7JCXlENYp-U&uach_m=[UACH]&cid=CAQSGwCsnQUxnU5z-enDx7WZdxjB6ZfmwoZytQndjBgB&vis=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-22152624563774328125&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=3509&oid=2&is_amp=5&amp_v=2208121708000&d_imp=1&c=63845009983&ga_cid=amp-6-J3JV8ln4DyLWd_OBUk5w&ga_hid=9983&dt=1661605487417&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffrettechun-xia-xi-lie-qin-zhi-shang-yan-xia-lu-ji-you.html&bdt=2499&dtd=292&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-22152624563774328125&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=3509&oid=2&is_amp=5&amp_v=2208121708000&d_imp=1&c=63845009983&ga_cid=amp-6-J3JV8ln4DyLWd_OBUk5w&ga_hid=9983&dt=1661605487417&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffrettechun-xia-xi-lie-qin-zhi-shang-yan-xia-lu-ji-you.html&bdt=2499&dtd=292&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Sat, 27 Aug 2022 13:04:49 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sat, 27 Aug 2022 13:04:49 GMT
notify
rtb.sg1.as.criteo.com/google/auction/ Frame B4E5
0
126 B
Image
General
Full URL
https://rtb.sg1.as.criteo.com/google/auction/notify?profile=14&payload=ke7RDcr6RJAD-gFi-C0SAgAAAOoeEzCFSzSxX721iRBwFgpj_R8FMZ2BLVuLpEIAEgAA&wp=YwoWcAAKqPAA-RLPAA8JzqGeRNFKwB_3AxLQew
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-22152624563774328125&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=3509&oid=2&is_amp=5&amp_v=2208121708000&d_imp=1&c=63845009983&ga_cid=amp-6-J3JV8ln4DyLWd_OBUk5w&ga_hid=9983&dt=1661605487417&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffrettechun-xia-xi-lie-qin-zhi-shang-yan-xia-lu-ji-you.html&bdt=2499&dtd=292&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.141 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 13:04:49 GMT
server
Kestrel
server-processing-duration-in-ticks
183584
content-length
0
strict-transport-security
max-age=31536000; preload;
afr.php
ads.as.criteo.com/delivery/r/ Frame 58AE
119 KB
42 KB
Document
General
Full URL
https://ads.as.criteo.com/delivery/r/afr.php?z=YwoWcAAKqPAA-RLPAA8JzqGeRNFKwB_3AxLQew&u=%7C62LXOQ8QDfvraawMFkaOHnclXAaKBu2LfKl1EdWHNYo%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4GS8d0D9pqsgEM8_Ocsn1b_uSKJsWIPbbImC7Q9fUg2s2yqb7MYnZ-dzhRI3zuZr5XIe4bsI2RcXR3NW0VGjOE63G-4wDACaKw-ELde7To1cwfAUITppHjAYKjFL5eKw8_iJPnrNpMIw3p_2WSMG_7JQ6vKhOA6740oUKItBCr7TvwDFlfz267JxIQI42Q98vULCfqgY-gJlvifVNvP5s6qQ9MxSmjM7R45ezJnGR-yfX44w0SSHnvo4aCDIbJLSZlUqFdhgm2alL56QNIVCHhOXOLD9f0y7pPJUmYuFh4T-Is1dEihn3XyCuIyM6r6-vJi6-UPuV2_4hfOuiXrVV3BCqppBq0IG3uK6-s3BsIgWGMFbM25Xe979FaqwFw2qymH1F8g5lllDjfNJEsUC-xkfTL1eLZutaP8UrcOCfg5lHDrsCDbcsWqTHhzcRcDVgjrCJ8dEKbvni5vEJhfJmvYkVr_HKrECincYuA51Tak3dBkgbrtu8sdcEtzX1eeUQtyBB2AYlV06GzkBVaIBpnmiBo2sGCFB4LTyZVf9BCrNTdON-XQEyeAE-mZaA0RtUZUbp3YLTIQe8vmN8zyT7M-nlIYh85hpE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCWZcUcBYKY_DRKs-l5LcPzpO8yASY_NGxXMrx7aDBAcCNtwEQASAAYKWAgICQAYIBF2NhLXB1Yi0zMjE2MjMxOTM1NzEzMDM4oAG22aPQA8gBCakCuZhMXIAkpz6oAwGqBPMBT9DZSbgbuP8SpCrdGU1saPKyI995CATuY6FZhhDlCZhYn7Y0ie23AQVn2LFUR645Twe6GAo3OXZ76qPNH3xIiRlenL4njO4IlNw1O91Hpnv3qjFf5M_TnBT0J5j8U_QtzHmq0V4A2enyQ0J9cQleEmt4gaSPW-SfIgWSvj2InSQaLl9S6x2rsYr_GrMmKWOZHQUnvTDgfBYsSe8XM6402V5uUyeWhO5UpaSFehv7XqRVRpABNfjaCJFsG43ItuFeJs-kz9M7tQne5zn-xjJe-_PG3rraSGDTPN8aESbhfBOSiBTsPtz7waQZikix5xKCdQt6gAbAl8LrtqT9-V2gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2NiDy0EWMA8pZ_N_8jlVoCUgAtow%26client%3Dca-pub-3216231935713038%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-22152624563774328125&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=3509&oid=2&is_amp=5&amp_v=2208121708000&d_imp=1&c=63845009983&ga_cid=amp-6-J3JV8ln4DyLWd_OBUk5w&ga_hid=9983&dt=1661605487417&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffrettechun-xia-xi-lie-qin-zhi-shang-yan-xia-lu-ji-you.html&bdt=2499&dtd=292&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.148 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
54c1ea9ca5901b92a1ab310900602091458061c2773de65f9001907efe7f54c6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Sat, 27 Aug 2022 13:04:49 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.as.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.as.criteo.net/heavyad?cppv=3&cpp=dZjtK7Ib8hXXdcL1mK2TopMEygLTHCy6mXZDwc0IYCsztS1G1GBNg6q-OTgZwNNVmV8bx4pyBwKea3Sak9jnnp3gKBcxc7-S2FGUIjRMarV7VAp0s_Iv-56GROoHNt9pupdrSfpHEIULCRCAKHexBwe8BHloO9IYvtGksZj81eLPURmVSSglFhXR-phf_YUGsp1PoSseaulxqcpt-azOqEwltLuJqYiiPS1RSn0aREkNq1pJJ0b7qNaZLlJtp7AKyYt0IQq1ySgjmfuT"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
41358514
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
pubads_impl_2022082202.js
securepubads.g.doubleclick.net/gpt/ Frame 923D
384 KB
131 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082202.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f154.1e100.net
Software
sffe /
Resource Hash
07572f31a00b1843fc6d9a1eb3155eaf2a46089213d6740f302cf34f83738040
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 17:43:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
156070
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133587
x-xss-protection
0
last-modified
Tue, 23 Aug 2022 21:21:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 25 Aug 2023 17:43:39 GMT
pixel
pxl.qccerttest.com/
35 B
550 B
Image
General
Full URL
https://pxl.qccerttest.com/pixel?r=1644262936;fpan=1;fpa=P0-1406094425-1661605489412;pbc=e3c620ed-ebeb-4833-b8f8-a9c01aa548b1;ns=0;ce=1;qjs=1;qv=223cf405-20220825122038;ref=;cm=;gdpr=0;d=bg3.co;dst=0;et=1661605489411;tzo=0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffrettechun-xia-xi-lie-qin-zhi-shang-yan-xia-lu-ji-you.html;ogl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/frettechun-xia-xi-lie-qin-zhi-shang-yan-xia-lu-ji-you.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.254.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-254-119.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 26 Aug 2022 17:11:41 GMT
via
1.1 2ba2ffa46f6a4bf7dd5bd07c9a0879ce.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
71589
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000
content-length
35
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 04 Aug 2022 16:01:04 GMT
server
AmazonS3
x-frame-options
SAMEORIGIN
etag
"55d25e9dc950d5db4d53a3b195c046c6"
vary
Accept-Encoding, Origin
content-type
image/gif
x-amz-cf-pop
SIN52-C3
accept-ranges
bytes
x-amz-cf-id
nDAyWNgXPXmVevnur5aDdKR1gykb4sUk_-dk22KQ3YcPNHOkZiTUZA==
pixel;r=758848570;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffrettechun-xia-xi-lie-qin-zhi-shang-yan-xia-lu-ji-you.html;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d...
pixel.quantserve.com/
35 B
371 B
Image
General
Full URL
https://pixel.quantserve.com/pixel;r=758848570;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffrettechun-xia-xi-lie-qin-zhi-shang-yan-xia-lu-ji-you.html;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=0;fpa=P0-1406094425-1661605489412;pbc=e3c620ed-ebeb-4833-b8f8-a9c01aa548b1;ns=0;ce=1;qjs=1;qv=223cf405-20220825122038;cm=;gdpr=0;ref=;d=bg3.co;dst=0;et=1661605489414;tzo=0;ogl=;ses=9031a54a-6ad5-495e-9451-ea59c141b9f8
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/frettechun-xia-xi-lie-qin-zhi-shang-yan-xia-lu-ji-you.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.229.10.211 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Aug 2022 13:04:49 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
js
www.googletagmanager.com/gtag/
202 KB
72 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
f7555cb46baf7c93d1b7947f5ce8ac2c61e67a5b201ebd720befde8ffd6fc47c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 13:04:50 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
73103
x-xss-protection
0
expires
Sat, 27 Aug 2022 13:04:50 GMT
log
aplogger.adpushup.com/
0
54 B
Ping
General
Full URL
https://aplogger.adpushup.com/log?event=linkPreview_failed_JSONRequest&data=eyJzaXRlSWQiOjQyNzUzLCJ1cmwiOiIvYS9mcmV0dGVjaHVuLXhpYS14aS1saWUtcWluLXpoaS1zaGFuZy15YW4teGlhLWx1LWppLXlvdS5odG1sIiwidGltZSI6MTY2MTYwNTQ4OTYxN30=
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.211.156.162 Mumbai, India, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 13:04:49 GMT
server
nginx/1.14.0 (Ubuntu)
truncated
/ Frame B4E5
215 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
97c27ca9d701c1bc25d74a3891f924013a985448df21029e41e484d1642032c2

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
privacy_small.svg
static.criteo.net/flash/icon/ Frame 58AE
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=YwoWcAAKqPAA-RLPAA8JzqGeRNFKwB_3AxLQew&u=%7C62LXOQ8QDfvraawMFkaOHnclXAaKBu2LfKl1EdWHNYo%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4GS8d0D9pqsgEM8_Ocsn1b_uSKJsWIPbbImC7Q9fUg2s2yqb7MYnZ-dzhRI3zuZr5XIe4bsI2RcXR3NW0VGjOE63G-4wDACaKw-ELde7To1cwfAUITppHjAYKjFL5eKw8_iJPnrNpMIw3p_2WSMG_7JQ6vKhOA6740oUKItBCr7TvwDFlfz267JxIQI42Q98vULCfqgY-gJlvifVNvP5s6qQ9MxSmjM7R45ezJnGR-yfX44w0SSHnvo4aCDIbJLSZlUqFdhgm2alL56QNIVCHhOXOLD9f0y7pPJUmYuFh4T-Is1dEihn3XyCuIyM6r6-vJi6-UPuV2_4hfOuiXrVV3BCqppBq0IG3uK6-s3BsIgWGMFbM25Xe979FaqwFw2qymH1F8g5lllDjfNJEsUC-xkfTL1eLZutaP8UrcOCfg5lHDrsCDbcsWqTHhzcRcDVgjrCJ8dEKbvni5vEJhfJmvYkVr_HKrECincYuA51Tak3dBkgbrtu8sdcEtzX1eeUQtyBB2AYlV06GzkBVaIBpnmiBo2sGCFB4LTyZVf9BCrNTdON-XQEyeAE-mZaA0RtUZUbp3YLTIQe8vmN8zyT7M-nlIYh85hpE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCWZcUcBYKY_DRKs-l5LcPzpO8yASY_NGxXMrx7aDBAcCNtwEQASAAYKWAgICQAYIBF2NhLXB1Yi0zMjE2MjMxOTM1NzEzMDM4oAG22aPQA8gBCakCuZhMXIAkpz6oAwGqBPMBT9DZSbgbuP8SpCrdGU1saPKyI995CATuY6FZhhDlCZhYn7Y0ie23AQVn2LFUR645Twe6GAo3OXZ76qPNH3xIiRlenL4njO4IlNw1O91Hpnv3qjFf5M_TnBT0J5j8U_QtzHmq0V4A2enyQ0J9cQleEmt4gaSPW-SfIgWSvj2InSQaLl9S6x2rsYr_GrMmKWOZHQUnvTDgfBYsSe8XM6402V5uUyeWhO5UpaSFehv7XqRVRpABNfjaCJFsG43ItuFeJs-kz9M7tQne5zn-xjJe-_PG3rraSGDTPN8aESbhfBOSiBTsPtz7waQZikix5xKCdQt6gAbAl8LrtqT9-V2gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2NiDy0EWMA8pZ_N_8jlVoCUgAtow%26client%3Dca-pub-3216231935713038%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 13:04:50 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 22 Aug 2023 13:04:50 GMT
adchoices_en.svg
static.criteo.net/flash/icon/ Frame 58AE
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/adchoices_en.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=YwoWcAAKqPAA-RLPAA8JzqGeRNFKwB_3AxLQew&u=%7C62LXOQ8QDfvraawMFkaOHnclXAaKBu2LfKl1EdWHNYo%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4GS8d0D9pqsgEM8_Ocsn1b_uSKJsWIPbbImC7Q9fUg2s2yqb7MYnZ-dzhRI3zuZr5XIe4bsI2RcXR3NW0VGjOE63G-4wDACaKw-ELde7To1cwfAUITppHjAYKjFL5eKw8_iJPnrNpMIw3p_2WSMG_7JQ6vKhOA6740oUKItBCr7TvwDFlfz267JxIQI42Q98vULCfqgY-gJlvifVNvP5s6qQ9MxSmjM7R45ezJnGR-yfX44w0SSHnvo4aCDIbJLSZlUqFdhgm2alL56QNIVCHhOXOLD9f0y7pPJUmYuFh4T-Is1dEihn3XyCuIyM6r6-vJi6-UPuV2_4hfOuiXrVV3BCqppBq0IG3uK6-s3BsIgWGMFbM25Xe979FaqwFw2qymH1F8g5lllDjfNJEsUC-xkfTL1eLZutaP8UrcOCfg5lHDrsCDbcsWqTHhzcRcDVgjrCJ8dEKbvni5vEJhfJmvYkVr_HKrECincYuA51Tak3dBkgbrtu8sdcEtzX1eeUQtyBB2AYlV06GzkBVaIBpnmiBo2sGCFB4LTyZVf9BCrNTdON-XQEyeAE-mZaA0RtUZUbp3YLTIQe8vmN8zyT7M-nlIYh85hpE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCWZcUcBYKY_DRKs-l5LcPzpO8yASY_NGxXMrx7aDBAcCNtwEQASAAYKWAgICQAYIBF2NhLXB1Yi0zMjE2MjMxOTM1NzEzMDM4oAG22aPQA8gBCakCuZhMXIAkpz6oAwGqBPMBT9DZSbgbuP8SpCrdGU1saPKyI995CATuY6FZhhDlCZhYn7Y0ie23AQVn2LFUR645Twe6GAo3OXZ76qPNH3xIiRlenL4njO4IlNw1O91Hpnv3qjFf5M_TnBT0J5j8U_QtzHmq0V4A2enyQ0J9cQleEmt4gaSPW-SfIgWSvj2InSQaLl9S6x2rsYr_GrMmKWOZHQUnvTDgfBYsSe8XM6402V5uUyeWhO5UpaSFehv7XqRVRpABNfjaCJFsG43ItuFeJs-kz9M7tQne5zn-xjJe-_PG3rraSGDTPN8aESbhfBOSiBTsPtz7waQZikix5xKCdQt6gAbAl8LrtqT9-V2gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2NiDy0EWMA8pZ_N_8jlVoCUgAtow%26client%3Dca-pub-3216231935713038%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 13:04:50 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-759"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 22 Aug 2023 13:04:50 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 58AE
308 B
636 B
Image
General
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=YwoWcAAKqPAA-RLPAA8JzqGeRNFKwB_3AxLQew&u=%7C62LXOQ8QDfvraawMFkaOHnclXAaKBu2LfKl1EdWHNYo%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4GS8d0D9pqsgEM8_Ocsn1b_uSKJsWIPbbImC7Q9fUg2s2yqb7MYnZ-dzhRI3zuZr5XIe4bsI2RcXR3NW0VGjOE63G-4wDACaKw-ELde7To1cwfAUITppHjAYKjFL5eKw8_iJPnrNpMIw3p_2WSMG_7JQ6vKhOA6740oUKItBCr7TvwDFlfz267JxIQI42Q98vULCfqgY-gJlvifVNvP5s6qQ9MxSmjM7R45ezJnGR-yfX44w0SSHnvo4aCDIbJLSZlUqFdhgm2alL56QNIVCHhOXOLD9f0y7pPJUmYuFh4T-Is1dEihn3XyCuIyM6r6-vJi6-UPuV2_4hfOuiXrVV3BCqppBq0IG3uK6-s3BsIgWGMFbM25Xe979FaqwFw2qymH1F8g5lllDjfNJEsUC-xkfTL1eLZutaP8UrcOCfg5lHDrsCDbcsWqTHhzcRcDVgjrCJ8dEKbvni5vEJhfJmvYkVr_HKrECincYuA51Tak3dBkgbrtu8sdcEtzX1eeUQtyBB2AYlV06GzkBVaIBpnmiBo2sGCFB4LTyZVf9BCrNTdON-XQEyeAE-mZaA0RtUZUbp3YLTIQe8vmN8zyT7M-nlIYh85hpE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCWZcUcBYKY_DRKs-l5LcPzpO8yASY_NGxXMrx7aDBAcCNtwEQASAAYKWAgICQAYIBF2NhLXB1Yi0zMjE2MjMxOTM1NzEzMDM4oAG22aPQA8gBCakCuZhMXIAkpz6oAwGqBPMBT9DZSbgbuP8SpCrdGU1saPKyI995CATuY6FZhhDlCZhYn7Y0ie23AQVn2LFUR645Twe6GAo3OXZ76qPNH3xIiRlenL4njO4IlNw1O91Hpnv3qjFf5M_TnBT0J5j8U_QtzHmq0V4A2enyQ0J9cQleEmt4gaSPW-SfIgWSvj2InSQaLl9S6x2rsYr_GrMmKWOZHQUnvTDgfBYsSe8XM6402V5uUyeWhO5UpaSFehv7XqRVRpABNfjaCJFsG43ItuFeJs-kz9M7tQne5zn-xjJe-_PG3rraSGDTPN8aESbhfBOSiBTsPtz7waQZikix5xKCdQt6gAbAl8LrtqT9-V2gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2NiDy0EWMA8pZ_N_8jlVoCUgAtow%26client%3Dca-pub-3216231935713038%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 13:04:50 GMT
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Tue, 22 Aug 2023 13:04:50 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 58AE
293 B
621 B
Image
General
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=YwoWcAAKqPAA-RLPAA8JzqGeRNFKwB_3AxLQew&u=%7C62LXOQ8QDfvraawMFkaOHnclXAaKBu2LfKl1EdWHNYo%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4GS8d0D9pqsgEM8_Ocsn1b_uSKJsWIPbbImC7Q9fUg2s2yqb7MYnZ-dzhRI3zuZr5XIe4bsI2RcXR3NW0VGjOE63G-4wDACaKw-ELde7To1cwfAUITppHjAYKjFL5eKw8_iJPnrNpMIw3p_2WSMG_7JQ6vKhOA6740oUKItBCr7TvwDFlfz267JxIQI42Q98vULCfqgY-gJlvifVNvP5s6qQ9MxSmjM7R45ezJnGR-yfX44w0SSHnvo4aCDIbJLSZlUqFdhgm2alL56QNIVCHhOXOLD9f0y7pPJUmYuFh4T-Is1dEihn3XyCuIyM6r6-vJi6-UPuV2_4hfOuiXrVV3BCqppBq0IG3uK6-s3BsIgWGMFbM25Xe979FaqwFw2qymH1F8g5lllDjfNJEsUC-xkfTL1eLZutaP8UrcOCfg5lHDrsCDbcsWqTHhzcRcDVgjrCJ8dEKbvni5vEJhfJmvYkVr_HKrECincYuA51Tak3dBkgbrtu8sdcEtzX1eeUQtyBB2AYlV06GzkBVaIBpnmiBo2sGCFB4LTyZVf9BCrNTdON-XQEyeAE-mZaA0RtUZUbp3YLTIQe8vmN8zyT7M-nlIYh85hpE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCWZcUcBYKY_DRKs-l5LcPzpO8yASY_NGxXMrx7aDBAcCNtwEQASAAYKWAgICQAYIBF2NhLXB1Yi0zMjE2MjMxOTM1NzEzMDM4oAG22aPQA8gBCakCuZhMXIAkpz6oAwGqBPMBT9DZSbgbuP8SpCrdGU1saPKyI995CATuY6FZhhDlCZhYn7Y0ie23AQVn2LFUR645Twe6GAo3OXZ76qPNH3xIiRlenL4njO4IlNw1O91Hpnv3qjFf5M_TnBT0J5j8U_QtzHmq0V4A2enyQ0J9cQleEmt4gaSPW-SfIgWSvj2InSQaLl9S6x2rsYr_GrMmKWOZHQUnvTDgfBYsSe8XM6402V5uUyeWhO5UpaSFehv7XqRVRpABNfjaCJFsG43ItuFeJs-kz9M7tQne5zn-xjJe-_PG3rraSGDTPN8aESbhfBOSiBTsPtz7waQZikix5xKCdQt6gAbAl8LrtqT9-V2gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2NiDy0EWMA8pZ_N_8jlVoCUgAtow%26client%3Dca-pub-3216231935713038%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 13:04:50 GMT
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Tue, 22 Aug 2023 13:04:50 GMT
lg.php
cat.sg1.as.criteo.com/delivery/ Frame 58AE
43 B
348 B
Image
General
Full URL
https://cat.sg1.as.criteo.com/delivery/lg.php?cppv=3&cpp=GDV5OGoB_tYnlOFMGM0PjNG7s2AnHB_ueKl2LSwHAEVc-EmmsrAO011wS6DZ3Dh5CvuQ1F74ZWO747TyJMol8KeZ6UAuBSqkcXdZsBmFfvbz-Yit5rx41pNgUFxT1yXXN1eB-nOqhQ2a6ZuBBEZIi31K73z5V_AnpccgXr7jnsKG0eeFYUKrooae-RzPkn994QmuNeKpXNnoE4PPqr8mMPOU3fKK9Oy-VGUwI2_rgOZiU2bylN3y4aLRSOfw1h3WzSlrifGUpQ8rqhZO13VgqBVZ_O5h4DSa10dANKJlobyvID66I9rePO-ah49qEsuxlhlcYlRfL8ZKpgyIz8cTYeczgcmeNx5N8Hqhq4qfSu8hPybEclgpMCWLTBnVjR0lDXOzVhh0pRGrxjntUonsvWfd8JwGnfOT8MKeXp81Hr9hn6rt
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=YwoWcAAKqPAA-RLPAA8JzqGeRNFKwB_3AxLQew&u=%7C62LXOQ8QDfvraawMFkaOHnclXAaKBu2LfKl1EdWHNYo%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4GS8d0D9pqsgEM8_Ocsn1b_uSKJsWIPbbImC7Q9fUg2s2yqb7MYnZ-dzhRI3zuZr5XIe4bsI2RcXR3NW0VGjOE63G-4wDACaKw-ELde7To1cwfAUITppHjAYKjFL5eKw8_iJPnrNpMIw3p_2WSMG_7JQ6vKhOA6740oUKItBCr7TvwDFlfz267JxIQI42Q98vULCfqgY-gJlvifVNvP5s6qQ9MxSmjM7R45ezJnGR-yfX44w0SSHnvo4aCDIbJLSZlUqFdhgm2alL56QNIVCHhOXOLD9f0y7pPJUmYuFh4T-Is1dEihn3XyCuIyM6r6-vJi6-UPuV2_4hfOuiXrVV3BCqppBq0IG3uK6-s3BsIgWGMFbM25Xe979FaqwFw2qymH1F8g5lllDjfNJEsUC-xkfTL1eLZutaP8UrcOCfg5lHDrsCDbcsWqTHhzcRcDVgjrCJ8dEKbvni5vEJhfJmvYkVr_HKrECincYuA51Tak3dBkgbrtu8sdcEtzX1eeUQtyBB2AYlV06GzkBVaIBpnmiBo2sGCFB4LTyZVf9BCrNTdON-XQEyeAE-mZaA0RtUZUbp3YLTIQe8vmN8zyT7M-nlIYh85hpE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCWZcUcBYKY_DRKs-l5LcPzpO8yASY_NGxXMrx7aDBAcCNtwEQASAAYKWAgICQAYIBF2NhLXB1Yi0zMjE2MjMxOTM1NzEzMDM4oAG22aPQA8gBCakCuZhMXIAkpz6oAwGqBPMBT9DZSbgbuP8SpCrdGU1saPKyI995CATuY6FZhhDlCZhYn7Y0ie23AQVn2LFUR645Twe6GAo3OXZ76qPNH3xIiRlenL4njO4IlNw1O91Hpnv3qjFf5M_TnBT0J5j8U_QtzHmq0V4A2enyQ0J9cQleEmt4gaSPW-SfIgWSvj2InSQaLl9S6x2rsYr_GrMmKWOZHQUnvTDgfBYsSe8XM6402V5uUyeWhO5UpaSFehv7XqRVRpABNfjaCJFsG43ItuFeJs-kz9M7tQne5zn-xjJe-_PG3rraSGDTPN8aESbhfBOSiBTsPtz7waQZikix5xKCdQt6gAbAl8LrtqT9-V2gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2NiDy0EWMA8pZ_N_8jlVoCUgAtow%26client%3Dca-pub-3216231935713038%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.132 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Aug 2022 13:04:50 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1946891
content-type
image/gif
expires
Mon, 26 Jul 1997 05:00:00 GMT
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 58AE
12 KB
5 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=YwoWcAAKqPAA-RLPAA8JzqGeRNFKwB_3AxLQew&u=%7C62LXOQ8QDfvraawMFkaOHnclXAaKBu2LfKl1EdWHNYo%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4GS8d0D9pqsgEM8_Ocsn1b_uSKJsWIPbbImC7Q9fUg2s2yqb7MYnZ-dzhRI3zuZr5XIe4bsI2RcXR3NW0VGjOE63G-4wDACaKw-ELde7To1cwfAUITppHjAYKjFL5eKw8_iJPnrNpMIw3p_2WSMG_7JQ6vKhOA6740oUKItBCr7TvwDFlfz267JxIQI42Q98vULCfqgY-gJlvifVNvP5s6qQ9MxSmjM7R45ezJnGR-yfX44w0SSHnvo4aCDIbJLSZlUqFdhgm2alL56QNIVCHhOXOLD9f0y7pPJUmYuFh4T-Is1dEihn3XyCuIyM6r6-vJi6-UPuV2_4hfOuiXrVV3BCqppBq0IG3uK6-s3BsIgWGMFbM25Xe979FaqwFw2qymH1F8g5lllDjfNJEsUC-xkfTL1eLZutaP8UrcOCfg5lHDrsCDbcsWqTHhzcRcDVgjrCJ8dEKbvni5vEJhfJmvYkVr_HKrECincYuA51Tak3dBkgbrtu8sdcEtzX1eeUQtyBB2AYlV06GzkBVaIBpnmiBo2sGCFB4LTyZVf9BCrNTdON-XQEyeAE-mZaA0RtUZUbp3YLTIQe8vmN8zyT7M-nlIYh85hpE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCWZcUcBYKY_DRKs-l5LcPzpO8yASY_NGxXMrx7aDBAcCNtwEQASAAYKWAgICQAYIBF2NhLXB1Yi0zMjE2MjMxOTM1NzEzMDM4oAG22aPQA8gBCakCuZhMXIAkpz6oAwGqBPMBT9DZSbgbuP8SpCrdGU1saPKyI995CATuY6FZhhDlCZhYn7Y0ie23AQVn2LFUR645Twe6GAo3OXZ76qPNH3xIiRlenL4njO4IlNw1O91Hpnv3qjFf5M_TnBT0J5j8U_QtzHmq0V4A2enyQ0J9cQleEmt4gaSPW-SfIgWSvj2InSQaLl9S6x2rsYr_GrMmKWOZHQUnvTDgfBYsSe8XM6402V5uUyeWhO5UpaSFehv7XqRVRpABNfjaCJFsG43ItuFeJs-kz9M7tQne5zn-xjJe-_PG3rraSGDTPN8aESbhfBOSiBTsPtz7waQZikix5xKCdQt6gAbAl8LrtqT9-V2gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2NiDy0EWMA8pZ_N_8jlVoCUgAtow%26client%3Dca-pub-3216231935713038%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 13:04:50 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
3257271
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4420
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9BxxYMrhZZRAjasX0yzQgbd%2F68gumqqAjxsb%2FaiJEJX%2Bw7B2yHS%2FCWR9ZrDr8badQDdBvR2pL0FrR0P4HXaVTKFb0vtSvoHJwmyMGagXXTkjvYGu90ZqtOv%2FPHJytwvxV%2BmoN9%2FW"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
741503e94c63aacc-SYD
expires
Thu, 17 Aug 2023 13:04:50 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame F953
117 KB
39 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20220802/wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
cafe /
Resource Hash
e7a634c391e048608f5b2ff3d634b0353e516bd3f627cb84c03c45729631c9ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 13:04:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40219
x-xss-protection
0
server
cafe
etag
12335977665199810290
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 27 Aug 2022 13:04:50 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 9EED
118 KB
39 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20220802/wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
cafe /
Resource Hash
4b1cd67cf729be0ce796042faf438acea34dcbcf8fc36379614abc4416ab243a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 13:04:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40295
x-xss-protection
0
server
cafe
etag
6982315076632768528
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 27 Aug 2022 13:04:50 GMT
integrator.js
adservice.google.com.au/adsid/ Frame C332
107 B
165 B
Script
General
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082202.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 27 Aug 2022 13:04:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame C332
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082202.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 27 Aug 2022 13:04:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame C332
492 B
263 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2783791770466577&correlator=3910788819710278&eid=44761477%2C31064019%2C31068920&output=ldjh&gdfp_req=1&vrg=2022082202&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=64515409&sfv=1-0-38&fsapi=false&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1661605490083&lmt=1644386353&dlt=1661605487785&idt=2279&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=p6sjpwf6wv4p&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&frm=24&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=1827216614.1661605490&ga_sid=1661605490&ga_hid=480279505&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082202.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f154.1e100.net
Software
cafe /
Resource Hash
bb6c8503e3a93e9a64147ebf3438ed7981d4309f92c25611fe9b029d9fa044cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 13:04:50 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
234
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cdn.aralego.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
934150ba64037595b99cf76f8cc62da6.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame AA68
6 KB
4 KB
Document
General
Full URL
https://934150ba64037595b99cf76f8cc62da6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082202.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 27 Aug 2022 13:04:50 GMT
expires
Sun, 27 Aug 2023 13:04:50 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
animejs.js
static.criteo.net/animejs/ Frame 58AE
12 KB
6 KB
Script
General
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=YwoWcAAKqPAA-RLPAA8JzqGeRNFKwB_3AxLQew&u=%7C62LXOQ8QDfvraawMFkaOHnclXAaKBu2LfKl1EdWHNYo%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4GS8d0D9pqsgEM8_Ocsn1b_uSKJsWIPbbImC7Q9fUg2s2yqb7MYnZ-dzhRI3zuZr5XIe4bsI2RcXR3NW0VGjOE63G-4wDACaKw-ELde7To1cwfAUITppHjAYKjFL5eKw8_iJPnrNpMIw3p_2WSMG_7JQ6vKhOA6740oUKItBCr7TvwDFlfz267JxIQI42Q98vULCfqgY-gJlvifVNvP5s6qQ9MxSmjM7R45ezJnGR-yfX44w0SSHnvo4aCDIbJLSZlUqFdhgm2alL56QNIVCHhOXOLD9f0y7pPJUmYuFh4T-Is1dEihn3XyCuIyM6r6-vJi6-UPuV2_4hfOuiXrVV3BCqppBq0IG3uK6-s3BsIgWGMFbM25Xe979FaqwFw2qymH1F8g5lllDjfNJEsUC-xkfTL1eLZutaP8UrcOCfg5lHDrsCDbcsWqTHhzcRcDVgjrCJ8dEKbvni5vEJhfJmvYkVr_HKrECincYuA51Tak3dBkgbrtu8sdcEtzX1eeUQtyBB2AYlV06GzkBVaIBpnmiBo2sGCFB4LTyZVf9BCrNTdON-XQEyeAE-mZaA0RtUZUbp3YLTIQe8vmN8zyT7M-nlIYh85hpE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCWZcUcBYKY_DRKs-l5LcPzpO8yASY_NGxXMrx7aDBAcCNtwEQASAAYKWAgICQAYIBF2NhLXB1Yi0zMjE2MjMxOTM1NzEzMDM4oAG22aPQA8gBCakCuZhMXIAkpz6oAwGqBPMBT9DZSbgbuP8SpCrdGU1saPKyI995CATuY6FZhhDlCZhYn7Y0ie23AQVn2LFUR645Twe6GAo3OXZ76qPNH3xIiRlenL4njO4IlNw1O91Hpnv3qjFf5M_TnBT0J5j8U_QtzHmq0V4A2enyQ0J9cQleEmt4gaSPW-SfIgWSvj2InSQaLl9S6x2rsYr_GrMmKWOZHQUnvTDgfBYsSe8XM6402V5uUyeWhO5UpaSFehv7XqRVRpABNfjaCJFsG43ItuFeJs-kz9M7tQne5zn-xjJe-_PG3rraSGDTPN8aESbhfBOSiBTsPtz7waQZikix5xKCdQt6gAbAl8LrtqT9-V2gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2NiDy0EWMA8pZ_N_8jlVoCUgAtow%26client%3Dca-pub-3216231935713038%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 13:04:50 GMT
content-encoding
gzip
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 22 Aug 2023 13:04:50 GMT
img
pix.as.criteo.net/img/ Frame 58AE
17 KB
18 KB
Image
General
Full URL
https://pix.as.criteo.net/img/img?h=496&m=0&partner=72012&q=80&r=0&u=http%3A%2F%2Fstatic.sg1.as.criteo.net%2Fdesign%2Fdt%2F72012%2F200720%2Fd723814b8d194f238eccb2ea8a2c8c0d_logo_n_vertical.png&v=3&w=196&s=BiqHgC5wjf4BW2H6bJJcqieR
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=YwoWcAAKqPAA-RLPAA8JzqGeRNFKwB_3AxLQew&u=%7C62LXOQ8QDfvraawMFkaOHnclXAaKBu2LfKl1EdWHNYo%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4GS8d0D9pqsgEM8_Ocsn1b_uSKJsWIPbbImC7Q9fUg2s2yqb7MYnZ-dzhRI3zuZr5XIe4bsI2RcXR3NW0VGjOE63G-4wDACaKw-ELde7To1cwfAUITppHjAYKjFL5eKw8_iJPnrNpMIw3p_2WSMG_7JQ6vKhOA6740oUKItBCr7TvwDFlfz267JxIQI42Q98vULCfqgY-gJlvifVNvP5s6qQ9MxSmjM7R45ezJnGR-yfX44w0SSHnvo4aCDIbJLSZlUqFdhgm2alL56QNIVCHhOXOLD9f0y7pPJUmYuFh4T-Is1dEihn3XyCuIyM6r6-vJi6-UPuV2_4hfOuiXrVV3BCqppBq0IG3uK6-s3BsIgWGMFbM25Xe979FaqwFw2qymH1F8g5lllDjfNJEsUC-xkfTL1eLZutaP8UrcOCfg5lHDrsCDbcsWqTHhzcRcDVgjrCJ8dEKbvni5vEJhfJmvYkVr_HKrECincYuA51Tak3dBkgbrtu8sdcEtzX1eeUQtyBB2AYlV06GzkBVaIBpnmiBo2sGCFB4LTyZVf9BCrNTdON-XQEyeAE-mZaA0RtUZUbp3YLTIQe8vmN8zyT7M-nlIYh85hpE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCWZcUcBYKY_DRKs-l5LcPzpO8yASY_NGxXMrx7aDBAcCNtwEQASAAYKWAgICQAYIBF2NhLXB1Yi0zMjE2MjMxOTM1NzEzMDM4oAG22aPQA8gBCakCuZhMXIAkpz6oAwGqBPMBT9DZSbgbuP8SpCrdGU1saPKyI995CATuY6FZhhDlCZhYn7Y0ie23AQVn2LFUR645Twe6GAo3OXZ76qPNH3xIiRlenL4njO4IlNw1O91Hpnv3qjFf5M_TnBT0J5j8U_QtzHmq0V4A2enyQ0J9cQleEmt4gaSPW-SfIgWSvj2InSQaLl9S6x2rsYr_GrMmKWOZHQUnvTDgfBYsSe8XM6402V5uUyeWhO5UpaSFehv7XqRVRpABNfjaCJFsG43ItuFeJs-kz9M7tQne5zn-xjJe-_PG3rraSGDTPN8aESbhfBOSiBTsPtz7waQZikix5xKCdQt6gAbAl8LrtqT9-V2gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2NiDy0EWMA8pZ_N_8jlVoCUgAtow%26client%3Dca-pub-3216231935713038%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e8d8bfd98539e33026741ab2c3c67de7d218f6bfe4ac2b2d5a76270e4a045f66
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 13:04:50 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=28728565
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
17909
expires
Wed, 26 Jul 2023 01:14:16 GMT
img
pix.as.criteo.net/img/ Frame 58AE
151 KB
151 KB
Image
General
Full URL
https://pix.as.criteo.net/img/img?h=1200&m=0&partner=72012&q=80&r=0&u=http%3A%2F%2Fstatic.sg1.as.criteo.net%2Fdesign%2Fdt%2F72012%2F220111%2Fe0667fb3f7054c05ae123f64ab9a665e_img_vertical_1.jpg&v=3&w=1200&s=hcJMXAFQCKcuSus98x8vzN6e
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=YwoWcAAKqPAA-RLPAA8JzqGeRNFKwB_3AxLQew&u=%7C62LXOQ8QDfvraawMFkaOHnclXAaKBu2LfKl1EdWHNYo%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4GS8d0D9pqsgEM8_Ocsn1b_uSKJsWIPbbImC7Q9fUg2s2yqb7MYnZ-dzhRI3zuZr5XIe4bsI2RcXR3NW0VGjOE63G-4wDACaKw-ELde7To1cwfAUITppHjAYKjFL5eKw8_iJPnrNpMIw3p_2WSMG_7JQ6vKhOA6740oUKItBCr7TvwDFlfz267JxIQI42Q98vULCfqgY-gJlvifVNvP5s6qQ9MxSmjM7R45ezJnGR-yfX44w0SSHnvo4aCDIbJLSZlUqFdhgm2alL56QNIVCHhOXOLD9f0y7pPJUmYuFh4T-Is1dEihn3XyCuIyM6r6-vJi6-UPuV2_4hfOuiXrVV3BCqppBq0IG3uK6-s3BsIgWGMFbM25Xe979FaqwFw2qymH1F8g5lllDjfNJEsUC-xkfTL1eLZutaP8UrcOCfg5lHDrsCDbcsWqTHhzcRcDVgjrCJ8dEKbvni5vEJhfJmvYkVr_HKrECincYuA51Tak3dBkgbrtu8sdcEtzX1eeUQtyBB2AYlV06GzkBVaIBpnmiBo2sGCFB4LTyZVf9BCrNTdON-XQEyeAE-mZaA0RtUZUbp3YLTIQe8vmN8zyT7M-nlIYh85hpE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCWZcUcBYKY_DRKs-l5LcPzpO8yASY_NGxXMrx7aDBAcCNtwEQASAAYKWAgICQAYIBF2NhLXB1Yi0zMjE2MjMxOTM1NzEzMDM4oAG22aPQA8gBCakCuZhMXIAkpz6oAwGqBPMBT9DZSbgbuP8SpCrdGU1saPKyI995CATuY6FZhhDlCZhYn7Y0ie23AQVn2LFUR645Twe6GAo3OXZ76qPNH3xIiRlenL4njO4IlNw1O91Hpnv3qjFf5M_TnBT0J5j8U_QtzHmq0V4A2enyQ0J9cQleEmt4gaSPW-SfIgWSvj2InSQaLl9S6x2rsYr_GrMmKWOZHQUnvTDgfBYsSe8XM6402V5uUyeWhO5UpaSFehv7XqRVRpABNfjaCJFsG43ItuFeJs-kz9M7tQne5zn-xjJe-_PG3rraSGDTPN8aESbhfBOSiBTsPtz7waQZikix5xKCdQt6gAbAl8LrtqT9-V2gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2NiDy0EWMA8pZ_N_8jlVoCUgAtow%26client%3Dca-pub-3216231935713038%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
afb64c0ac0ff75a8ede1c6c9d9cd7065b3bbf7f98b7bc25ab4079aa04354414f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 13:04:50 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=28245826
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
154694
expires
Thu, 20 Jul 2023 11:08:36 GMT
img
pix.as.criteo.net/img/ Frame 58AE
38 KB
39 KB
Image
General
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=72012&q=80&r=0&u=https%3A%2F%2Fchefgood.com.au%2Fwp-content%2Fuploads%2F2022%2F08%2FGoogle-Shopping_meal-plans_052022_600px_EW_V3_new.jpg&v=3&w=400&s=5a5hROB8GpisQBcGEgcyePEo&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=YwoWcAAKqPAA-RLPAA8JzqGeRNFKwB_3AxLQew&u=%7C62LXOQ8QDfvraawMFkaOHnclXAaKBu2LfKl1EdWHNYo%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4GS8d0D9pqsgEM8_Ocsn1b_uSKJsWIPbbImC7Q9fUg2s2yqb7MYnZ-dzhRI3zuZr5XIe4bsI2RcXR3NW0VGjOE63G-4wDACaKw-ELde7To1cwfAUITppHjAYKjFL5eKw8_iJPnrNpMIw3p_2WSMG_7JQ6vKhOA6740oUKItBCr7TvwDFlfz267JxIQI42Q98vULCfqgY-gJlvifVNvP5s6qQ9MxSmjM7R45ezJnGR-yfX44w0SSHnvo4aCDIbJLSZlUqFdhgm2alL56QNIVCHhOXOLD9f0y7pPJUmYuFh4T-Is1dEihn3XyCuIyM6r6-vJi6-UPuV2_4hfOuiXrVV3BCqppBq0IG3uK6-s3BsIgWGMFbM25Xe979FaqwFw2qymH1F8g5lllDjfNJEsUC-xkfTL1eLZutaP8UrcOCfg5lHDrsCDbcsWqTHhzcRcDVgjrCJ8dEKbvni5vEJhfJmvYkVr_HKrECincYuA51Tak3dBkgbrtu8sdcEtzX1eeUQtyBB2AYlV06GzkBVaIBpnmiBo2sGCFB4LTyZVf9BCrNTdON-XQEyeAE-mZaA0RtUZUbp3YLTIQe8vmN8zyT7M-nlIYh85hpE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCWZcUcBYKY_DRKs-l5LcPzpO8yASY_NGxXMrx7aDBAcCNtwEQASAAYKWAgICQAYIBF2NhLXB1Yi0zMjE2MjMxOTM1NzEzMDM4oAG22aPQA8gBCakCuZhMXIAkpz6oAwGqBPMBT9DZSbgbuP8SpCrdGU1saPKyI995CATuY6FZhhDlCZhYn7Y0ie23AQVn2LFUR645Twe6GAo3OXZ76qPNH3xIiRlenL4njO4IlNw1O91Hpnv3qjFf5M_TnBT0J5j8U_QtzHmq0V4A2enyQ0J9cQleEmt4gaSPW-SfIgWSvj2InSQaLl9S6x2rsYr_GrMmKWOZHQUnvTDgfBYsSe8XM6402V5uUyeWhO5UpaSFehv7XqRVRpABNfjaCJFsG43ItuFeJs-kz9M7tQne5zn-xjJe-_PG3rraSGDTPN8aESbhfBOSiBTsPtz7waQZikix5xKCdQt6gAbAl8LrtqT9-V2gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2NiDy0EWMA8pZ_N_8jlVoCUgAtow%26client%3Dca-pub-3216231935713038%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
0c58544061d214763994239abcbcdcce90e8701e1d8ae99677d1d5b004f84083
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 13:04:49 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
39272
expires
Sat, 27 Aug 2022 13:04:50 GMT
all
csm.as.criteo.net/ Frame 58AE
0
128 B
Ping
General
Full URL
https://csm.as.criteo.net/all?cppv=3&cpp=dZjtK7Ib8hXXdcL1mK2TopMEygLTHCy6mXZDwc0IYCsztS1G1GBNg6q-OTgZwNNVmV8bx4pyBwKea3Sak9jnnp3gKBcxc7-S2FGUIjRMarV7VAp0s_Iv-56GROoHNt9pupdrSfpHEIULCRCAKHexBwe8BHloO9IYvtGksZj81eLPURmVSSglFhXR-phf_YUGsp1PoSseaulxqcpt-azOqEwltLuJqYiiPS1RSn0aREkNq1pJJ0b7qNaZLlJtp7AKyYt0IQq1ySgjmfuT&sds=2&rev=82533&sendBeacon=true
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=YwoWcAAKqPAA-RLPAA8JzqGeRNFKwB_3AxLQew&u=%7C62LXOQ8QDfvraawMFkaOHnclXAaKBu2LfKl1EdWHNYo%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4GS8d0D9pqsgEM8_Ocsn1b_uSKJsWIPbbImC7Q9fUg2s2yqb7MYnZ-dzhRI3zuZr5XIe4bsI2RcXR3NW0VGjOE63G-4wDACaKw-ELde7To1cwfAUITppHjAYKjFL5eKw8_iJPnrNpMIw3p_2WSMG_7JQ6vKhOA6740oUKItBCr7TvwDFlfz267JxIQI42Q98vULCfqgY-gJlvifVNvP5s6qQ9MxSmjM7R45ezJnGR-yfX44w0SSHnvo4aCDIbJLSZlUqFdhgm2alL56QNIVCHhOXOLD9f0y7pPJUmYuFh4T-Is1dEihn3XyCuIyM6r6-vJi6-UPuV2_4hfOuiXrVV3BCqppBq0IG3uK6-s3BsIgWGMFbM25Xe979FaqwFw2qymH1F8g5lllDjfNJEsUC-xkfTL1eLZutaP8UrcOCfg5lHDrsCDbcsWqTHhzcRcDVgjrCJ8dEKbvni5vEJhfJmvYkVr_HKrECincYuA51Tak3dBkgbrtu8sdcEtzX1eeUQtyBB2AYlV06GzkBVaIBpnmiBo2sGCFB4LTyZVf9BCrNTdON-XQEyeAE-mZaA0RtUZUbp3YLTIQe8vmN8zyT7M-nlIYh85hpE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCWZcUcBYKY_DRKs-l5LcPzpO8yASY_NGxXMrx7aDBAcCNtwEQASAAYKWAgICQAYIBF2NhLXB1Yi0zMjE2MjMxOTM1NzEzMDM4oAG22aPQA8gBCakCuZhMXIAkpz6oAwGqBPMBT9DZSbgbuP8SpCrdGU1saPKyI995CATuY6FZhhDlCZhYn7Y0ie23AQVn2LFUR645Twe6GAo3OXZ76qPNH3xIiRlenL4njO4IlNw1O91Hpnv3qjFf5M_TnBT0J5j8U_QtzHmq0V4A2enyQ0J9cQleEmt4gaSPW-SfIgWSvj2InSQaLl9S6x2rsYr_GrMmKWOZHQUnvTDgfBYsSe8XM6402V5uUyeWhO5UpaSFehv7XqRVRpABNfjaCJFsG43ItuFeJs-kz9M7tQne5zn-xjJe-_PG3rraSGDTPN8aESbhfBOSiBTsPtz7waQZikix5xKCdQt6gAbAl8LrtqT9-V2gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2NiDy0EWMA8pZ_N_8jlVoCUgAtow%26client%3Dca-pub-3216231935713038%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.142 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sat, 27 Aug 2022 13:04:50 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 58AE
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=YwoWcAAKqPAA-RLPAA8JzqGeRNFKwB_3AxLQew&u=%7C62LXOQ8QDfvraawMFkaOHnclXAaKBu2LfKl1EdWHNYo%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4GS8d0D9pqsgEM8_Ocsn1b_uSKJsWIPbbImC7Q9fUg2s2yqb7MYnZ-dzhRI3zuZr5XIe4bsI2RcXR3NW0VGjOE63G-4wDACaKw-ELde7To1cwfAUITppHjAYKjFL5eKw8_iJPnrNpMIw3p_2WSMG_7JQ6vKhOA6740oUKItBCr7TvwDFlfz267JxIQI42Q98vULCfqgY-gJlvifVNvP5s6qQ9MxSmjM7R45ezJnGR-yfX44w0SSHnvo4aCDIbJLSZlUqFdhgm2alL56QNIVCHhOXOLD9f0y7pPJUmYuFh4T-Is1dEihn3XyCuIyM6r6-vJi6-UPuV2_4hfOuiXrVV3BCqppBq0IG3uK6-s3BsIgWGMFbM25Xe979FaqwFw2qymH1F8g5lllDjfNJEsUC-xkfTL1eLZutaP8UrcOCfg5lHDrsCDbcsWqTHhzcRcDVgjrCJ8dEKbvni5vEJhfJmvYkVr_HKrECincYuA51Tak3dBkgbrtu8sdcEtzX1eeUQtyBB2AYlV06GzkBVaIBpnmiBo2sGCFB4LTyZVf9BCrNTdON-XQEyeAE-mZaA0RtUZUbp3YLTIQe8vmN8zyT7M-nlIYh85hpE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCWZcUcBYKY_DRKs-l5LcPzpO8yASY_NGxXMrx7aDBAcCNtwEQASAAYKWAgICQAYIBF2NhLXB1Yi0zMjE2MjMxOTM1NzEzMDM4oAG22aPQA8gBCakCuZhMXIAkpz6oAwGqBPMBT9DZSbgbuP8SpCrdGU1saPKyI995CATuY6FZhhDlCZhYn7Y0ie23AQVn2LFUR645Twe6GAo3OXZ76qPNH3xIiRlenL4njO4IlNw1O91Hpnv3qjFf5M_TnBT0J5j8U_QtzHmq0V4A2enyQ0J9cQleEmt4gaSPW-SfIgWSvj2InSQaLl9S6x2rsYr_GrMmKWOZHQUnvTDgfBYsSe8XM6402V5uUyeWhO5UpaSFehv7XqRVRpABNfjaCJFsG43ItuFeJs-kz9M7tQne5zn-xjJe-_PG3rraSGDTPN8aESbhfBOSiBTsPtz7waQZikix5xKCdQt6gAbAl8LrtqT9-V2gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2NiDy0EWMA8pZ_N_8jlVoCUgAtow%26client%3Dca-pub-3216231935713038%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 13:04:50 GMT
content-encoding
gzip
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 22 Aug 2023 13:04:50 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 58AE
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=YwoWcAAKqPAA-RLPAA8JzqGeRNFKwB_3AxLQew&u=%7C62LXOQ8QDfvraawMFkaOHnclXAaKBu2LfKl1EdWHNYo%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4GS8d0D9pqsgEM8_Ocsn1b_uSKJsWIPbbImC7Q9fUg2s2yqb7MYnZ-dzhRI3zuZr5XIe4bsI2RcXR3NW0VGjOE63G-4wDACaKw-ELde7To1cwfAUITppHjAYKjFL5eKw8_iJPnrNpMIw3p_2WSMG_7JQ6vKhOA6740oUKItBCr7TvwDFlfz267JxIQI42Q98vULCfqgY-gJlvifVNvP5s6qQ9MxSmjM7R45ezJnGR-yfX44w0SSHnvo4aCDIbJLSZlUqFdhgm2alL56QNIVCHhOXOLD9f0y7pPJUmYuFh4T-Is1dEihn3XyCuIyM6r6-vJi6-UPuV2_4hfOuiXrVV3BCqppBq0IG3uK6-s3BsIgWGMFbM25Xe979FaqwFw2qymH1F8g5lllDjfNJEsUC-xkfTL1eLZutaP8UrcOCfg5lHDrsCDbcsWqTHhzcRcDVgjrCJ8dEKbvni5vEJhfJmvYkVr_HKrECincYuA51Tak3dBkgbrtu8sdcEtzX1eeUQtyBB2AYlV06GzkBVaIBpnmiBo2sGCFB4LTyZVf9BCrNTdON-XQEyeAE-mZaA0RtUZUbp3YLTIQe8vmN8zyT7M-nlIYh85hpE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCWZcUcBYKY_DRKs-l5LcPzpO8yASY_NGxXMrx7aDBAcCNtwEQASAAYKWAgICQAYIBF2NhLXB1Yi0zMjE2MjMxOTM1NzEzMDM4oAG22aPQA8gBCakCuZhMXIAkpz6oAwGqBPMBT9DZSbgbuP8SpCrdGU1saPKyI995CATuY6FZhhDlCZhYn7Y0ie23AQVn2LFUR645Twe6GAo3OXZ76qPNH3xIiRlenL4njO4IlNw1O91Hpnv3qjFf5M_TnBT0J5j8U_QtzHmq0V4A2enyQ0J9cQleEmt4gaSPW-SfIgWSvj2InSQaLl9S6x2rsYr_GrMmKWOZHQUnvTDgfBYsSe8XM6402V5uUyeWhO5UpaSFehv7XqRVRpABNfjaCJFsG43ItuFeJs-kz9M7tQne5zn-xjJe-_PG3rraSGDTPN8aESbhfBOSiBTsPtz7waQZikix5xKCdQt6gAbAl8LrtqT9-V2gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2NiDy0EWMA8pZ_N_8jlVoCUgAtow%26client%3Dca-pub-3216231935713038%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 13:04:50 GMT
content-encoding
gzip
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 22 Aug 2023 13:04:50 GMT
css
fonts.googleapis.com/ Frame 58AE
7 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Montserrat:400,700%7CRoboto:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek,latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f95.1e100.net
Software
ESF /
Resource Hash
76c183c04077fce70fc2db1992cb7c178c323d5a9ba54300fa3d773b50e2a1af
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 27 Aug 2022 13:04:50 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sat, 27 Aug 2022 13:04:50 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 27 Aug 2022 13:04:50 GMT
integrator.js
adservice.google.com.au/adsid/ Frame 923D
107 B
122 B
Script
General
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082202.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 27 Aug 2022 13:04:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 923D
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082202.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 27 Aug 2022 13:04:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 923D
492 B
263 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3292944035974725&correlator=3503422354505457&eid=31068457%2C31068928&output=ldjh&gdfp_req=1&vrg=2022082202&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=64515409&sfv=1-0-38&fsapi=false&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1661605490207&lmt=1644386353&dlt=1661605487665&idt=2533&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=2dgfomk3hjiw&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&frm=24&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=873130510.1661605490&ga_sid=1661605490&ga_hid=1637128039&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082202.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f154.1e100.net
Software
cafe /
Resource Hash
dfa30c002ae349bd9deea49bba12643d4f45ce804ec09a6ea72597094f26efa4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 13:04:50 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
234
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cdn.aralego.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
ccd5150b2641588b54634302df65e07b.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 0973
6 KB
4 KB
Document
General
Full URL
https://ccd5150b2641588b54634302df65e07b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082202.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 27 Aug 2022 13:04:50 GMT
expires
Sun, 27 Aug 2023 13:04:50 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208230101/ Frame F953
342 KB
121 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208230101/show_ads_impl_fy2021.js?bust=31069151
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
cafe /
Resource Hash
085ea12022594c152e1b5494e17c136399352cef86fae9228e0ac91109c5670f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 13:04:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
123349
x-xss-protection
0
server
cafe
etag
15413659375239815356
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sat, 27 Aug 2022 13:04:50 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208220101/ Frame 9EED
343 KB
120 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208220101/show_ads_impl_fy2021.js?bust=31069082
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
cafe /
Resource Hash
df25595198d8e23e02a255be79b6a61b60fab15b874df949ba894c9997f1fdab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 13:04:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
123233
x-xss-protection
0
server
cafe
etag
13371270981885373379
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sat, 27 Aug 2022 13:04:50 GMT
collect
www.google-analytics.com/g/
0
106 B
Ping
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=2oe8o0&_p=9983&cid=1212040557.1661605490&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=1&sid=1661605490&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffrettechun-xia-xi-lie-qin-zhi-shang-yan-xia-lu-ji-you.html&dt=FRETTE%E6%98%A5%E5%A4%8F%E7%B3%BB%E5%88%97%E5%AF%A2%E7%B9%94%E3%80%80%E4%B8%8A%E6%BC%94%E5%A4%8F%E6%97%85%E7%B4%80%E9%81%8A%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_fv=1&_nsi=1&_ss=1&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_success
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f113.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Aug 2022 13:04:50 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.com.au/adsid/ Frame F953
107 B
122 B
Script
General
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=adx.holmesmind.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208230101/show_ads_impl_fy2021.js?bust=31069151
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 27 Aug 2022 13:04:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame F953
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=adx.holmesmind.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208230101/show_ads_impl_fy2021.js?bust=31069151
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 27 Aug 2022 13:04:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame E058
41 KB
16 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661605490223&bpp=13&bdt=288&idt=340&shv=r20220822&mjsv=m202208230101&ptt=5&saldr=sa&correlator=5128949353106&frm=8&ife=1&pv=2&ga_vid=1225699553.1661605491&ga_sid=1661605491&ga_hid=764326721&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31069151&oid=2&pvsid=2035389648816233&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.8h18uca2tbtf&fsb=1&dtd=357
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208230101/show_ads_impl_fy2021.js?bust=31069151
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
cafe /
Resource Hash
a290667465aa84f46612254766040676178b0e3159da30729d1fe455c38ec05e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
16049
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 27 Aug 2022 13:04:51 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
integrator.js
adservice.google.com.au/adsid/ Frame 9EED
107 B
122 B
Script
General
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=adx.holmesmind.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208220101/show_ads_impl_fy2021.js?bust=31069082
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 27 Aug 2022 13:04:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 9EED
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=adx.holmesmind.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208220101/show_ads_impl_fy2021.js?bust=31069082
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 27 Aug 2022 13:04:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
Jpdrj6FTFudMF9gFh20p69WOhIfPkDWiDdiuTHfZ.html
adx.holmesmind.com/adx-file/20220802/ Frame 0179
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F...
  • https://adx.holmesmind.com/adx-file/20220802/Jpdrj6FTFudMF9gFh20p69WOhIfPkDWiDdiuTHfZ.html
801 B
1 KB
Document
General
Full URL
https://adx.holmesmind.com/adx-file/20220802/Jpdrj6FTFudMF9gFh20p69WOhIfPkDWiDdiuTHfZ.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208220101/show_ads_impl_fy2021.js?bust=31069082
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.251.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-251-100.sin5.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
da4085030009e98daf6eb2656f5fae35c7a3bb947e1a290ddbb20581cc2678b9

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
9
content-length
801
content-type
text/html
date
Sat, 27 Aug 2022 13:04:51 GMT
etag
"ecb9b362af60ffdbe438788aa8ca18e5"
last-modified
Tue, 02 Aug 2022 04:48:09 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 5222092a3a10e1d8270e47e821db1ef4.cloudfront.net (CloudFront)
x-amz-cf-id
X78rU5EXUTJj5cLO-RJYO03xMxGI65nc0V5by_SjK1NhBLjQYQrHNw==
x-amz-cf-pop
SIN5-C1
x-amz-version-id
KbMM.b5nTQFCq_iVT2XQPFDqHmRW1hjS
x-cache
Hit from cloudfront

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 27 Aug 2022 13:04:50 GMT
location
https://adx.holmesmind.com/adx-file/20220802/Jpdrj6FTFudMF9gFh20p69WOhIfPkDWiDdiuTHfZ.html
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame C332
14 KB
11 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022082202&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082202.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
cafe /
Resource Hash
c8312a2de149eff593e775bde3266115e41d074a592cf91a2b0f636a0c293ecf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 27 Aug 2022 13:04:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11120
x-xss-protection
0
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ Frame 58AE
30 KB
30 KB
Font
General
Full URL
https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,700%7CRoboto:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek,latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f94.1e100.net
Software
sffe /
Resource Hash
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ads.as.criteo.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 06:53:48 GMT
x-content-type-options
nosniff
age
195063
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30928
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 18:57:39 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 25 Aug 2023 06:53:48 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 58AE
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,700%7CRoboto:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek,latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f94.1e100.net
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ads.as.criteo.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 15:07:19 GMT
x-content-type-options
nosniff
age
338252
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 23 Aug 2023 15:07:19 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 58AE
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,700%7CRoboto:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek,latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f94.1e100.net
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ads.as.criteo.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 01:49:40 GMT
x-content-type-options
nosniff
age
472511
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 22 Aug 2023 01:49:40 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 923D
14 KB
11 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022082202&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082202.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
cafe /
Resource Hash
8b37c9eae1b2195454bbe1e66949dbb6e685610435bae8d8f5c0ffc4a057f643
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 27 Aug 2022 13:04:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11178
x-xss-protection
0
integrator.js
adservice.google.com.au/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082202.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 27 Aug 2022 13:04:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082202.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 27 Aug 2022 13:04:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/
108 KB
24 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=474097251140089&correlator=551566025315867&eid=31068827%2C31069102%2C44742767%2C21065725%2C31068920&output=ldjh&gdfp_req=1&vrg=2022082202&ptt=17&impl=fifs&iu_parts=103512698%3A22574853003%2C22477626096%2C22479095528%2C22579309510&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3&prev_iu_szs=320x50%7C728x250%7C728x90%7C690x90%7C690x250%7C675x90%7C675x250%7C670x90%7C670x250%7C650x90%7C650x250%7C650x150%7C630x90%7C630x250%7C602x100%7C600x90%7C600x250%7C580x90%7C570x90%7C550x150%7C468x60%7C320x50%7C320x100%7C300x50%7C300x100%7C300x75%7C300x250%7C250x250%7C200x200%2C320x50%7C728x90%7C690x90%7C675x90%7C670x90%7C650x90%7C630x90%7C600x90%7C580x90%7C570x90%7C468x60%7C320x50%7C300x50%7C300x75%2C320x50%7C120x600&fluid=height%2Cheight%2Cheight&ifi=1&adks=1420297610%2C2857874404%2C4082231052&sfv=1-0-38&fsapi=false&prev_scp=adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26refreshcount%3D0%26refreshrate%3D30%26hb_ap_format%3Dbanner%26hb_ap_pb%3D0.01%26hb_ap_adid%3D8242f25465032c%26hb_ap_bidder%3Dappnexus%7Cadpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26refreshcount%3D0%26refreshrate%3D30%26hb_ap_format%3Dbanner%26hb_ap_pb%3D0.00%26hb_ap_adid%3D832ea483de64c94%26hb_ap_bidder%3Dappnexus%7Cadpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26refreshcount%3D0%26refreshrate%3D30%26hb_ap_format%3Dbanner%26hb_ap_pb%3D0.00%26hb_ap_adid%3D84bb4f65ae33086%26hb_ap_bidder%3Dappnexus&eri=1&cust_params=da%3Dadx%26outbrain%3Dtrue&sc=1&cookie=ID%3D385c6467c989c131-22c64327cdd500a9%3AT%3D1661605489%3ART%3D1661605489%3AS%3DALNI_MZbJbwtjgDR0SPK7lXcVCV9m-Zsyw&gpic=UID%3D00000921b21e0a69%3AT%3D1661605489%3ART%3D1661605489%3AS%3DALNI_MZWy2XmVIb8LH6Oam0Pug0_O4MZ5A&arp=1&abxe=1&dt=1661605491077&lmt=1661605491&dlt=1661605484918&idt=4996&adxs=236%2C436%2C5&adys=60%2C1110%2C300&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0&ucis=1%7C2%7C3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffrettechun-xia-xi-lie-qin-zhi-shang-yan-xia-lu-ji-you.html&frm=20&vis=1&psz=728x-1%7C728x-1%7C120x-1&msz=728x-1%7C728x-1%7C120x-1&fws=4%2C516%2C516&ohw=728%2C1600%2C1600&ga_vid=1212040557.1661605490&ga_sid=1661605491&ga_hid=9983&ga_fc=true&ga_cid=amp-6-J3JV8ln4DyLWd_OBUk5w
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082202.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f154.1e100.net
Software
cafe /
Resource Hash
548d272b46050f15d85562546e94c5488be5789930c34b019be8e553aa9c995d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 13:04:51 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24155
x-xss-protection
0
google-lineitem-id
-1,-1,5859721654
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-1,-1,138375334524
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
662c115c0e3ccb5729ad6c5f93c0b573.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame DA1F
6 KB
3 KB
Document
General
Full URL
https://662c115c0e3ccb5729ad6c5f93c0b573.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082202.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 27 Aug 2022 13:04:51 GMT
expires
Sun, 27 Aug 2023 13:04:51 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
publishertag.prebid.117.js
static.criteo.net/js/ld/
87 KB
28 KB
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1661278076254.v6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 13:04:51 GMT
content-encoding
gzip
last-modified
Wed, 29 Dec 2021 12:30:46 GMT
server
nginx
etag
W/"61cc54f6-15c19"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 28 Aug 2022 13:04:51 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 0179
166 KB
56 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4126554779393986
Requested by
Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20220802/Jpdrj6FTFudMF9gFh20p69WOhIfPkDWiDdiuTHfZ.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
cafe /
Resource Hash
0eca7e79db55f3157420b914bf536d0a110490409d178d41159bfa242b486ee3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adx.holmesmind.com/
Origin
https://adx.holmesmind.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 13:04:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
57385
x-xss-protection
0
server
cafe
etag
5459326668640550808
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 27 Aug 2022 13:04:51 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame C332
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082202.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 13:04:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 27 Aug 2022 13:04:51 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame D953
0
0
Fetch
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C03fNchYKY7aiL9eR_tMPyuOR-AGs1_3wZLT2qJPiC8CNtwEQASAAYKWAgICQAYIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3oAGV9ZvfA8gBCagDAaoE1QFP0OvX8AZyXsRgG2CachGk7697zLD9SOc-7I6WS1UkR9uVSi9WsMMHjWGGirG6g1ISvAemOt8c74C7qg6b-CC88q_XtrbhhTRhGBAxxWbNizWtPWU5jtQ6uC_tHin2rgyIoMA5ZWbr56iiZXjxsv4ChMkjknIRGecSb_OhkSWSLiNwuxrkJXjsLxR0W4pCPexASekHUoA7Rd3CilmiCTW5wpKmgT2A9REt7WVbTf_eyFdM-c26MC8z8_-LCFLNjFnleFIDE2WNxmW19-4JkchtNxAAi6GABsPF35vKrc2Y6QGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQIAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi00NDg1MjM5NDI1OTI0Nzg3GOLMGQ&sigh=AFfvNZXi0Dw&uach_m=[UACH]&cid=CAQSKQCsnQUxj9rI2Wv6GHZAjUXFG6Fqu_O6WaFHbtmJ9N6wKAg0WlEnQr2zGAE
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/frettechun-xia-xi-lie-qin-zhi-shang-yan-xia-lu-ji-you.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661605490223&bpp=13&bdt=288&idt=340&shv=r20220822&mjsv=m202208230101&ptt=5&saldr=sa&correlator=5128949353106&frm=8&ife=1&pv=2&ga_vid=1225699553.1661605491&ga_sid=1661605491&ga_hid=764326721&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31069151&oid=2&pvsid=2035389648816233&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.8h18uca2tbtf&fsb=1&dtd=357
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Sat, 27 Aug 2022 13:04:51 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
log
hblg.media.net/ Frame D953
35 B
0
Fetch
General
Full URL
https://hblg.media.net/log?logid=kfk&evtid=l1log&app=0&cc=AU&ctr=3.6502737E-4&viewability=-1&device_id=4&cbdp=0.02&slotVisibility=2&dn=bg3.co&acid=1ddbd3b1b35b4676b8bda238db3e0c75&ugd=4&size=250x250&pvid=313&csip=rtb-common-istio-766cd78bb4-tvmrr.SG&ogbdp=0.02&prvReqId=33577055852666_1422833886_52982010413131&itype=ADX&requrl=https%3A%2F%2Fwww.bg3.co&scrid=1700080812610100250025000000500&mang=1&bidrestime=1661605490929&cid=8CU3SX34C&rme=nurl
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/frettechun-xia-xi-lie-qin-zhi-shang-yan-xia-lu-ji-you.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.252.26 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-252-26.deploy.static.akamaitechnologies.com
Software
Jetty(9.4.35.v20201120) /
Resource Hash

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Aug 2022 13:04:51 GMT
server
Jetty(9.4.35.v20201120)
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Sat, 27 Aug 2022 13:04:51 GMT
log
qsearch-a.akamaihd.net/ Frame D953
35 B
0
Fetch
General
Full URL
https://qsearch-a.akamaihd.net/log?logid=kfk&evtid=dmmra&ckfl=0&lper=&app_type=adx_test&bdr_typ=1&ss_d1=0&ogerpm=0.0100&ss_d2=0&stid=&other_prv=313&jar_err=&current_day=6.0&adtyp=0&req_id=YwoWcgAMh7QKp4LGNQimUg&bd_m3=0.0000&bidfp=0.0100&bd_m2=0.0000&pvag_id=&bd_m1=0.0000&ugd=4&dim10=false&exp=&fdbk_id=&second_bidder=*&floor_bucket=0.00&gpid_format=&seat=BID_API&size=250x250&f_seg=&prdp=0.0200&ogcbdp=0.0200&dfpbd=0.0200&server=1&ogerpm_wd_bkt=0-1&viewability=-0.0100&dmm_r=0.0000&cut=0&dmm_l=0.0000&tcyerpm=&sc=AU-NSW&send_erpm=false&sd=1&hb_exp=&seg=&erpm_bucket=0.00&ugd_ver=&requrl=bg3.co%2F&bidrestime=1661605490929&cc=AU&strg=no_strategy&ss=&current_hour=12&time_stamp=2022-08-27+13%3A04%3A50&rvshhon=&bdp=0.0200&ct=beaconsfield&akey=&mnckfl=0&bdp_bucket=0.00&algo=no_strategy&dc=apac_sg&splid=&dim4=exploration&dn=bg3.co&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F89.0.4389.72+Safari%2F537.36&buyer_id=&bdp_wider_bucket=1&acid=1ddbd3b1b35b4676b8bda238db3e0c75&infl=&o_ver=NT+10.0&br_ver=89.0.4389.72&bdmm_m6=0.0000&bdmm_m7=0.0000&bdmm_m5=0.0000&ver=8.13.0&totalTimeBucket=2&visibility=2&totalTime=2666730&dmm_m1=2022-08-27+13%3A04%3A50.931702874&e_rpm=0.0000&dmm_m22=0.0100&gdpr=&vsid=&log_less=false&gpid_sent=false&ogerpm_used=false&bdmm_m12=0.0000&cid=8CU3SX34C&bcrid=1700080812610100250025000000500&rawbid=0.0200&seat_id=BID_API&sub_bidder=186&pst=EMS&pbshr=100.0000&dmm_d10=&o_id=101&clisp=rtb-common-istio-766cd78bb4-tvmrr.SG&dfp_bucket=0.0&adblk=3314916115&itype=adx&pvid_seat=313_BID_API&cliIP=2918568192&advurl=topics.businessfocus.online%2F&crid=529820104&sat=1&br_id=265&cut_bkt=1&gpid=&iwb=1&second_bid=0.000000&sc_pvid=313&capd=0&other_bids=0.02
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/frettechun-xia-xi-lie-qin-zhi-shang-yan-xia-lu-ji-you.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
42.99.128.160 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-128-160.pacnet.net
Software
Jetty(9.4.35.v20201120) /
Resource Hash

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 27 Aug 2022 13:04:51 GMT
Server
Jetty(9.4.35.v20201120)
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Sat, 27 Aug 2022 13:04:51 GMT
nmedianet.js
contextual.media.net/ Frame D953
164 KB
56 KB
Script
General
Full URL
https://contextual.media.net/nmedianet.js?cid=8CUABW64L
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661605490223&bpp=13&bdt=288&idt=340&shv=r20220822&mjsv=m202208230101&ptt=5&saldr=sa&correlator=5128949353106&frm=8&ife=1&pv=2&ga_vid=1225699553.1661605491&ga_sid=1661605491&ga_hid=764326721&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31069151&oid=2&pvsid=2035389648816233&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.8h18uca2tbtf&fsb=1&dtd=357
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.195.152.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ac75a3a92e9c575d688506eb5ae2ea99b56978554ec7f869fd3c07c07975b946
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
x-mnt-h
21-3m3f
content-encoding
gzip
server
Apache
etag
"9e3d4bbd1ce9628c5827b3318695e85e"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
max-age=300
date
Sat, 27 Aug 2022 13:04:52 GMT
strict-transport-security
max-age=31536000
x-mnt-w
8-33
expires
Sat, 27 Aug 2022 13:09:52 GMT
adperformance.js
warp.media.net/rtb/resource/ Frame D953
61 KB
62 KB
Script
General
Full URL
https://warp.media.net/rtb/resource/adperformance.js?v=35e90bcdc8
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661605490223&bpp=13&bdt=288&idt=340&shv=r20220822&mjsv=m202208230101&ptt=5&saldr=sa&correlator=5128949353106&frm=8&ife=1&pv=2&ga_vid=1225699553.1661605491&ga_sid=1661605491&ga_hid=764326721&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31069151&oid=2&pvsid=2035389648816233&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.8h18uca2tbtf&fsb=1&dtd=357
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.252.26 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-252-26.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
3378135f525fc551ce49d2c117e9967735794757a4c71910d8c1b8fa38bf3f2c
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=604800
server
nginx
date
Sat, 27 Aug 2022 13:04:51 GMT
content-type
application/javascript;charset=ISO-8859-1
cache-control
max-age=15019
access-control-allow-credentials
true
content-length
62892
expires
Sat, 27 Aug 2022 17:15:10 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/ Frame D953
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661605490223&bpp=13&bdt=288&idt=340&shv=r20220822&mjsv=m202208230101&ptt=5&saldr=sa&correlator=5128949353106&frm=8&ife=1&pv=2&ga_vid=1225699553.1661605491&ga_sid=1661605491&ga_hid=764326721&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31069151&oid=2&pvsid=2035389648816233&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.8h18uca2tbtf&fsb=1&dtd=357
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 12:54:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
632
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 10 Sep 2022 12:54:20 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/ Frame D953
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661605490223&bpp=13&bdt=288&idt=340&shv=r20220822&mjsv=m202208230101&ptt=5&saldr=sa&correlator=5128949353106&frm=8&ife=1&pv=2&ga_vid=1225699553.1661605491&ga_sid=1661605491&ga_hid=764326721&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31069151&oid=2&pvsid=2035389648816233&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.8h18uca2tbtf&fsb=1&dtd=357
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
cafe /
Resource Hash
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 12:55:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
541
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7599
x-xss-protection
0
server
cafe
etag
9215437806027971270
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 10 Sep 2022 12:55:50 GMT
l
www.google.com/ads/measurement/ Frame D953
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTtsqD-m7e93K46KFVXAtD1gP51NOJjeBJoYL2YNNXxLDyznrMxZzCjxk3gdWuk6bF-yJ2JTLpeE_8QpKunWqLs8L2JhQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661605490223&bpp=13&bdt=288&idt=340&shv=r20220822&mjsv=m202208230101&ptt=5&saldr=sa&correlator=5128949353106&frm=8&ife=1&pv=2&ga_vid=1225699553.1661605491&ga_sid=1661605491&ga_hid=764326721&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31069151&oid=2&pvsid=2035389648816233&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.8h18uca2tbtf&fsb=1&dtd=357
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f147.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame D953
135 KB
0
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661605490223&bpp=13&bdt=288&idt=340&shv=r20220822&mjsv=m202208230101&ptt=5&saldr=sa&correlator=5128949353106&frm=8&ife=1&pv=2&ga_vid=1225699553.1661605491&ga_sid=1661605491&ga_hid=764326721&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31069151&oid=2&pvsid=2035389648816233&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.8h18uca2tbtf&fsb=1&dtd=357
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 13:04:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44079
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1661341966742178"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 27 Aug 2022 13:04:54 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 923D
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082202.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 13:04:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 27 Aug 2022 13:04:51 GMT
publishertag.prebid.js
static.criteo.net/js/ld/
87 KB
29 KB
XHR
General
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
17d2a9596b37d5d8c0e8b46eda67f51c04e05703e5619deff979d5ef50563e91
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 13:04:51 GMT
content-encoding
gzip
last-modified
Tue, 16 Aug 2022 07:20:45 GMT
server
nginx
etag
W/"62fb454d-15cfe"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 28 Aug 2022 13:04:51 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208250101/ Frame 0179
343 KB
121 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208250101/show_ads_impl_fy2021.js?bust=31069172
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4126554779393986
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
cafe /
Resource Hash
9b3eae4292163b775684350c0ecd69b5c054a27a11b702736c54068d07541c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 13:04:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
123438
x-xss-protection
0
server
cafe
etag
1555267966076252342
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sat, 27 Aug 2022 13:04:51 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220822/r20190131/ Frame D227
10 KB
4 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220822/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4126554779393986
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
cafe /
Resource Hash
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
72753
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4412
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 26 Aug 2022 16:52:18 GMT
etag
8616628553774171045
expires
Fri, 09 Sep 2022 16:52:18 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012208081650000/ Frame AD8B
220 KB
60 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012208081650000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082202.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
d2e5722cf0b8d8df31200550801d755733c56d9ca2758b7041fbed009e0c9d08
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
134426
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61502
x-xss-protection
0
server
sffe
date
Thu, 25 Aug 2022 23:44:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"df13b0b17adb5918"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 25 Aug 2023 23:44:26 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012208081650000/v0/ Frame AD8B
14 KB
5 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012208081650000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082202.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
1e14ddde632bad66a3f79d6dc2c6a212d3b1b5cd8100cb6b73984b8797c5ed86
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
454902
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5197
x-xss-protection
0
server
sffe
date
Mon, 22 Aug 2022 06:43:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"aca8368210f82021"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 22 Aug 2023 06:43:10 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012208081650000/v0/ Frame AD8B
94 KB
28 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012208081650000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082202.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
70fa25d0cd4744b6b91054ad55e3e931dad31cc85915b13e33e4e674426c7cc1
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
77380
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28794
x-xss-protection
0
server
sffe
date
Fri, 26 Aug 2022 15:35:12 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"cc093c4134ec5f1e"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 26 Aug 2023 15:35:12 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012208081650000/v0/ Frame AD8B
5 KB
2 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012208081650000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082202.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
ec61d9fd1b3609a3a53f377ed07059c3dc7d2cb1502022e0623b4ebc1ea0f35e
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
77380
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1913
x-xss-protection
0
server
sffe
date
Fri, 26 Aug 2022 15:35:12 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"ef17e6cba96d5668"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 26 Aug 2023 15:35:12 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012208081650000/v0/ Frame AD8B
40 KB
13 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012208081650000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082202.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
8d200dc372fb333c0ca488fba2a569a686cbf5f1ba0cc0544a4a8c96a4f91de3
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
427477
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12948
x-xss-protection
0
server
sffe
date
Mon, 22 Aug 2022 14:20:15 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"08e07a681963ea9f"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 22 Aug 2023 14:20:15 GMT
truncated
/ Frame AD8B
213 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d9d0eba257f42eb63ae63882963492f2810f431e7f9fba85de1eef04a90cad49

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
1998408711410610149
tpc.googlesyndication.com/simgad/ Frame AD8B
21 KB
21 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/1998408711410610149?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qmVTP4hwSF_7HEa3HLoxY6I1NellQ
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/frettechun-xia-xi-lie-qin-zhi-shang-yan-xia-lu-ji-you.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
c453de61916f32a1ea1d3962ed9f59c1b3b0e0ffa3f05fa1781d3cb07fecc44e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 12:06:34 GMT
x-content-type-options
nosniff
age
3497
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21029
x-xss-protection
0
last-modified
Thu, 26 May 2022 04:59:26 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 27 Aug 2023 12:06:34 GMT
zh_tw.png
tpc.googlesyndication.com/pagead/images/abg/ Frame AD8B
3 KB
3 KB
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/zh_tw.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/frettechun-xia-xi-lie-qin-zhi-shang-yan-xia-lu-ji-you.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
cafe /
Resource Hash
a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 26 Aug 2022 21:46:23 GMT
x-content-type-options
nosniff
server
cafe
age
55108
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
7688947696963022458
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3430
x-xss-protection
0
expires
Sat, 27 Aug 2022 21:46:23 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame AD8B
344 B
368 B
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/frettechun-xia-xi-lie-qin-zhi-shang-yan-xia-lu-ji-you.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 10:24:56 GMT
x-content-type-options
nosniff
server
cafe
age
9595
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
6766994032117382215
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Sun, 28 Aug 2022 10:24:56 GMT
l
www.google.com/ads/measurement/ Frame AD8B
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQqtSnOwQDoguu4tJ5m55dhiqHf0pjylUPlS8mUaM1EIe92JyQfdwUYCG7tagCh7sTddDuuMHf7qLlyWxRozh-14lI2Kg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/frettechun-xia-xi-lie-qin-zhi-shang-yan-xia-lu-ji-you.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f147.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

adview
securepubads.g.doubleclick.net/pagead/ Frame AD8B
0
0
Image
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CWWxpcxYKY4WrDo3GmsMPq6aNiAergv_ca4qFzquLEKyTxti0CRABILqEwDNgpYCAgJABoAGGsY7KA8gBAqkCuZhMXIAkpz7gAgCoAwHIAwiqBJ0CT9DOX--UmgnAAmV3g7EASSgPdewRBIoCCEHUs9N4DLNVqEVl3ChzVk7OMP9z7tzGptmi0-UG9lgOPQCak246ugu26AkZe05h77KMIP-B6hrATe3ELUq9mLp_WZEdoVSWJDx442XSL0U3DwLJLomrTQ37PbWjtK0yA-wSJVfg6cU9Jbg_WrjSBQE8lXCsRSFs4XBzhC58slk-AjnadgLa72192ZHDalRidwtL1Et6kDFwvAi0iwhRrYcucT1aBkxwWRszzopixa-xEga0RrD7yIqC8R2eYTgi1-aV9ikioaFhDfIxAm37mdhrTkKMsDYBReGvTZpAlnEZo6CbUNUOisJyX7GL8LsOrAHViL0hNvzfbaN0Al7xd1Bu-uD5wATh9uiIiQTgBAGgBgKAB77G5EKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBD5ggnSCA8IgGEQARgdMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODCACgPICwHYEwPQFQGAFwGyFx4KHAgAEhRwdWItODkzMzMyOTk5OTM5MTEwNBjKqx4&sigh=r6OqRZ-Pm80&uach_m=[UACH]
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/frettechun-xia-xi-lie-qin-zhi-shang-yan-xia-lu-ji-you.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

amp4ads-v0.mjs
cdn.ampproject.org/rtv/012208081650000/ Frame 7765
220 KB
60 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012208081650000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082202.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
d2e5722cf0b8d8df31200550801d755733c56d9ca2758b7041fbed009e0c9d08
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
134426
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61502
x-xss-protection
0
server
sffe
date
Thu, 25 Aug 2022 23:44:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"df13b0b17adb5918"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 25 Aug 2023 23:44:26 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012208081650000/v0/ Frame 7765
14 KB
5 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012208081650000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082202.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
1e14ddde632bad66a3f79d6dc2c6a212d3b1b5cd8100cb6b73984b8797c5ed86
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
454902
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5197
x-xss-protection
0
server
sffe
date
Mon, 22 Aug 2022 06:43:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"aca8368210f82021"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 22 Aug 2023 06:43:10 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012208081650000/v0/ Frame 7765
94 KB
28 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012208081650000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082202.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
70fa25d0cd4744b6b91054ad55e3e931dad31cc85915b13e33e4e674426c7cc1
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
77380
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28794
x-xss-protection
0
server
sffe
date
Fri, 26 Aug 2022 15:35:12 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"cc093c4134ec5f1e"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 26 Aug 2023 15:35:12 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012208081650000/v0/ Frame 7765
5 KB
2 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012208081650000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082202.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
ec61d9fd1b3609a3a53f377ed07059c3dc7d2cb1502022e0623b4ebc1ea0f35e
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
77380
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1913
x-xss-protection
0
server
sffe
date
Fri, 26 Aug 2022 15:35:12 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"ef17e6cba96d5668"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 26 Aug 2023 15:35:12 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012208081650000/v0/ Frame 7765
40 KB
13 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012208081650000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082202.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
8d200dc372fb333c0ca488fba2a569a686cbf5f1ba0cc0544a4a8c96a4f91de3
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
427477
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12948
x-xss-protection
0
server
sffe
date
Mon, 22 Aug 2022 14:20:15 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"08e07a681963ea9f"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 22 Aug 2023 14:20:15 GMT
zh_tw.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 7765
3 KB
3 KB
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/zh_tw.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082202.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
cafe /
Resource Hash
a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 26 Aug 2022 21:46:23 GMT
x-content-type-options
nosniff
server
cafe
age
55108
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
7688947696963022458
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3430
x-xss-protection
0
expires
Sat, 27 Aug 2022 21:46:23 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 7765
344 B
368 B
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082202.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 10:24:56 GMT
x-content-type-options
nosniff
server
cafe
age
9595
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
6766994032117382215
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Sun, 28 Aug 2022 10:24:56 GMT
truncated
/ Frame 7765
215 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
112440d87c2f699e23fd61a0e6a408cd84ae1a5ed31350afb0b2a7e27a626e04

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame B136
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstRW-rSYc8kTIqDcIe1qHbRpMrsCh-RjnlYH_uN7-ux7A50c0sLGicS7H5mbM-6nRCOJsOobFZB3B8IjkfhT6mWT4LI3c3u9Qqofr_72Rvf_P3g_X8c_vu0sKpNSz6hTaJIRhoPqv-z-5s5M7aEuwWq5DenjiPZWROT6nsfs0muVvgd-2ilQ3tEki8D0OJwNidZ94j3c4llTrrV4HG5-ZZBaULQ228Oh4v2grZybaKKJvOMeNfwYwyKe_JGYu4Fs3XqPJLuwqhpWZ5ZRAS6rB8TczgFGBjOlN4gkXklp6mthaoXLahwiM4BJQ&sai=AMfl-YTbFOV3sHpXrSwGo8QL3WzL9HUU5TOpYLtMSHVi9pH3GvxvYHZVAmYhCX6ye25vmGispwhQ0RImb3hdm0CyFumCc9D2tdw5hK0Xqgegyt_AgQE395DM72qUpem0nQ&sig=Cg0ArKJSzOM7e656n_qKEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/frettechun-xia-xi-lie-qin-zhi-shang-yan-xia-lu-ji-you.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 27 Aug 2022 13:04:51 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
nmedianet.js
contextual.media.net/ Frame B136
138 KB
47 KB
Script
General
Full URL
https://contextual.media.net/nmedianet.js?cid=8CU4JWBS7
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1661278076254.v6.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.195.152.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
dc4764cec9d43cd7e2fc41759b4fcca5dd0e466d6b772d9d5269e93f8f229cd5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
x-mnt-h
21-3m3f
content-encoding
gzip
server
Apache
etag
"35ab28569fcbef2ac7247972f97b509a"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
max-age=300
date
Sat, 27 Aug 2022 13:04:52 GMT
strict-transport-security
max-age=31536000
x-mnt-w
8-12
expires
Sat, 27 Aug 2022 13:09:52 GMT
log
qsearch-a.akamaihd.net/ Frame B136
35 B
329 B
Image
General
Full URL
https://qsearch-a.akamaihd.net/log?logid=kfk&evtid=dmmra&ckfl=0&lper=&app_type=prod&bdr_typ=1&ss_d1=0&ogerpm=0.0100&ss_d2=0&stid=22132338&other_prv=4&jar_err=&current_day=6.0&adtyp=0&req_id=1313286209839659035&bd_m3=0.0000&bidfp=0.0000&bd_m2=0.0000&pvag_id=&bd_m1=0.0000&ugd=4&dim10=false&exp=&fdbk_id=&second_bidder=*&floor_bucket=0.00&gpid_format=&seat=BID_API&size=120x600&url_l1=a&f_seg=&url_l2=frettechun-xia-xi-lie-qin-zhi-shang-yan-xia-lu-ji-you.html&prdp=0.0100&ogcbdp=0.0100&dfpbd=0.0100&server=1&ogerpm_wd_bkt=0-1&viewability=0.7900&dmm_r=0.0000&cut=0&dmm_l=0.0000&tcyerpm=&sc=NSW&send_erpm=false&sd=0&hb_exp=&seg=&erpm_bucket=0.00&ugd_ver=&requrl=bg3.co%2Fa%2Ffrettechun-xia-xi-lie-qin-zhi-shang-yan-xia-lu-ji-you.html%2F&bidrestime=1661605488816&cc=AU&strg=no_strategy&ss=&current_hour=12&time_stamp=2022-08-27+13%3A04%3A48&rvshhon=&bdp=0.0100&ct=Beaconsfield&akey=&mnckfl=0&bdp_bucket=0.00&algo=no_strategy&dc=west_la&splid=22132338&dn=bg3.co&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F89.0.4389.72+Safari%2F537.36&buyer_id=&bdp_wider_bucket=1&acid=90cf79fb388642a2bf17d320ccedbb0f&infl=&o_ver=NT+10.0&br_ver=89.0.4389.72&bdmm_m6=0.0000&bdmm_m7=0.0000&bdmm_m5=0.0000&ver=8.13.0&totalTimeBucket=6&visibility=0&totalTime=6428306&dmm_m1=2022-08-27+13%3A04%3A48.838464449&e_rpm=0.0000&dmm_m22=0.0100&gdpr=&vsid=&log_less=false&gpid_sent=false&ogerpm_used=false&bdmm_m12=0.0000&cid=8CU2CV286&bcrid=352177074&rawbid=0.0100&seat_id=BID_API&sub_bidder=196&pst=EMS&pbshr=100.0000&dmm_d10=&o_id=101&clisp=rtb-common-77ffd8d77f-g4slh.LA&dfp_bucket=0.0&adblk=&itype=appnexus_experiment&pvid_seat=4_BID_API&cliIP=2918568352&advurl=related.360topics.com%2F&crid=752115612&sat=1&br_id=265&cut_bkt=1&gpid=&iwb=1&second_bid=0.000000&sc_pvid=4&capd=0&other_bids=0.01
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1661278076254.v6.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
42.99.128.160 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-128-160.pacnet.net
Software
Jetty(9.4.35.v20201120) /
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 27 Aug 2022 13:04:52 GMT
Server
Jetty(9.4.35.v20201120)
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Sat, 27 Aug 2022 13:04:52 GMT
adperformance.js
warp.media.net/rtb/resource/ Frame B136
61 KB
62 KB
Script
General
Full URL
https://warp.media.net/rtb/resource/adperformance.js?v=35e90bcdc8
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1661278076254.v6.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.252.26 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-252-26.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
3378135f525fc551ce49d2c117e9967735794757a4c71910d8c1b8fa38bf3f2c
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=604800
server
nginx
date
Sat, 27 Aug 2022 13:04:52 GMT
content-type
application/javascript;charset=ISO-8859-1
cache-control
max-age=15018
access-control-allow-credentials
true
content-length
62892
expires
Sat, 27 Aug 2022 17:15:10 GMT
trk.js
cdn.adnxs.com/v/s/224/ Frame B136
85 KB
29 KB
Script
General
Full URL
https://cdn.adnxs.com/v/s/224/trk.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1661278076254.v6.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.72.44.183 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-72-44-183.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
c652cb3dcc3b49133285c42c49b296c3a3af4f9fceffde1022a6e3539e2422b1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 27 Aug 2022 13:04:53 GMT
Content-Encoding
gzip
Last-Modified
Thu, 24 Feb 2022 08:58:20 GMT
Server
AkamaiNetStorage
ETag
"80cd3e09497c9fa4207d756c9d41697c:1645693100.060631"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*, *
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
29216
Expires
Sun, 27 Aug 2023 13:04:53 GMT
it
lax1-ib.adnxs.com/ Frame B136
0
819 B
Image
General
Full URL
https://lax1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fwww.bg3.co%252Fa%252Ffrettechun-xia-xi-lie-qin-zhi-shang-yan-xia-lu-ji-you.html&e=wqT_3QKGBeiGAgAAAwDWAAUBCPCsqJgGEJHjiPirvJX6GxgAKjYJexSuR-F6hD8RYVRSJ6CJgD8ZAAAAgD0Ktz8hYQ0SACkRJNAxAAAAQOF6lD8w8uzGCjj9XEDqXEjgA1Cyl_enAVi5tIoBYABotZGzAXgAgAEBigEDVVNEkgUG8GmYAXigAdgEqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AIA4ALR8FzqAk9odHRwczovL3d3dy5iZzMuY28vYS9mcmV0dGVjaHVuLXhpYS14aS1saWUtcWluLXpoaS1zaGFuZy15YW4tAR30KgFsdS1qaS15b3UuaHRtbIADAIgDAZADAJgDF6ADAaoDQRIYMTMxMzI4NjIwOTgzOTY1OTAzNV9zYmlkGhMyMDE0MzI5MzY1Njk3MDE2MjA5IgkzNTIxNzcwNzQqBU0xMTczwAOsAsgDANgD9MDEAeADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA8xNzMuMjQ1LjIwOS4xNjCoBACyBA8IABAEGHgg2AQoATAAOAK4BADABADIBADaBAIIAeAEAfAEspf3pwGIBQGYBQCgBZvwpc-Y2-6cEsAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQDgBQHwBcWUIfoFBAgAEACQBgCYBgC4BgDBBgAAAAAAAPA_0Ab54wLaBhYKEAAAAAAAABE9aAAAEAAYAOAGAfIGAggAgAcBiAcAoAcBugcPCAUaPCAAMAA4iAFAAMgHANIHDQkROAE2CNoHBgklaOAHAOoHAggA8AeY0AqKCAIQAJUIAACAP5gIAQ..&s=963088324e0f28ef8251589479f3b61381be750e
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1661278076254.v6.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.148.251 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
893.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 27 Aug 2022 13:04:52 GMT
X-Proxy-Origin
173.245.209.160; 173.245.209.160; 893.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid
ef17cf1a-c469-4fd3-a89d-631c6c1a31dc
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B136
92 KB
0
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082202.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 13:04:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44079
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1661341966742178"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 27 Aug 2022 13:04:54 GMT
14404824857278510352
tpc.googlesyndication.com/daca_images/simgad/ Frame 7765
36 KB
36 KB
Image
General
Full URL
https://tpc.googlesyndication.com/daca_images/simgad/14404824857278510352
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/frettechun-xia-xi-lie-qin-zhi-shang-yan-xia-lu-ji-you.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
7a8e969e32d42428484be3c622fb81717c6a213ec2db7fb068c46614bb8c6115
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 26 Aug 2022 00:50:16 GMT
x-content-type-options
nosniff
age
130475
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36764
x-xss-protection
0
last-modified
Thu, 26 May 2022 05:01:04 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 26 Aug 2023 00:50:16 GMT
l
www.google.com/ads/measurement/ Frame 7765
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQgSu3eDZHTFUzgdW3wYBdfumR8baxWYD67gC33bgs3zd2At9rT23OdOdxRZU5ktPB5urQ60vhALOgffeuzwQX-6pVpgg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/frettechun-xia-xi-lie-qin-zhi-shang-yan-xia-lu-ji-you.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f147.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

adview
securepubads.g.doubleclick.net/pagead/ Frame 7765
0
0
Image
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CZ9KKcxYKY4arDo3GmsMPq6aNiAergv_ca-HnwuqDEKyTxti0CRABILqEwDNgpYCAgJABoAGGsY7KA8gBAqkCuZhMXIAkpz7gAgCoAwHIAwiqBJ8CT9BbrMNtGUeThqPGPcGbO4kOvDQgchfbJ-qvmWRHbFFF1KuXk_AMLHCseMlznmofOiX959g4XU8qH3JbcgkrxfNZGzw13aER6SZUartWiFiaqiJse6IegO7kmMnzxKcSZrZrXQ7reG62WsrODoUuqS6AXp23qPa6OJC-ZkldMW_QsVD7mnCmoqzw4veFyRyYInPb1xnbYzSVhHSzNJjfpL8VRFf0dTU6rw0kYZMhbDf8t2FIaNBKO4ZNxsEPEI2wIBFinUI-PnW_iOe3MYX5SwVi6buRnDKPYs9mlgy911UfKO-EuihIzFJFSiCwSkj8qSlrNAIv7q2c9eqZHyXjDOFZyGzR-5rJgzGjPNVJlTiQ4-i1TfL3a2rk1JzBVdHABPH06IiJBOAEAaAGAoAHvsbkQqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEENnmCtIIDwiAYRABGB0yAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MIAKA8gLAdgTA9AVAYAXAbIXHgocCAASFHB1Yi04OTMzMzI5OTk5MzkxMTA0GMqrHg&sigh=_8uHemsPmyw&uach_m=[UACH]
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/frettechun-xia-xi-lie-qin-zhi-shang-yan-xia-lu-ji-you.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

aphb
e3.adpushup.com/AdPushupFeedbackWebService/feedback/
70 B
131 B
Image
General
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb?data=eyJzaXRlSWQiOjQyNzUzLCJ1cmwiOiJodHRwczovL3d3dy5iZzMuY28vYS9mcmV0dGVjaHVuLXhpYS14aS1saWUtcWluLXpoaS1zaGFuZy15YW4teGlhLWx1LWppLXlvdS5odG1sIiwic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsInBsYXRmb3JtIjoiREVTS1RPUCIsInBhY2tldElkIjoiMDAwMEE3MDEtNDZmODk2NTAtZWQ1My00OWIwLTkwZTEtNWI5Y2Q1YWY1OTFiIiwiYmlkcyI6W3siYmlkZGVyIjoiYXBwbmV4dXMiLCJyZXZlbnVlIjowLjAwMDAwODA3NSwicmVzcG9uc2VUaW1lIjo5OTAsIm5ldHdvcmtSZWxhdGlvbiI6MX1dLCJtb2RlIjoxLCJlcnJvckNvZGUiOjEsIndpbm5lciI6ImFwcG5leHVzIiwid2lubmVyTmV0d29ya1JlbGF0aW9uIjoxLCJ3aW5uaW5nUmV2ZW51ZSI6MC4wMDAwMDgwNzUsIndpbm5lckFkVW5pdElkIjoiODRiYjRmNjVhZTMzMDg2IiwidGltZWRPdXRCaWRkZXJzIjpbXSwic2VydmljZXMiOls1LDNdLCJzZWN0aW9uSWQiOiIxMDRiMjgyYS1iZDExLTRkOGQtYWQ2NC0wNDkyMDYzYjZjYmEiLCJzZWN0aW9uTmFtZSI6IkFQX0lfRF9BUlRJQ0xFXzEyMFg2MDBfMTA0YjIiLCJmb3JtYXRUeXBlIjoiYmFubmVyIiwicmVmcmVzaENvdW50IjowLCJwbGFjZW1lbnQiOjEsInJlbmRlcmVkQWRTaXplIjoiMTIweDYwMCIsInByZWJpZEF1Y3Rpb25JZCI6ImFkZDM1YTI1LTQ0NTYtNGE3Ni05OWM3LTY1ZTg2NmQ0YzczMyIsImhlYWRlckJpZGRpbmdUeXBlIjoxfQ%3D%3D
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/frettechun-xia-xi-lie-qin-zhi-shang-yan-xia-lu-ji-you.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Aug 2022 13:04:52 GMT
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
integrator.js
adservice.google.com.au/adsid/ Frame 0179
107 B
122 B
Script
General
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=adx.holmesmind.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208250101/show_ads_impl_fy2021.js?bust=31069172
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 27 Aug 2022 13:04:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 0179
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=adx.holmesmind.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208250101/show_ads_impl_fy2021.js?bust=31069172
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 27 Aug 2022 13:04:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame D7FD
603 B
66 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4126554779393986&output=html&adk=1812271804&adf=2253520751&plat=1%3A520%2C2%3A520%2C8%3A512%2C9%3A520%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1049088%2C32%3A32&format=0x0&url=https%3A%2F%2Fadx.holmesmind.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661605491651&bpp=3&bdt=465&idt=295&shv=r20220822&mjsv=m202208250101&ptt=9&saldr=aa&nras=1&correlator=1605525451437&frm=8&ife=1&pv=2&ga_vid=188311204.1661605492&ga_sid=1661605492&ga_hid=200177508&ga_fc=0&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=713434785&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31069064%2C31069172%2C31064018&oid=2&pvsid=1038135568532041&tmod=1100051554&uas=0&nvt=1&top=https%3A%2F%2Fwww.bg3.co%2F&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=4&bc=31&ifi=1&uci=1.ynnhoub56t0m&fsb=1&dtd=316
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208250101/show_ads_impl_fy2021.js?bust=31069172
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 27 Aug 2022 13:04:52 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 9F7C
603 B
66 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4126554779393986&output=html&h=280&slotname=4923695364&adk=3446667921&adf=552093739&pi=t.ma~as.4923695364&w=336&fwrn=16&psa=0&format=336x280&url=https%3A%2F%2Fadx.holmesmind.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661605491654&bpp=2&bdt=468&idt=332&shv=r20220822&mjsv=m202208250101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=1605525451437&frm=8&ife=1&pv=1&ga_vid=188311204.1661605492&ga_sid=1661605492&ga_hid=200177508&ga_fc=0&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=713434785&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31069064%2C31069172%2C31064018&oid=2&pvsid=1038135568532041&tmod=1100051554&uas=0&nvt=1&top=https%3A%2F%2Fwww.bg3.co%2F&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.b8wzoz5z7vhe&fsb=1&dtd=337
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208250101/show_ads_impl_fy2021.js?bust=31069172
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 27 Aug 2022 13:04:52 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4F47
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
30344
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 27 Aug 2022 04:39:08 GMT
expires
Sun, 27 Aug 2023 04:39:08 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame CB6D
783 B
738 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f147.1e100.net
Software
GSE /
Resource Hash
1f858d8299192b5ca34af0690afa23f1dac2beece41926a34f1709bfbc4ef37a
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-MlEhV4SOyt9W5C6l0StzIg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-MlEhV4SOyt9W5C6l0StzIg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 27 Aug 2022 13:04:52 GMT
expires
Sat, 27 Aug 2022 13:04:52 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame DEDD
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
30344
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 27 Aug 2022 04:39:08 GMT
expires
Sun, 27 Aug 2023 04:39:08 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame C6BD
783 B
1 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f147.1e100.net
Software
GSE /
Resource Hash
4242b94ce98cb9817eadddce9155e017482314faeca6213ba2e8c7bbdd2ed0c0
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-2JbnpUVWLSxIg3Acljo44g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-2JbnpUVWLSxIg3Acljo44g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 27 Aug 2022 13:04:52 GMT
expires
Sat, 27 Aug 2022 13:04:52 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sodar
pagead2.googlesyndication.com/getconfig/ Frame 0179
14 KB
11 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220822&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208250101/show_ads_impl_fy2021.js?bust=31069172
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
cafe /
Resource Hash
1357c86a4e45e3952db994d4675927cb7b2f86c24b79d06df1e6b569e59c3d48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 27 Aug 2022 13:04:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11151
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 9EED
14 KB
11 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220822&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208220101/show_ads_impl_fy2021.js?bust=31069082
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
cafe /
Resource Hash
15446508429de64433a71df2c087fe46a64ce0acaae7cc3fea16863f87533fbe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 27 Aug 2022 13:04:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11032
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 142A
14 KB
11 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220822&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208240101/show_ads_impl_fy2021.js?bust=31069152
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
cafe /
Resource Hash
4bb41cfdf507ba614e8f2a51a78f3dd68f519196db9d9cb052167ce3463f4316
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 27 Aug 2022 13:04:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11011
x-xss-protection
0
hd9qiIGAqjescZkeItwy2wgAtCffeqilIyGkY3Q_MTc.js
pagead2.googlesyndication.com/bg/ Frame 4F47
36 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/hd9qiIGAqjescZkeItwy2wgAtCffeqilIyGkY3Q_MTc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
sffe /
Resource Hash
85df6a888180aa37ac71991e22dc32db0800b427df7aa8a52321a463743f3137
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 14:12:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
341554
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14041
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 08:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 23 Aug 2023 14:12:18 GMT
hd9qiIGAqjescZkeItwy2wgAtCffeqilIyGkY3Q_MTc.js
pagead2.googlesyndication.com/bg/ Frame DEDD
36 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/hd9qiIGAqjescZkeItwy2wgAtCffeqilIyGkY3Q_MTc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
sffe /
Resource Hash
85df6a888180aa37ac71991e22dc32db0800b427df7aa8a52321a463743f3137
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 14:12:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
341554
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14041
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 08:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 23 Aug 2023 14:12:18 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame AD8B
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0
Image
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/frettechun-xia-xi-lie-qin-zhi-shang-yan-xia-lu-ji-you.html
Protocol
H3
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date
Sat, 27 Aug 2022 13:04:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 0179
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208250101/show_ads_impl_fy2021.js?bust=31069172
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 13:04:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 27 Aug 2022 13:04:52 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 9EED
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208220101/show_ads_impl_fy2021.js?bust=31069082
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 13:04:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 27 Aug 2022 13:04:52 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 7765
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0
Image
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/frettechun-xia-xi-lie-qin-zhi-shang-yan-xia-lu-ji-you.html
Protocol
H3
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date
Sat, 27 Aug 2022 13:04:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 142A
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208240101/show_ads_impl_fy2021.js?bust=31069152
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 13:04:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 27 Aug 2022 13:04:52 GMT
generate_204
tpc.googlesyndication.com/ Frame DEDD
0
10 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?gSYatQ
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/frettechun-xia-xi-lie-qin-zhi-shang-yan-xia-lu-ji-you.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 13:04:52 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
generate_204
tpc.googlesyndication.com/ Frame 4F47
0
10 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?2IwCqw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/frettechun-xia-xi-lie-qin-zhi-shang-yan-xia-lu-ji-you.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 13:04:52 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ Frame C6BD
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022082202&jk=2783791770466577&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/frettechun-xia-xi-lie-qin-zhi-shang-yan-xia-lu-ji-you.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

sodar
pagead2.googlesyndication.com/pagead/ Frame CB6D
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022082202&jk=3292944035974725&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/frettechun-xia-xi-lie-qin-zhi-shang-yan-xia-lu-ji-you.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5896
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
30344
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 27 Aug 2022 04:39:08 GMT
expires
Sun, 27 Aug 2023 04:39:08 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 2C57
783 B
762 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f147.1e100.net
Software
GSE /
Resource Hash
c643d21f6601f5e7342c02e57504609a3d55fad8bc167f5b09e9b0b9400bab2f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-1IcwalzMZvMXwDJOYXKj9A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-1IcwalzMZvMXwDJOYXKj9A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 27 Aug 2022 13:04:53 GMT
expires
Sat, 27 Aug 2022 13:04:53 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 07AC
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
30344
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 27 Aug 2022 04:39:08 GMT
expires
Sun, 27 Aug 2023 04:39:08 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame E2B8
783 B
737 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f147.1e100.net
Software
GSE /
Resource Hash
f219e67bb11c9a8f7b89e0e4913886e5a272afd176bdf1eebe4ca1a84a9e16ab
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-CZmXjuHbLolwq-jp87Qg8w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-CZmXjuHbLolwq-jp87Qg8w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 27 Aug 2022 13:04:53 GMT
expires
Sat, 27 Aug 2022 13:04:53 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
smtr
contextual.media.net/ Frame D953
89 KB
33 KB
Script
General
Full URL
https://contextual.media.net/smtr?cb=window._mNDetails.initAd&&gdpr=0&cid=8CUABW64L&cpcd=ZNUXWKgjxAVr8bMpeLkZyA%3D%3D&crid=357234536&size=250x250&cc=AU&chnm=NO_STRATEGY&pid=8PO15GP54&tpid=TT2CP55&https=1&vif=2&requrl=https%3A%2F%2Fwww.bg3.co&kwrf=https%3A%2F%2Fadx.holmesmind.com&nse=5&vi=1661605492860920198&lw=1&ugd=4&adt1=8CU3SX34C&adt2=529820104&bae=B44B4e4eae&bcpf=B44B4e48fOnRrolnfOur8eae&bdrId=313&ntv=0&matchstring=hr%3D0%7Cbcat%3D11%2Ca%2C13%2C47%2C14h%2C3y%2Ck2%2Cov%2Ch%2Cgo%2Ci%2Cj3%2Ci2%2C150%2C133%2C3%2C149%2C4k%2C13a%7Ccsh%3D1&katpre=1&katbid=-103&pgid=p12015441210t202208271304&goent=1&nb=1&cadomain=tzR-hLcl-L81q0bo4F7GnA3mMwDIDjC2d77KxBXphR_fTCDUsmLZYQ%3D%3D&allsc=NSW
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/nmedianet.js?cid=8CUABW64L
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.195.152.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-23.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
18a6fc4b79a6db4fba28c841d4268c65e3a1a501d89424a02af57419e23ca280
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Aug 2022 13:04:53 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
text/javascript
expires
Sat, 27 Aug 2022 13:04:53 GMT
cache-control
max-age=0, no-cache, no-store
x-sc-h
22-n52f
strict-transport-security
max-age=31536000
timing-allow-origin
*
content-length
33517
x-sc-w
22-b2fq
bping.php
lg3.media.net/ Frame D953
15 B
15 B
Image
General
Full URL
https://lg3.media.net/bping.php?vgd_len=557&&vgd_cdv=784&gdpr=0&prid=8PRVCXX19&cid=8CUABW64L&crid=357234536&vi=1661605492860920198&ugd=4&lf=6&kwrf=https%3A%2F%2Fadx.holmesmind.com&cc=AU&sc=NSW&lper=100&wsip=2886994110&r=1661605492675&requrl=https%3A%2F%2Fwww.bg3.co&vgd_l2type=sca&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=54203&vgd_rakh=1661605491135886126&vgd_l1rhst=contextual.media.net&vgd_rpth=%2Fnmedianet.js&vgd_hb_audit_1=8CU3SX34C&vgd_hb_audit_2=529820104&vgd_pgid=p12015441210t202208271304&vgd_pgids=1&vgd_uspa=0&hvsid=00001661605492671029185683526066&gdpr=0&vgd_end=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661605490223&bpp=13&bdt=288&idt=340&shv=r20220822&mjsv=m202208230101&ptt=5&saldr=sa&correlator=5128949353106&frm=8&ife=1&pv=2&ga_vid=1225699553.1661605491&ga_sid=1661605491&ga_hid=764326721&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31069151&oid=2&pvsid=2035389648816233&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.8h18uca2tbtf&fsb=1&dtd=357
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.252.26 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-252-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=21600
server
Apache
date
Sat, 27 Aug 2022 13:04:52 GMT
ntcoent-length
15
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
max-age=46672
content-length
15
checksync.php
contextual.media.net/ Frame C65B
26 KB
10 KB
Document
General
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CU3SX34C&prvid=99%2C77%2C20000%2C2033%2C262%2C241%2C3018%2C246%2C4%2C313%2C359%2C10000%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661605490223&bpp=13&bdt=288&idt=340&shv=r20220822&mjsv=m202208230101&ptt=5&saldr=sa&correlator=5128949353106&frm=8&ife=1&pv=2&ga_vid=1225699553.1661605491&ga_sid=1661605491&ga_hid=764326721&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31069151&oid=2&pvsid=2035389648816233&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.8h18uca2tbtf&fsb=1&dtd=357
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.195.152.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
a23f3ab75520683eca1f3dd55eabd046fa3eb1757df256d7e6fc8a7c5ca2ce28
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
9411
content-type
text/html; charset=UTF-8
date
Sat, 27 Aug 2022 13:04:52 GMT
expires
Mon, 29 Aug 2022 13:04:52 GMT
p3p
CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
clog
hblg.media.net/ Frame D953
35 B
172 B
Image
General
Full URL
https://hblg.media.net/clog?logid=awlog&pixel_len_bucket=4696&lmt_enf=true&req_mtype%3C%3E=0&mx_nsz=3&spSource=0&ifst=0&vid=YwoWcgAMh7QKp4LGNQimUg&s_city=dallesport&ugd=4&bcat%3C%3E=1000037%23%2310539%23%231000036%23%231000004%23%2313612%23%2313740%23%2310445%23%2310031%23%2313423%23%231000031%23%231000030%23%2310130%23%2311669%23%2313525%23%2313589%23%231000024%23%2310648%23%2311321%23%2310106%23%2310366%23%2313566&exp=sfl%3Dfalse%7CssBucket%3D0%7Cbfl%3D-100%7Csch%3D1%7Cclt%3D3%7CssProfile%3D0%7Cdbr%3D1%7Ctpi%3D1&app=0&ctr=3.6502737E-4&mx_TAF=3&device_id=4&ae=false&mx_UCC=1&prspt=headerBid&mx_bss_algos%3C%3E=0&usp_status=0&seat=BID_API&og_cbdp=0.020&size=250x250&mx_TAS=1&mx_gpid_sent=false&xtmax=290&commit_id=ba20ae08&scrid=1700080812610100250025000000500&itypeid=17&mx_SPRIG=0&viewability=-1&renderer=1&be=0&rtime=9.0&adj0=0.0&tmax=300&s_ip=74.125.186.2&adj2=0.0&adj1=0.0&feedback_id=YwoWcgAMh7QKp4LGNQimUg&adtypes=0&mx_aabpc=0&reqid=YwoWcgAMh7QKp4LGNQimUg&sc=AU-NSW&sd=1&mowxReqId=1ddbd3b1b35b4676b8bda238db3e0c75_1&ifdp=0&requrl=https%3A%2F%2Fwww.bg3.co&bidrestime=1661605490929&pv_adtype=0&cc=AU&strg=NO_STRATEGY&pcrid=8CUABW64L-357234536-35-18&coppa_enf=true&bdp=0.020&ct=beaconsfield&spIsReq=3&s=1&abs=0%7C0%7Cxtmax%3D290%7CNO_STRATEGY%7Cbrr%3D1&mx_epbc=8CUABW64L&dnt_enf=false&mx_ssBucket=0&vls=0&asn=54203&mang=1&fleet=common-istio&mx_isLossNtf=false&advUrl=https%3A%2F%2Ftopics.businessfocus.online&dn=bg3.co&dt=O&acid=1ddbd3b1b35b4676b8bda238db3e0c75&actltime=19&act=headerBid&iframingState=0&mx_lr_seg_deal=0&exclattr=32%7C34%7C70%7C13%7C14%7C15%7C16%7C48%7C17%7C114%7C18%7C19%7C20%7C22%7C25%7C26%7C27%7C30%7C95&dfpBd=0.02&sckfl=1&dmm_erpm=false&mx_lr=0&mview=1&smbrid=adx-1&bfs=103&rfc=-1&prvApiId=8CUABW64L&epcexp=false&pubid=pub-ADX-101418826937&mx_bsProfile=0&cid=8CU3SX34C&bcrid=1700080812610100250025000000500&omul=1.0&res_mtype=0&apPrfs%3C%3E=62%23%2313%23%2361&suid=CAESEAI7obbsqEZwuCbocTBqXvc&chnl=NO_STRATEGY&pst=0&reqsize=250x250&adpos=3&itype=ADX&mx_g_one_uid_sent=None&spCst=0&mx_sid=8CUABW64L&tgtval=pub-ADX-101418826937&__expireat=1661606091183&lmt_status=N&reftype=0&prvAccId=357234536&ckfl=0&lper=1&mx_tgs=250x250%7C300x250%7C336x280&cbdp=0.02&pvdTmax=255&ltime=18.0&epc=357234536&ctr_vendor=EXCHANGE&prvReqId=33577055852666_1422833886_52982010413131&zip=2015&exid=31&spFst=0&mx_GCID=0&cliIPType=v4&pexid=ADX-pub-4485239425924787&ybnca_erpm=0.01&brsrclk=0&sbdrid=186&rtttime=23&apTags%3C%3E=75&mx_PC=1&wsip=mowx-istio-65f85dbfc8-tzhnl&currsrc_date=2022-08-26+00%3A00%3A00&psrc=fail&geoll=false&omid=0&debug_ts=2022-08-27+13%3A04%3A50&policy_enf=2&mx_ssProfile=0&mx_SC=0&reftime=0&pbidflr=0.010&spbf=0&currsrc=API&fpusp=false&lmt_applied=N&mnrfc=-1&pub_blk_enf=1&amptype=1&moau=true&ocurr=USD&snm=SUCCESS&mx_IAB2=0&usp_enf=1&bidflr=0.010&incentive_type=0&skadidfl=0&pid=8PR113JGC&spTo=3&pvid=313&schain_cmpl=1&is_ortb=false&mx_aurl_hc=0&ucrid_ver=2&mx_maq_call=false&mx_uid_sent=0&mx_sbp=-10.0&mnrf=0&slotVisibility=2&dbf=1&gdpr=0&gqid=AHfbET6C1IBN216QtTNBUsskj6c71DTSwiejPOrAmTiz6_77aywHyZjRi-CVVJv-y6t3mdw8&dmm_ogerpm=false&csip=rtb-common-istio-766cd78bb4-tvmrr.SG&mx_bsBucket=0&mx_aurt=0&spIvt=3&ptype=23&media=0&acsn=1&dtc=apac_sg&mx_aqcpl_crid=4&ogbdp=0.02&tpbTkn=false&adblk=3314916115&fpuReq=0&vcmplrt=-1.0&crid=529820104&geo_source=2&sat=1&mnet_ckfl=0&opbidflr=0.010&impId=1&rme=adm&bdata=sd2%3Dnull~iurl_l%3D50~ogerpm%3D0.01~smm_bid%3D0.02~vis_sd%3D652~dc2%3D1~scd%3Dnsw~v_asn%3D54203~vl2r_sd%3D2022082705~iurl_b%3D51948.05~url_tkc%3D1~std%3D~last%3D~vis_url_b%3D0.15~ip%3D3bw0Uw~fbb%3D0~vis_url_l%3D40~riipua%3D96%2C104~et%3D8~rc%3D1~risuid%3D0%2C0~rps_sd%3D2022082706~vis_b%3D103.37~url_b%3D0.02~url_tvi%3D1246~smm_wr%3D36.9801~url_l%3D50~gcat%3D-1~bb%3D186~vv%3D0~l2r_b%3D1000~erpm%3D0.01~MFB%3D1p~bm%3D1~smm_sd%3D2022082704~sid%3D530814538d73e7b3f2af2a8e26eb3fc5~sd%3D1~uid%3DaQw3QnoMVfUssVAP2~btd%3D242908646837467429331899543322577645832910099788082042002461662700194653515776593920~d2p_l%3D70~3pcf%3D1.57~uim%3D0~dmm_strg%3Dno_strategy~d2p_b%3D1~ogd2p_b%3D0.97~vurl_b%3D0.11~ss%3DNA~uiw%3D-1~ce%3D0~rps_b%3D9.81~vurl_l%3D50~CI%3D2727~nts%3D3~tb%3D-1~ct%3Dbeaconsfield~basis2%3D196~basis1%3D196~isRef%3D0~ivurl_b%3D8.86~isif%3D0~lc%3D3~bid%3D0.02~dc%3D8~vl2r_b%3D1.37~ivurl_l%3D50~supply_tag_id%3D%7Eamp%3D1%7Ecbdp%3D0.020%7Edmm%3Dno_strategy%7Esuid%3DCAESEAI7obbsqEZwuCbocTBqXvc%7Esd%3D1%7Edtc%3Dapac_sg%7Exid%3DADX-pub-4485239425924787%7Edalg%3Dno_strategy%7Ehtml%3D1%7Eadblk%3D3314916115%7Esobp%3D%7Ectr%3D3.6502737E-4%7Ebdpcapd%3D0%7Edmm_erpm%3Dfalse%7Ebflr%3D0.010%7Eogbid%3D0.020%7Eac_type%3D1%7Eitype_id%3D17%7Eseller_tag_id%3D%7Edetected_tag_id%3D%7Edcut%3D1%7Edogb%3D0-1~ibc%3D1~ddt%3D-1~nsz%3D3~tgs%3D250x250%7C300x250%7C336x280~bsb%3D0~bsp%3D0~tmx%3D255&utime=1745&sf=0&cpr=0.6333565903288343
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661605490223&bpp=13&bdt=288&idt=340&shv=r20220822&mjsv=m202208230101&ptt=5&saldr=sa&correlator=5128949353106&frm=8&ife=1&pv=2&ga_vid=1225699553.1661605491&ga_sid=1661605491&ga_hid=764326721&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31069151&oid=2&pvsid=2035389648816233&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.8h18uca2tbtf&fsb=1&dtd=357
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.252.26 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-252-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
max-age=3600
date
Sat, 27 Aug 2022 13:04:52 GMT
server
Apache
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=21600
content-length
35
expires
Sat, 27 Aug 2022 19:04:52 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 1D20
1 KB
749 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661605490223&bpp=13&bdt=288&idt=340&shv=r20220822&mjsv=m202208230101&ptt=5&saldr=sa&correlator=5128949353106&frm=8&ife=1&pv=2&ga_vid=1225699553.1661605491&ga_sid=1661605491&ga_hid=764326721&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31069151&oid=2&pvsid=2035389648816233&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.8h18uca2tbtf&fsb=1&dtd=357
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
20048
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 27 Aug 2022 07:30:44 GMT
etag
48472445140208031
expires
Sun, 28 Aug 2022 07:30:44 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame D953
215 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e44bf64365025aa3e687241dfda1dee8a8e0e2a6586d5005fd666986923eead5

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B64E
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
30344
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 27 Aug 2022 04:39:08 GMT
expires
Sun, 27 Aug 2023 04:39:08 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 99DA
783 B
534 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f147.1e100.net
Software
GSE /
Resource Hash
436258a61b89ee88ab203ef06fd731594564a0abc0c02dbdf48984f962911ee2
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-C7Ek8yBNQmxRIsxaZPSGlg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-C7Ek8yBNQmxRIsxaZPSGlg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 27 Aug 2022 13:04:53 GMT
expires
Sat, 27 Aug 2022 13:04:53 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
hd9qiIGAqjescZkeItwy2wgAtCffeqilIyGkY3Q_MTc.js
pagead2.googlesyndication.com/bg/ Frame 5896
36 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/hd9qiIGAqjescZkeItwy2wgAtCffeqilIyGkY3Q_MTc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
sffe /
Resource Hash
85df6a888180aa37ac71991e22dc32db0800b427df7aa8a52321a463743f3137
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 14:12:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
341554
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14041
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 08:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 23 Aug 2023 14:12:18 GMT
hd9qiIGAqjescZkeItwy2wgAtCffeqilIyGkY3Q_MTc.js
pagead2.googlesyndication.com/bg/ Frame 07AC
36 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/hd9qiIGAqjescZkeItwy2wgAtCffeqilIyGkY3Q_MTc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
sffe /
Resource Hash
85df6a888180aa37ac71991e22dc32db0800b427df7aa8a52321a463743f3137
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 14:12:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
341554
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14041
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 08:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 23 Aug 2023 14:12:18 GMT
smtr
contextual.media.net/ Frame B136
86 KB
28 KB
Script
General
Full URL
https://contextual.media.net/smtr?cb=window._mNDetails.initAd&&gdpr=0&cid=8CU4JWBS7&cpcd=7rRp17Jcr0dK_ZLqU2NgxQ%3D%3D&crid=781214713&size=120x600&cc=AU&chnm=NO_STRATEGY&pid=8POGBHUQ8&tpid=T213342&https=1&vif=1&requrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffrettechun-xia-xi-lie-qin-zhi-shang-yan-xia-lu-ji-you.html&nse=5&vi=1661605492230080506&lw=1&ugd=4&adt1=8CU2CV286&adt2=752115612&bcpf=8fOnRrolnfOur8B44B4e4eqq&bdrId=4&ntv=0&matchstring=hr%3D0%7Cbcat%3Dh%2Ci2%7Ccsh%3D1&kttle=FRETTE%E6%98%A5%E5%A4%8F%E7%B3%BB%E5%88%97%E5%AF%A2%E7%B9%94%E3%80%80%E4%B8%8A%E6%BC%94%E5%A4%8F%E6%97%85%E7%B4%80%E9%81%8A%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&katpre=1&katbid=-102&pgid=p1360947487t202208271304&goent=1&nb=1&cadomain=tzR-hLcl-L-HShN42-uufdV3aTJmADGXGdtTl7u2al8%3D&allsc=NSW
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/nmedianet.js?cid=8CU4JWBS7
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.195.152.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-23.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
8d0377b1685d345fd261f141bfae113c9e8135fc805c73a659d3a786f928512b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Aug 2022 13:04:53 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
text/javascript
expires
Sat, 27 Aug 2022 13:04:53 GMT
cache-control
max-age=0, no-cache, no-store
x-sc-h
22-vdb2
strict-transport-security
max-age=31536000
timing-allow-origin
*
content-length
28631
x-sc-w
22-14wz
bping.php
lg3.media.net/ Frame B136
15 B
15 B
Image
General
Full URL
https://lg3.media.net/bping.php?vgd_len=583&&vgd_cdv=784&gdpr=0&prid=8PRVCXX19&cid=8CU4JWBS7&crid=781214713&vi=1661605492230080506&ugd=4&lf=6&cc=AU&sc=NSW&lper=100&wsip=2886781043&r=1661605492897&requrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffrettechun-xia-xi-lie-qin-zhi-shang-yan-xia-lu-ji-you.html&vgd_l2type=sca&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=54203&vgd_rakh=1661605491169804570&vgd_l1rhst=contextual.media.net&vgd_rpth=%2Fnmedianet.js&vgd_hb_audit_1=8CU2CV286&vgd_hb_audit_2=752115612&vgd_pgid=p1360947487t202208271304&vgd_pgids=1&vgd_uspa=0&hvsid=00001661605492894029185683527255&gdpr=0&vgd_end=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/frettechun-xia-xi-lie-qin-zhi-shang-yan-xia-lu-ji-you.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.252.26 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-252-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=21600
server
Apache
date
Sat, 27 Aug 2022 13:04:53 GMT
ntcoent-length
15
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
max-age=46671
content-length
15
checksync.php
contextual.media.net/ Frame C18C
26 KB
9 KB
Document
General
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=10&cv=31&https=1&cid=8CU2CV286&prvid=99%2C77%2C4%2C359%2C10000%2C229%2C9&itype=APPNEXUS_EXPERIMENT&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/frettechun-xia-xi-lie-qin-zhi-shang-yan-xia-lu-ji-you.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.195.152.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b37bd059a2794987b85d962dab8732d3f4a9df0ef8ebf9767131949e1f2198d5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
9350
content-type
text/html; charset=UTF-8
date
Sat, 27 Aug 2022 13:04:53 GMT
expires
Mon, 29 Aug 2022 13:04:53 GMT
p3p
CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
clog
hblg.media.net/ Frame B136
35 B
172 B
Image
General
Full URL
https://hblg.media.net/clog?logid=awlog&pixel_len_bucket=4292&lmt_enf=true&req_mtype%3C%3E=0&mx_nsz=1&spSource=0&insl=0&ifst=0&vid=1313286209839659035&s_city=los+angeles&ugd=4&bcat%3C%3E=IAB14-1%23%23IAB7-39&exp=ssProfile%3D0%7Csfl%3Dfalse%7CssBucket%3D0%7Cbfl%3D-100%7Csch%3D1%7Cclt%3D2%7Cfl_rl%3D1%7Ckbb_se%3D1%7Cdbr%3D1%7Ctpi%3D1&app=0&ctr=-1.0&mx_TAF=2&device_id=4&ae=false&mx_UCC=1&prspt=headerBid&mx_bss_algos%3C%3E=0&usp_status=0&seat=BID_API&og_cbdp=0.010&size=120x600&mx_TAS=1&mx_gpid_sent=false&xtmax=148&commit_id=d0280a84&scrid=352177074&itypeid=21&mx_SPRIG=0&viewability=79&renderer=0&be=0&rtime=24.0&adj0=0.0&tmax=150&s_ip=104.254.150.138&adj2=0.0&adj1=0.0&adtypes=0&mx_aabpc=0&reqid=1313286209839659035&sc=NSW&mowxReqId=90cf79fb388642a2bf17d320ccedbb0f_1&ifdp=0&requrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffrettechun-xia-xi-lie-qin-zhi-shang-yan-xia-lu-ji-you.html&bidrestime=1661605488816&pv_adtype=0&cc=AU&strg=NO_STRATEGY&pcrid=8CU4JWBS7-781214713-35-1&coppa_enf=true&devmodel=Unknown&bdp=0.010&ct=Beaconsfield&spIsReq=3&s=1&abs=0%7C0%7Cxtmax%3D148%7CNO_STRATEGY%7Cbrr%3D1&mx_epbc=8CU4JWBS7&dnt_enf=false&mx_ssBucket=0&vls=0&asn=54203&mang=1&fleet=common&mx_isLossNtf=false&advUrl=https%3A%2F%2Frelated.360topics.com&dn=bg3.co&dt=O&acid=90cf79fb388642a2bf17d320ccedbb0f&actltime=47&act=headerBid&iframingState=0&mx_lr_seg_deal=1&dfpBd=0.01&sckfl=0&dmm_erpm=false&mx_lr=0&coppa_applied=N&mview=1&smbrid=11901&bfs=103&rfc=-1&prvApiId=8CU4JWBS7&epcexp=false&pubid=pub-appnexus-exp&mx_bsProfile=0&cid=8CU2CV286&bcrid=352177074&omul=1.0&res_mtype=0&apPrfs%3C%3E=62%23%2313%23%2361&chnl=NO_STRATEGY&pst=0&reqsize=120x600&adpos=0&itype=APPNEXUS_EXPERIMENT&mx_g_one_uid_sent=None&user_data_cnt=0&spCst=0&mx_sid=8CU4JWBS7&tgtval=pub-appnexus-exp&__expireat=1661606089091&dnt_status=N&reftype=0&viewability_vendor=EXCHANGE&prvAccId=781214713&ckfl=0&lper=1&mx_tgs=120x600&dummy_vsid=false&cbdp=0.01&pvdTmax=104&ltime=30.0&epc=781214713&prvReqId=72252282246795_138604127_75211561241&zip=2015&exid=31&spFst=0&mx_GCID=0&cliIPType=v4&pexid=APPNEXUS_EXPERIMENT-1800859&ybnca_erpm=0.01&brsrclk=0&sbdrid=196&rtttime=58&apTags%3C%3E=75&mx_PC=1&wsip=mowx-ff548b566-8r7bk&currsrc_date=2022-08-26+00%3A00%3A00&mx_divid=22132338&geoll=false&omid=0&debug_ts=2022-08-27+13%3A04%3A48&mx_ssProfile=0&devbrand=Unknown&mx_SC=0&reftime=15000&pbidflr=0.000&spbf=0&currsrc=API&fpusp=false&mnrfc=-1&moau=true&ocurr=USD&stagid=22132338&snm=SUCCESS&mx_IAB2=0&usp_enf=0&bidflr=0.000&coppa_status=N&incentive_type=0&skadidfl=0&pid=8PR113JGC&spTo=3&ecp=0.09&pvid=4&schain_cmpl=1&is_ortb=true&mx_aurl_hc=0&ucrid_ver=2&mx_maq_call=false&mx_uid_sent=0&mx_sbp=-10.0&mnrf=0&slotVisibility=0&dbf=1&gdpr=0&dmm_ogerpm=false&csip=rtb-common-77ffd8d77f-g4slh.LA&mx_bsBucket=0&mx_aurt=0&spIvt=3&dsid=22132338&ptype=23&media=0&acsn=1&dtc=west_la&mx_aqcpl_crid=4&ogbdp=0.01&tpbTkn=false&fpuReq=1&vcmplrt=-1.0&crid=752115612&geo_source=2&sat=1&mnet_ckfl=0&dfpDiv=22132338&opbidflr=0.000&impId=2014329365697016209&rme=adm&bdata=sd2%3Dnull~iurl_l%3D40~ogerpm%3D0.01~vw_exc%3D0.79~smm_bid%3D0.01~vis_sd%3D654~dc2%3D1~scd%3Dnsw~v_asn%3D54203~vl2r_sd%3D2022082706~iurl_b%3D5509.95~url_tkc%3D0~std%3D22132338~MP%3D.*tech.*~last%3D~vis_url_b%3D0.99~ip%3D3bw0X6~fbb%3D0~vis_url_l%3D30~riipua%3D1%2C1~et%3D24~rc%3D1~rps_sd%3D2022082707~vis_b%3D997.99~url_b%3D0.18~url_tvi%3D0~smm_wr%3D43.1777~ecp_eer%3D9~url_l%3D40~gcat%3D-1~bb%3D196~vv%3D0~l2r_b%3D1000~erpm%3D0.01~MFB%3DB~bm%3D1.05~smm_sd%3D2022082704~sid%3D12948fd0fab38e7f7d124a8d9506e143~sd%3D0~uid%3Df2daDTzDjEaMKA4hA~btd%3D242893839924056638882556428602181621569999897251187488849696732796512682007669964800~d2p_l%3D50~3pcf%3D326.15~uim%3D0~dmm_strg%3Dno_strategy~d2p_b%3D1~ogd2p_b%3D0.99~vurl_b%3D0.35~ss%3DNA~uiw%3D-1~ce%3D0~rps_b%3D26.16~vurl_l%3D30~CI%3D2727~nts%3D1~MP2%3D.*tech.*~tb%3D-1~ct%3Dbeaconsfield~basis2%3D196~basis1%3D196~isRef%3D0~ivurl_b%3D2.85~PF%3D0~isif%3D0~lc%3D3~bid%3D0.01~dc%3D8~vl2r_b%3D0.51~ivurl_l%3D30~supply_tag_id%3D22132338%7Eviewability%3D0.79016%7Ecbdp%3D0.010%7Edmm%3Dno_strategy%7Esuid%3D%7Einsl%3D0%7Edtc%3Dwest_la%7Edalg%3Dno_strategy%7Ehtml%3D1%7Esobp%3D%7Ebdpcapd%3D0%7Edmm_erpm%3Dfalse%7Ebflr%3D0.000%7Eogbid%3D0.010%7Eitype_id%3D21%7Eseller_tag_id%3D22132338%7EcarrierId%3D0%7Edcut%3D1%7Edogb%3D0-1~ibc%3D1~ddt%3D-1~nsz%3D1~tgs%3D120x600~bsb%3D0~bsp%3D0~tmx%3D104&utime=4058&sf=0&cpr=0.2625703094358358
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/frettechun-xia-xi-lie-qin-zhi-shang-yan-xia-lu-ji-you.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.252.26 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-252-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
max-age=3600
date
Sat, 27 Aug 2022 13:04:53 GMT
server
Apache
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=21600
content-length
35
expires
Sat, 27 Aug 2022 19:04:53 GMT
checksync.php
contextual.media.net/ Frame 9E21
26 KB
9 KB
Document
General
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=10&cv=31&https=1&cid=8CU2CV286&prvid=99%2C77%2C4%2C359%2C10000%2C229%2C9&itype=APPNEXUS_EXPERIMENT&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/frettechun-xia-xi-lie-qin-zhi-shang-yan-xia-lu-ji-you.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.195.152.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
418697da4b44e32914ee7bd55cd76f4357482f63e5300f4933b376e783049721
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
9350
content-type
text/html; charset=UTF-8
date
Sat, 27 Aug 2022 13:04:53 GMT
expires
Mon, 29 Aug 2022 13:04:53 GMT
p3p
CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
rd_log
lax1-ib.adnxs.com/ Frame B136
0
819 B
Script
General
Full URL
https://lax1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffrettechun-xia-xi-lie-qin-zhi-shang-yan-xia-lu-ji-you.html&e=wqT_3QLHBOhHAgAAAwDWAAUBCPCsqJgGEPTRssm7uqa7KhgAKjYJexSuR-F6lD8RYVRSJ6CJkD8ZAAAAgD0Ktz8hYQ0SACkRJBAxAAAAQAEtsDDy7MYKOP1cQOpcSOADULiX96cBWLm0igFgAGi1kbMBeACAAQGKAQNVU0SSAQEG8GmYAdgEoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABANgCAOACjepa6gJPaHR0cHM6Ly93d3cuYmczLmNvL2EvZnJldHRlY2h1bi14aWEteGktbGllLXFpbi16aGktc2hhbmcteWFuBR3whmx1LWppLXlvdS5odG1sgAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgD9MDEAeADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA8xNzMuMjQ1LjIwOS4xNjCoBACyBBAIABAEGNgFIPoBKAEwADgCuAQAwAQAyAQA2gQCCAHgBAHwBCUYWIgFAZgFAKAFm_Clz5jb7pwSwAUAyQUABQEU8D_SBQkJBQt8AAAA2AUA4AUB8AX1pAn6BQQIABAAkAYAmAYAuAYAwQYBITQAAPA_0Ab54wLaBhYKEAkSGQFcEAAYAOAGAfIGAggAgAcBiAcAoAcBugcPAUlAGAAgADAAOIgBQADIBwDSBw0VdQE2CNoHBgklaOAHAOoHAggA8AeY0AqKCAIQAJUIAACAP5gIAQ..&s=cec2b7ee818bb1f45108dc4c92eef97e1f4ed21f&bdref=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffrettechun-xia-xi-lie-qin-zhi-shang-yan-xia-lu-ji-you.html&bdtop=true&bdifs=1&bstk=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffrettechun-xia-xi-lie-qin-zhi-shang-yan-xia-lu-ji-you.html,https%3A%2F%2Fwww.bg3.co%2Fa%2Ffrettechun-xia-xi-lie-qin-zhi-shang-yan-xia-lu-ji-you.html&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/frettechun-xia-xi-lie-qin-zhi-shang-yan-xia-lu-ji-you.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.148.251 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
893.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 27 Aug 2022 13:04:53 GMT
X-Proxy-Origin
173.245.209.160; 173.245.209.160; 893.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid
38d5103e-6e52-4d9c-87ac-d66b0129eb51
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 1D20
Redirect Chain
  • https://mweb.ck.inmobi.com/sync/3?redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dinmobi_pte_limited%26google_hm%3D%24DSP_CKID&google_gid=CAESELTVif6x3LnHwc4LnwZOfGE&google_cver=...
  • https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=NmEyNmJlMTYtZTIxYy00ZGRlLWE0YTYtYWYyZWQ0OWI1ZTcz&google_gid=CAESELTVif6x3LnHwc4LnwZOfGE&google_cver=1&google_push=AehlK4BL...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=NmEyNmJlMTYtZTIxYy00ZGRlLWE0YTYtYWYyZWQ0OWI1ZTcz&google_gid=CAESELTVif6x3LnHwc4LnwZOfGE&google_cver=1&google_push=AehlK4BLyCZhdCMVfZVZrlm-J1HwTyUpMrBnIDFkzIxn1p4nZv1wANYkklAkKKUOLhXQjllPcKZNhLDuLqQgdgUYJCgwQbmuShh4
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661605490223&bpp=13&bdt=288&idt=340&shv=r20220822&mjsv=m202208230101&ptt=5&saldr=sa&correlator=5128949353106&frm=8&ife=1&pv=2&ga_vid=1225699553.1661605491&ga_sid=1661605491&ga_hid=764326721&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31069151&oid=2&pvsid=2035389648816233&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.8h18uca2tbtf&fsb=1&dtd=357
Protocol
H3
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Aug 2022 13:04:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=NmEyNmJlMTYtZTIxYy00ZGRlLWE0YTYtYWYyZWQ0OWI1ZTcz&google_gid=CAESELTVif6x3LnHwc4LnwZOfGE&google_cver=1&google_push=AehlK4BLyCZhdCMVfZVZrlm-J1HwTyUpMrBnIDFkzIxn1p4nZv1wANYkklAkKKUOLhXQjllPcKZNhLDuLqQgdgUYJCgwQbmuShh4
date
Sat, 27 Aug 2022 13:04:53 GMT
content-length
0
strict-transport-security
max-age=15724800; includeSubDomains
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 1D20
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEA5C-L181hRvA-kUEm4WmiE&google_cver=1&google_push=AehlK4ASncV9a8nZMJ_w1oFlCGp4uc4Ed-Eh367ZLan3Bt3UjtkIArpS7aRip-_L0XloGpkR4Y8C7VP_LphvB...
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEA5C-L181hRvA-kUEm4WmiE&google_push=AehlK4ASncV9a8nZMJ_w1oFlCGp4uc4Ed-Eh367ZLan3Bt3UjtkIArpS7aRip-_L0XloGpkR4Y8C7VP_LphvB...
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AehlK4ASncV9a8nZMJ_w1oFlCGp4uc4Ed-Eh367ZLan3Bt3UjtkIArpS7aRip-_L0XloGpkR4Y8C7VP_LphvB2uWqPNqjDCJWKrs&google_hm=bVduTXh6V0lXamNSY3JF...
170 B
189 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AehlK4ASncV9a8nZMJ_w1oFlCGp4uc4Ed-Eh367ZLan3Bt3UjtkIArpS7aRip-_L0XloGpkR4Y8C7VP_LphvB2uWqPNqjDCJWKrs&google_hm=bVduTXh6V0lXamNSY3JFejVueGs=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661605490223&bpp=13&bdt=288&idt=340&shv=r20220822&mjsv=m202208230101&ptt=5&saldr=sa&correlator=5128949353106&frm=8&ife=1&pv=2&ga_vid=1225699553.1661605491&ga_sid=1661605491&ga_hid=764326721&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31069151&oid=2&pvsid=2035389648816233&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.8h18uca2tbtf&fsb=1&dtd=357
Protocol
H3
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Aug 2022 13:04:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 27 Aug 2022 13:04:54 GMT
P3p
CP="We do not support P3P header."
Location
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AehlK4ASncV9a8nZMJ_w1oFlCGp4uc4Ed-Eh367ZLan3Bt3UjtkIArpS7aRip-_L0XloGpkR4Y8C7VP_LphvB2uWqPNqjDCJWKrs&google_hm=bVduTXh6V0lXamNSY3JFejVueGs=
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
236
Expires
Thu, 01 Dec 1994 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 1D20
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=oqTH8GzVRRKN_6EpfIT3TA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=oqTH8GzVRRKN_6EpfIT3TA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AehlK4DnFUQk4wbtfgbFOOqD9jD2TROUyaGnkRtuHlEgagYjkUwZPCXM0JPju0CdqeYQujhSN9synLgJVbV_GsVEylxxEXMrql--
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661605490223&bpp=13&bdt=288&idt=340&shv=r20220822&mjsv=m202208230101&ptt=5&saldr=sa&correlator=5128949353106&frm=8&ife=1&pv=2&ga_vid=1225699553.1661605491&ga_sid=1661605491&ga_hid=764326721&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31069151&oid=2&pvsid=2035389648816233&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.8h18uca2tbtf&fsb=1&dtd=357
Protocol
H3
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Aug 2022 13:04:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=oqTH8GzVRRKN_6EpfIT3TA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AehlK4DnFUQk4wbtfgbFOOqD9jD2TROUyaGnkRtuHlEgagYjkUwZPCXM0JPju0CdqeYQujhSN9synLgJVbV_GsVEylxxEXMrql--
date
Sat, 27 Aug 2022 13:04:53 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 1D20
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEHYyvyaGOnNJEYhonsrHXeo&google_cver=1&googl...
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEHYyvyaGOnNJEYhonsrHXeo&google_push=Ae...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEHYyvyaGOnNJEYhonsrHXeo&google_hm=YwoWdcgTHpa4MY_Qthh88QAAA00AAAIB&google_nid=index&google_push=AehlK4B5F_VPuAS-mCePJ_MyZN293d904GaOS...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEHYyvyaGOnNJEYhonsrHXeo&google_hm=YwoWdcgTHpa4MY_Qthh88QAAA00AAAIB&google_nid=index&google_push=AehlK4B5F_VPuAS-mCePJ_MyZN293d904GaOSzLnS3EpFueXrr64xnMOduJvsnuxt9Ih9ZvQVoBseP5srGIaApf7gLEji8HL3Tbt
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661605490223&bpp=13&bdt=288&idt=340&shv=r20220822&mjsv=m202208230101&ptt=5&saldr=sa&correlator=5128949353106&frm=8&ife=1&pv=2&ga_vid=1225699553.1661605491&ga_sid=1661605491&ga_hid=764326721&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31069151&oid=2&pvsid=2035389648816233&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.8h18uca2tbtf&fsb=1&dtd=357
Protocol
H3
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Aug 2022 13:04:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 27 Aug 2022 13:04:53 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lA7FBYbmmlxX4el9dFjhh35mqUCqNpOQWBMnGpdljMb3%2B4oRzrBk1gTogjrDfkiLvCXLWRQyYdHQZdzNqLkbMWRI11HJ22hz01M%2F8jwC4d6N%2FlDM0T9QRJCzmABCwxwy6NaH9CBbw5z7MQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEHYyvyaGOnNJEYhonsrHXeo&google_hm=YwoWdcgTHpa4MY_Qthh88QAAA00AAAIB&google_nid=index&google_push=AehlK4B5F_VPuAS-mCePJ_MyZN293d904GaOSzLnS3EpFueXrr64xnMOduJvsnuxt9Ih9ZvQVoBseP5srGIaApf7gLEji8HL3Tbt
cache-control
no-cache
cf-ray
741503fecd7c55b7-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
pixel
cm.g.doubleclick.net/ Frame 1D20
Redirect Chain
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEClu3fJO8H7AfnuJhEE5oB4&google_cver=1&google_push=AehlK4C3548sitl5LygZOuUpAPMRFVtA3iAxG4Q8Xtq6PZM9MRfBIx3vhNmwv-AJxgARJ3fFoQ1oEo6rqjFrtBvrq...
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEClu3fJO8H7AfnuJhEE5oB4&google_cver=1&google_push=AehlK4C3548sitl5LygZOuUpAPMRFVtA3iAxG4Q8Xtq6PZM9MRfBIx3vhNmwv-AJxgARJ3fFoQ1oEo6rqjFrtBvrq...
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AehlK4C3548sitl5LygZOuUpAPMRFVtA3iAxG4Q8Xtq6PZM9MRfBIx3vhNmwv-AJxgARJ3fFoQ1oEo6rqjFrtBvrqKSRHK0Yrx2c&google_hm=FN0wBGZHBZ1CRQpZSYWmhGjd
170 B
189 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AehlK4C3548sitl5LygZOuUpAPMRFVtA3iAxG4Q8Xtq6PZM9MRfBIx3vhNmwv-AJxgARJ3fFoQ1oEo6rqjFrtBvrqKSRHK0Yrx2c&google_hm=FN0wBGZHBZ1CRQpZSYWmhGjd
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661605490223&bpp=13&bdt=288&idt=340&shv=r20220822&mjsv=m202208230101&ptt=5&saldr=sa&correlator=5128949353106&frm=8&ife=1&pv=2&ga_vid=1225699553.1661605491&ga_sid=1661605491&ga_hid=764326721&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31069151&oid=2&pvsid=2035389648816233&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.8h18uca2tbtf&fsb=1&dtd=357
Protocol
H3
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Aug 2022 13:04:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 27 Aug 2022 13:04:53 GMT
pod
X-Sovrn-Pod: ad_ap1sfo1
location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AehlK4C3548sitl5LygZOuUpAPMRFVtA3iAxG4Q8Xtq6PZM9MRfBIx3vhNmwv-AJxgARJ3fFoQ1oEo6rqjFrtBvrqKSRHK0Yrx2c&google_hm=FN0wBGZHBZ1CRQpZSYWmhGjd
access-control-allow-methods
GET, POST, DELETE, PUT
access-control-allow-origin
*
access-control-allow-credentials
true
connection
close
access-control-allow-headers
X-Requested-With, Content-Type
pixel
cm.g.doubleclick.net/ Frame 1D20
Redirect Chain
  • https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESEBlEfmoRojelpEWjhS8yGno&google_cver=1&google_push=AehlK4DuJLdtCqpMcqKQS4e7EdiCtNGhkVXFjGwtESNhHsUxAIcTf0vqduGRhhwKyJ...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AehlK4DuJLdtCqpMcqKQS4e7EdiCtNGhkVXFjGwtESNhHsUxAIcTf0vqduGRhhwKyJI39qiobCYyHRiMx3z4jyz7a6z1O4VhA6r5Dg&google_hm=y...
170 B
243 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AehlK4DuJLdtCqpMcqKQS4e7EdiCtNGhkVXFjGwtESNhHsUxAIcTf0vqduGRhhwKyJI39qiobCYyHRiMx3z4jyz7a6z1O4VhA6r5Dg&google_hm=yJx6PwuOQBakUFCLqYOWHaA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661605490223&bpp=13&bdt=288&idt=340&shv=r20220822&mjsv=m202208230101&ptt=5&saldr=sa&correlator=5128949353106&frm=8&ife=1&pv=2&ga_vid=1225699553.1661605491&ga_sid=1661605491&ga_hid=764326721&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31069151&oid=2&pvsid=2035389648816233&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.8h18uca2tbtf&fsb=1&dtd=357
Protocol
H2
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Aug 2022 13:04:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 27 Aug 2022 13:04:52 GMT
via
1.1 google
server
Apache-Coyote/1.1
status
302
p3p
CP="NOI DSP COR NID CUR OUR NOR"
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AehlK4DuJLdtCqpMcqKQS4e7EdiCtNGhkVXFjGwtESNhHsUxAIcTf0vqduGRhhwKyJI39qiobCYyHRiMx3z4jyz7a6z1O4VhA6r5Dg&google_hm=yJx6PwuOQBakUFCLqYOWHaA
cache-control
no-cache, must-revalidate
content-type
text/html;charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 1D20
Redirect Chain
  • https://an.yandex.ru/mapuid/google/CAESEO5aT6Pe2U1Fdld7kUIuFfw?ext-param=AehlK4DvMUZggNsLX4fAEE-8NAubUnUNLZ7k7Iv7wDApXu5wotM7YwqImivH_ZoCvX5X8SAHubXnLJCyybfaA5dSJFFzJbaB_zz9lg&partner-tag=yandex_ag...
  • https://an.yandex.ru/mapuid/google/CAESEO5aT6Pe2U1Fdld7kUIuFfw?redir-setuniq=1&ext-param=AehlK4DvMUZggNsLX4fAEE-8NAubUnUNLZ7k7Iv7wDApXu5wotM7YwqImivH_ZoCvX5X8SAHubXnLJCyybfaA5dSJFFzJbaB_zz9lg&partn...
  • https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEO5aT6Pe2U1Fdld7kUIuFfw&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
0
0

attr
cm.g.doubleclick.net/pixel/ Frame 1D20
0
232 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LiuHM83ALLqxaod2DHjRo3xv3XXamZIOgj-q5RPzEpSuF-damtT3TRdwezyRenv9FqTbqoKfk
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661605490223&bpp=13&bdt=288&idt=340&shv=r20220822&mjsv=m202208230101&ptt=5&saldr=sa&correlator=5128949353106&frm=8&ife=1&pv=2&ga_vid=1225699553.1661605491&ga_sid=1661605491&ga_hid=764326721&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31069151&oid=2&pvsid=2035389648816233&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.8h18uca2tbtf&fsb=1&dtd=357
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 13:04:53 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
hd9qiIGAqjescZkeItwy2wgAtCffeqilIyGkY3Q_MTc.js
pagead2.googlesyndication.com/bg/ Frame B64E
36 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/hd9qiIGAqjescZkeItwy2wgAtCffeqilIyGkY3Q_MTc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
sffe /
Resource Hash
85df6a888180aa37ac71991e22dc32db0800b427df7aa8a52321a463743f3137
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 14:12:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
341555
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14041
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 08:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 23 Aug 2023 14:12:18 GMT
cksync
cs.media.net/ Frame C65B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?cs=6&google_nid=media&google_cm=1&google_hm=MzA0NjA3MDkyNjgzNTI2MjAwMFYxMA%3D%3D&google_sc=1
  • https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEIJSp7YhSOqWIfdunUnGBGY&google_cver=1
45 B
446 B
Image
General
Full URL
https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEIJSp7YhSOqWIfdunUnGBGY&google_cver=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CU3SX34C&prvid=99%2C77%2C20000%2C2033%2C262%2C241%2C3018%2C246%2C4%2C313%2C359%2C10000%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.36.252.26 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-252-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Aug 2022 13:04:53 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Sat, 27 Aug 2022 13:04:53 GMT

Redirect headers

pragma
no-cache
date
Sat, 27 Aug 2022 13:04:53 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEIJSp7YhSOqWIfdunUnGBGY&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync
cs.media.net/ Frame C65B
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=66eb5718-c2c5-41f9-847a-03a744a00fbc
45 B
450 B
Image
General
Full URL
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=66eb5718-c2c5-41f9-847a-03a744a00fbc
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CU3SX34C&prvid=99%2C77%2C20000%2C2033%2C262%2C241%2C3018%2C246%2C4%2C313%2C359%2C10000%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.36.252.26 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-252-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Aug 2022 13:04:53 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Sat, 27 Aug 2022 13:04:53 GMT

Redirect headers

pragma
no-cache
date
Sat, 27 Aug 2022 13:04:53 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=66eb5718-c2c5-41f9-847a-03a744a00fbc
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
199
sodar
pagead2.googlesyndication.com/pagead/ Frame C332
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022082202&jk=2783791770466577&bg=!dHeldzPNAAYUOm8VNDo7ACkAdvg8Wv-YGuC8z15ydNhcjHll-QflOSXUZWPuz9fzw6d5YEvbLNF0BAIAAACmUgAAAAJoAQcKADbk47R96KpbX5w156e87IAPoiJeyTVJWiy9QdePCJMzmOa5EbYW0XShSmKOyhRytWYLxvDBlIGZArI-_PSBoxUILxdo2GHpWq3cbSUXi-_WFfEhg-g0QqstP6rNCn8LZsQkTxGkSIuZp5KnrjdYACTnJdbjri8AZfzy-eroMk5xe6i-7DGmmWqfMME5nFnzgEcd0QWEiCue0JPv3HleOuJXtuYeLjlsYjJ5VZgYsW8f0S-7amhIvY1h-ipv35G9bx89XqgyG3BE2648atvUIb_sPkBsz1VTJ-JW3Sr-nMLkC_VXgUTiYocuzFPeyy3MdsSS07fuMCMPp6okUFF3HwFpuqtJe6jh7DQ4po70ku9WWei94WpE4t7zIPXU_JZf2fDnsmAFzJRcD6vz5iHoZ_TaV7Z_KQX-oemjIOWxkdSekMq5xd2hA7YI1NPUhQOoYY5Gb-jhdvWUdH04C-G7KZoey73mFVJl_F58DAEox544xzIL28jKynFaYsspiCp15GGR7fpsOSlFDdy1scs7nSus5AxhWwhWYiWdl7gqRlmaVmN3BebY35Kt4Zh2KfrLaIi7BJyPUHFO9_33jDBqBm8OTsUjmOQYkK9reskhV0JNzdp-Ggvix6ojpZusr3tf3_fzbFzrJBW9aj9ReoqlaD79bmtjTRjjPC4R4ezPlMBL0_maJjf7WxFwjAOqRzhTIR0mxxJSATSuBolZHKObvYd_GytxctwDdzgxWDInBfOvHmKJEdDOIdZKcjqy0RzE-4kuT-ZkmnpSE_u4fCd-uGrrraFCV0ICldWn-XAn67EfJEK-DvMkSqRqP7MnUOEeSrUK4od1Ae0IJx4-jVVoeDAiooEK8Q8KauHU1TfEhKqtDGrWLJGIvGw36Y-u2TIZXH2f8ye4avrDLHZwJiG1rEP1tS6sxm-uI5d9BZx1pNMdDCxzKksMXs-x5DD_nzdoqlgQtwHLQE4iuqTuRm_Rduhbz-QR-vnTVVU-c8E
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/frettechun-xia-xi-lie-qin-zhi-shang-yan-xia-lu-ji-you.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

sodar
pagead2.googlesyndication.com/pagead/ Frame 923D
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022082202&jk=3292944035974725&bg=!mZqlmt7NAAYUOm8VNDo7ACkAdvg8WkGgJXfHDHPVplFpzgE_s-PwYnbtRGQuu7mI_bSG873Ba9cZ1wIAAACZUgAAAAFoAQcKAGR2hG50VVKhu1vr6y5cFYVqoxnDLHyYj8-9jjuay9ZHkZ7A7czVT5CxcV19ynnophmx2GVgrk4ebIvouMqF6iMfZrHAGlfbYDWKD1UMKbJeixUjWGb7kncrtLgpB-u20ObYGfW_mQLD5v4vBTzet9lwGmQcHCZW-SpmpaCjEn7mtiPQ11fOZ0rW6S32BQBZO_YPK0fdxkYxUbmKUls89apMTvEvBvWEJl6fGuACuz_iL2f1Kc7qvpCGRVlWGUWvO0uNw7WLFaz6EnLjNAk-B5eEVUh0E9aEWOX8jNktTEO7nbcvqz3tvjyMEkV2QfRGQit8HDG-xmDtxCSr-Cn2h2W5E7n_SRjL9uDruupGxXYim5xG-6L__D3E3nHgiMbTZkbQ7fdL0lM1RZaVBr4rXnKuAzhAE3EDxgrKLkhwej2a3aIZyVBnsOX4ebao_aoORZ-hmPwdvrliH0VOJ_Ypjv2pmjZ25yJsToeS5wzbQ4OYTP-bWpNCyG7Tz5RxR9KgJT4898j71nvMkPmqu8P1O3Qfi138OgQGYVt3bsvxv5AGIMp-YYJV2Ts5PNx-tmKCCXxMg_QV_AlivGB2F4mS3qlh5SlwT9Q3PhRYAvNPTGHjnezwB5ELbgVev96uT81LuWYjywDeLJJFm4OlVrP_S3YHdUr1CaUlv6aE4YnlSNWiRzvtbuzODGzH-trNswEuKS0YGubVEX4SLuw4zNrGkCY9LbJwoCme3X-I-4pubd4ird1uoneqiTyotNVkn2Grus4b9bCQDLAxDrIHg264vLIsrBYVuCaAyAh2aSdllkrLAbIaR-wUGUXraDBAlH6srCYbnXDckNJRyhu88YLJ76W-P6i_y6PXZv3hH7oMDkIW9pWQnmbY87BnycAu91fZx3_1-4lW8TFThlZsbhrCzeIZvEB9hWWVxGD_sT9hQpq224qvMtoNO-LefBqRMWz4rikI9v_TSckSirW9FXsGzDWhhXqW-hPKCBPGLeYrYmwxVo5qzXgvbnGnfbm4QDXxgzwkZdbl3pd0hE9bGh1bV57RGj-HQiGuRNlN45TVEoyvjMBqFLCZTiZM8MM
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/frettechun-xia-xi-lie-qin-zhi-shang-yan-xia-lu-ji-you.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

generate_204
tpc.googlesyndication.com/ Frame 5896
0
10 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?PnF2nw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/frettechun-xia-xi-lie-qin-zhi-shang-yan-xia-lu-ji-you.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 13:04:53 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
generate_204
tpc.googlesyndication.com/ Frame 07AC
0
10 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?eltxqw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/frettechun-xia-xi-lie-qin-zhi-shang-yan-xia-lu-ji-you.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 13:04:53 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 2C57
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220822&jk=2976872081566487&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/frettechun-xia-xi-lie-qin-zhi-shang-yan-xia-lu-ji-you.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

sodar
pagead2.googlesyndication.com/pagead/ Frame 99DA
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220822&jk=2515766910733113&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/frettechun-xia-xi-lie-qin-zhi-shang-yan-xia-lu-ji-you.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

generate_204
tpc.googlesyndication.com/ Frame B64E
0
10 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?grEWDg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/frettechun-xia-xi-lie-qin-zhi-shang-yan-xia-lu-ji-you.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 13:04:53 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ Frame E2B8
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220822&jk=1038135568532041&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/frettechun-xia-xi-lie-qin-zhi-shang-yan-xia-lu-ji-you.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

activeview
pagead2.googlesyndication.com/pcs/ Frame AD8B
42 B
64 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuE50RJQ0-0BN1QVd7rV0yDR925xh09nvrvBgfMBWYxiKzo7woKdP9LXz_CXI93VtRRsqpxqwDCcoCG1H27zDxE2DPGKDJ-UMqkVoMJMU8u3rKKQu0WBqyNGC-cwOFNWwNfrpvyBxoPsP6_0-tOkKXLwoj6t_zWceWETwCoz8DiYCbq74PSPEip8dvxL7rZpnDASHfA4k4wrjKJRx0jM-zdGTuMApeK3jhpNvOhLdOSEI9rc8Z1fa2psdEx_uos9TK5UceCUlPpepLVpOygJhiyVUbSpN67t00tSkOC_XWjKwAoe_v_VZRbqcgCA7n1F0oy3z54YNtTccck_S_e089dWf-5Tj8HAQC4y5MZDxd1aNl6bJZCoF1Nuekr5-6ZzPh_nmmSS9cIn3y-MrGPMBUYRA44cDMwFoonEM_8BPTzfriN4WDYzZxfwzTipNTdS7Q4dpJTUXntpEe_SkZBmbFkkVFodHR5WzGAA-a9aT3eYRp6qZ62KTvCL9mD3FCrfBkEA1ahinDXD3_tvamqJ7al8m-v56R9clDfXgsT8o6REdx8K-qSoao2bjnihjdjW6wZ6RPkegY3be1FK0Qk5pdf1sM1N4a1983GH4PEeR3spZVvlTrb1ygcLRRVKHwpvhYDiZZsjgT5L_PtGzqfoLI5AiQn5fWTDEyCUXi6kMJVVe_fIiO4am2mMCQoM2_67yt_2LIHPx1NUMZmpKwY5YSCw6QFqmkRve05gwtsx9TzsLmQceYsl_hqx2n9hYno96JbL9ECFkYjCdD0vPDBqetURFoTvaKilbojGqy8z_pFhyCQuCG9wFcQte3vGS4eb7PeY39e8WiNZ9X-B4m-2ujgVjJOymMqtVk802RjOXvE4Xa1_CM_qHBbhBD8tdQMsM0SRqawHIf9iO2RxycD-3PTMc-u_t3y1Yhz-TcGE845y1mU6_PM2feIzMuHrK5p-7qU6SXbdI9o9es1lyEkgXVj2wby-6bIuSi_RXgRnkGvq4HjOIrdwJKuQso8esJ_U-Yt290bOtgd6FLv90DcdBaM3pKpUEaG0SqPun4RstZVfsy3iwRmKPNmMw0ylAJpX7D6xpphDVpG-850PfItlYADnXOtVnd93qU2iwiH1UABkt634luEyaSNul8LG01EDdsiUwf1xX_GE3tFwW_j8Ww36t4rJFk&sai=AMfl-YQ2t1zVaDx-rtCvoB1xxB9sASID3t4D4udqR7Ranq0__JQKmTUGl6pgcvlxAW7SmUzTpzolLMYwugBXiQJy-B56h2eC7mG58ilb4oWjxyi42rqZ_MGooms10koWO7mUOuxugj2Hm7jg&sig=Cg0ArKJSzER5sNZSEshbEAE&cid=CAASFeRo_gDkUewsftGI8VkukmcsRYR0GQ&id=ampim&o=450,60&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=632&tls=1632&g=100&h=100&tt=1632&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/frettechun-xia-xi-lie-qin-zhi-shang-yan-xia-lu-ji-you.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Aug 2022 13:04:53 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame 3CCE
107 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 3CCE
4 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 3CCE
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
bql.php
lg3.media.net/ Frame 3CCE
15 B
159 B
Script
General
Full URL
https://lg3.media.net/bql.php?vgd_len=5410&&&vgd_l2type=sca&fp=MzA_eCVWy1eyoiNQ0FcmxukXzhqh1Z7Qt8jfS8vJBnVJ38ujkEd_oeitBxRi7HGgIkfZRs592rTGcT7SdkD9jwyDLS3IazhpfdadZHuEqwCEphT6vyh2AgJFJ5FTflyu&cme=JSsqlU6zCvbszq2VZfcmIsjDiHBH2Aa44p2MQoUXOFxMjXAbTApLdRYgXQ_jL8QBAXx6_APBfB4hwduNUVEHJs6RJH3HfOGfqOnrA3OZ4OtL9N9NJcZPdgRRHR76oMj_P_Xd4H7ecrmhYjsD2vud27oY4TNcZGUeRlT8jwFXKqTU_8adCqaHkK0Se-vX0Wr1ZRcZbBEoW1Y3rjgRSvnF_w%3D%3D%7C%7Ca0AmFUYXmD6ASqXHhJuVwQhdp4_HJdO5PL2fuJszgjo%3D%7Cxrl5Md8q4--Fy0OUtnqyq87TUqV3eBzav9_8O2wUo_jlgFwn8JB2Og%3D%3D%7Csj1-8fOEyOCcYyjx9FAvxCCsJeAEyD3U%7CHPvI3EV-G63MEr2L7gdWc_UCZnE5wL_V-lyIQFt-9f1kKeeUlKxZXeHcR3kEvyOEjpbGLrIfbZMj4yzeR7y4fkAQiHvKD2cC4PdjFE_lK5HGWoCAgqi34W1gWpeYx1_8NWyLVpaOperrjjnE45zxfawBGVuj1Ow2fHDKrPyg8jxdTRUv-XSUer6vMBWpwb_tCwXY0WspAAbSQR6hVuxHimqgDwoa9XskYLychtv2SCc%3D%7Cu8A6SM53vAdJjhazCSusZAnIl_9HqKRb%7CjyjVTouP1sOI3OR67jxweNSVYtHEv6HR%7C&v=1&geo=-33.91%7C151.2&dlper=20&lper=100&lpid=&tsid=5&q=&prv=&type=&ps=&hint=&td=&cc=AU&wsip=170785168&bca=0&ugd=4&vgd_fcic=0&vgde_setid=Nff&vgd_dnquo=01_9&ksu=224&fdkt=232&vgde_kbbh=ffoyxQJuO&kwd[]=Vitamins+for+Hair+Loss&kwt[]=232&kbc[]=a8c5cf0754323e1139b173ce42054d81.d2s&kwp[]=1&kid[]=30111142&kbc2[]=0%7C1%3D0.57%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C63%3D0.32%7C66%3D0.42%7C10%3D5.18%7C62%3D1.11%7C12%3D0.58%7C60%3D0.56%7Cps%3D0.963%7C3%3D0.09%7C4%3D4.42&ktd[]=1126174818697472&ktrkt[]=Vitamins+for+Hair+Loss&kwd[]=Best+Priced+Car+Insurance&kwt[]=232&kbc[]=a8c5cf0754323e1139b173ce42054d81.d2s&kwp[]=2&kid[]=48970281&kbc2[]=0%7C1%3D1.51%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C63%3D0.32%7C66%3D1.55%7C10%3D5.18%7C62%3D1.02%7C12%3D0.59%7C60%3D2.15%7Cps%3D0.963%7C3%3D0.76%7C4%3D4.48&ktd[]=1126174801920256&ktrkt[]=Best+Priced+Car+Insurance&kwd[]=Lettering+Styles&kwt[]=265&kbc[]=48855&kwp[]=3&kid[]=17388098&kbc2[]=1%3D0.52%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C63%3D0.32%7C66%3D1.20%7C10%3D5.18%7C62%3D1.30%7C12%3D0.41%7C60%3D0.62%7Cps%3D0.623%7C3%3D0.13%7C4%3D1.00&ktd[]=274894815488&ktrkt[]=Lettering+Styles&kwd[]=Large+Alphabet+Stencils&kwt[]=265&kbc[]=40024&kwp[]=4&kid[]=17063637&kbc2[]=1%3D0.17%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C63%3D0.32%7C66%3D1.55%7C10%3D5.18%7C62%3D0.84%7C12%3D0.37%7C60%3D0.16%7Cps%3D0.623%7C3%3D0.19%7C4%3D1.00&ktd[]=274894815488&ktrkt[]=Large+Alphabet+Stencils&kwd[]=Free+Alphabet+Worksheet&kwt[]=265&kbc[]=40024&kwp[]=5&kid[]=214925820&kbc2[]=1%3D0.51%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C63%3D0.32%7C66%3D1.55%7C10%3D5.18%7C62%3D0.72%7C12%3D0.56%7C60%3D0.50%7Cps%3D0.623%7C3%3D0.15%7C4%3D1.00&ktd[]=274894815488&ktrkt[]=Free+Alphabet+Worksheet&cid=8CUABW64L&vwid=1661605492860920198&vi=1661605492860920198&tdAdd[]=ib%3D0&vsid=3046070926835240&tdAdd[]=asnum%3D54203&vgde_test_data_struct=%7B%22EO7E8O%22%3Au%7D&vgd_cdv=784&vgd_l3_sc=NSW&vgd_chost=contextual.media.net&vgd_hb_audit_1=8CU3SX34C&vgd_hb_audit_2=529820104&vgd_refdomain=holmesmind.com&vgd_katbid=-103&vgd_pdtid=1&vgd_implt=3&vgd_l2wsip=170785168&vgd_nrrv=96642&vgd_nrrmf=1c80a&vgd_nrrsf=scrr&vgd_cty=beaconsfield&vgd_go_pid=8PO15GP54&&tdAdd[]=%7C%40%7Cabp%3A1%3A2&vgd_ifrmode=11&vgd_l1rakh=1661605491135886126&sttm=1661605492671&upk=1661605493.29876&hvsid=00001661605492671029185683526066&verid=3111299&vgd_matchstr=hr%3D0%7Cbcat%3D11%2Ca%2C13%2C47%2C14h%2C3y%2Ck2%2Cov%2Ch%2Cgo%2Ci%2Cj3%2Ci2%2C150%2C133%2C3%2C149%2C4k%2C13a%7Ccsh%3D1&sbdrId=186&vgd_ecrid=1700080812610100250025000000500&vgd_isiolc=1&vgd_fcm_enc_mis=1&pid=8PO15GP54&&abpl=2&&kbbq=%26asn%3D54203&&vgd_vstrid=3046070926835240&vgde_bdata=QOfvzxjj~8xLjMjvX9~myJLEYv9.9u~QYYMG8Ov9.9f~e8QMQOvFXf~ONfvu~QNOvzQB~eM1QzvXHf9A~ejfLMQOvf9ff9Wfh9X~8xLjMGvXuiHW.9X~xLjM7UNvu~Q7Ov~j1Q7v~e8QMxLjMGv9.uX~8EvAGB9PB~kGGv9~e8QMxLjMjvH9~L88Ex1viF%2Cu9H~J7vW~LNvu~L8Qx8Ov9%2C9~LEQMQOvf9ff9Wfh9F~e8QMGvu9A.Ah~xLjMGv9.9f~xLjM7e8vufHF~QYYMBLvAF.iW9u~xLjMjvX9~yN17vou~GGvuWF~eev9~jfLMGvu999~JLEYv9.9u~csRvuE~GYvu~QYYMQOvf9ff9Wfh9H~Q8OvXA9WuHXAWOhAJhGAkf1kf1WJfFJGAkNX~QOvu~x8Ov1gBAgzmc%2FkPQQ%2FK0f~G7OvfHfi9WFHFWAhHFhHfiAAuWiiXHAAffXhhFHXWAfiu99iihWW9Wf9Hf99fHFuFFfh99uiHFXAXuXhhFXiAif9~OfEMjvh9~AENkvu.Xh~x8Yv9~OYYMQ7LyvzmMQ7L17Jy5~OfEMGvu~myOfEMGv9.ih~exLjMGv9.uu~QQvIK~x8Bvou~NJv9~LEQMGvi.Wu~exLjMjvX9~%3DVvfhfh~z7QvA~7Gvou~N7vGJ1NmzQk8JjO~G1Q8QfvuiF~G1Q8QuvuiF~8QDJkv9~8exLjMGvW.WF~8Q8kv9~jNvA~G8Ov9.9f~ONvW~ejfLMGvu.Ah~8exLjMjvX9~QxEEj5M71yM8Ov~1YEvu~NGOEv9.9f9~OYYvzmMQ7L17Jy5~Qx8Ov%3DK4b4KVhmGGQ%2042Bx%3DGmN_R%20teN~QOvu~O7Nv1E1NMQy~-8OvKrtoExGoHHWXfAiHfXifHhWh~O1jyvzmMQ7L17Jy5~w7Yjvu~1OGjUvAAuHiuFuuX~QmGEv~N7LvA.FX9fhAh4oH~GOEN1EOv9~OYYMJLEYvk1jQJ~GkjLv9.9u9~myG8Ov9.9f9~1NM75EJvu~875EJM8Ovuh~QJjjJLM71yM8Ov~OJ7JN7JOM71yM8Ov~ONx7vu~OmyGv9ou~8GNvu~OO7vou~zQlvA~7yQvfX9-fX9%7CA99-fX9%7CAAF-fW9~GQGv9~GQEv9~7Y-vfXX&vgd_optout=0&vgd_cfud=220331&vgd_scsver=296&vgd_bhv_kbb=-1&vgd_go_ent=1&vgd_l2ch=1&vgd_rensize=250_250&vgd_scr_h=1200&vgd_scr_w=1600&vgd_ect=4g&vgd_dtc=apac_sg&vgd_mbr=1&vgd_l1rpth=%2Fnmedianet.js&vgd_pgids=1&&tdAdd[]=uiparams%3D%3Brend_w%3A250%3Brend_h%3A250&&vgd_uspa=0&vgd_sc=NSW&vgd_l1rhst=contextual.media.net&hvsid=00001661605492671029185683526066&subBdr=186&bdrid=313&rc=0&rand=1661605493382&acid=1ddbd3b1b35b4676b8bda238db3e0c75&matm=1661605493382&requrl=https%3A%2F%2Fwww.bg3.co&vgd_ltimesrc=1&vgd_ltime=2153&vgd_rtime=2140&vgd_etm=13&vgd_l1hcsd=O3m3f%7C5684&vgd_l1ch=1&vgd_lhl=3167&vgd_pgid=p12015441210t202208271304&vgd_adprefflag=11&vgd_csip=rtb-common-istio-766cd78bb4-tvmrr.SG&vgd_sbSup=1&vgd_nrrs=96642&vgd_cntrdt=SL%7CBODY%7CHTML&vgd_crefurl=https%3A%2F%2Fadx.holmesmind.com%2F&vgd_eadm=1&vgd_end=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/frettechun-xia-xi-lie-qin-zhi-shang-yan-xia-lu-ji-you.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.252.26 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-252-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=21600
server
Apache
date
Sat, 27 Aug 2022 13:04:53 GMT
ntcoent-length
15
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
max-age=46671
content-length
15
cksync
cs.media.net/ Frame 9E21
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?cs=10&google_nid=media&google_cm=1&google_hm=MzA0NjA3MDkzNjgzNTI4NjAwMFYxMA%3D%3D&google_sc=1
  • https://cs.media.net/cksync?type=g&cs=10&google_gid=CAESEIJSp7YhSOqWIfdunUnGBGY&google_cver=1
45 B
447 B
Image
General
Full URL
https://cs.media.net/cksync?type=g&cs=10&google_gid=CAESEIJSp7YhSOqWIfdunUnGBGY&google_cver=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=10&cv=31&https=1&cid=8CU2CV286&prvid=99%2C77%2C4%2C359%2C10000%2C229%2C9&itype=APPNEXUS_EXPERIMENT&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.36.252.26 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-252-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Aug 2022 13:04:53 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Sat, 27 Aug 2022 13:04:53 GMT

Redirect headers

pragma
no-cache
date
Sat, 27 Aug 2022 13:04:53 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cs.media.net/cksync?type=g&cs=10&google_gid=CAESEIJSp7YhSOqWIfdunUnGBGY&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
302
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync
cs.media.net/ Frame C18C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?cs=10&google_nid=media&google_cm=1&google_hm=MzA0NjA3MDkzNjgzNTI5ODAwMFYxMA%3D%3D&google_sc=1
  • https://cs.media.net/cksync?type=g&cs=10&google_gid=CAESEIJSp7YhSOqWIfdunUnGBGY&google_cver=1
45 B
447 B
Image
General
Full URL
https://cs.media.net/cksync?type=g&cs=10&google_gid=CAESEIJSp7YhSOqWIfdunUnGBGY&google_cver=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=10&cv=31&https=1&cid=8CU2CV286&prvid=99%2C77%2C4%2C359%2C10000%2C229%2C9&itype=APPNEXUS_EXPERIMENT&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.36.252.26 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-252-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Aug 2022 13:04:53 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Sat, 27 Aug 2022 13:04:53 GMT

Redirect headers

pragma
no-cache
date
Sat, 27 Aug 2022 13:04:53 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cs.media.net/cksync?type=g&cs=10&google_gid=CAESEIJSp7YhSOqWIfdunUnGBGY&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
302
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame 2BF5
107 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 2BF5
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
Roboto-Bold.woff
res-a.akamaihd.net/__media__/fonts/Roboto-Bold/ Frame 2BF5
24 KB
25 KB
Font
General
Full URL
https://res-a.akamaihd.net/__media__/fonts/Roboto-Bold/Roboto-Bold.woff
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/frettechun-xia-xi-lie-qin-zhi-shang-yan-xia-lu-ji-you.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
42.99.128.170 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
c8a7ea184c79a6f61c400968314d03aae7c327f03efc03603f6a3cbada7bfb9a

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 27 Aug 2022 13:04:54 GMT
Last-Modified
Mon, 16 May 2016 10:39:41 GMT
Server
nginx
ETag
"5739a36d-60f0"
Content-Type
application/font-woff
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
24816
vevent
lax1-ib.adnxs.com/ Frame B136
0
836 B
Ping
General
Full URL
https://lax1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffrettechun-xia-xi-lie-qin-zhi-shang-yan-xia-lu-ji-you.html&e=wqT_3QKGBeiGAgAAAwDWAAUBCPCsqJgGEJHjiPirvJX6GxgAKjYJexSuR-F6hD8RYVRSJ6CJgD8ZAAAAgD0Ktz8hYQ0SACkRJNAxAAAAQOF6lD8w8uzGCjj9XEDqXEjgA1Cyl_enAVi5tIoBYABotZGzAXgAgAEBigEDVVNEkgUG8GmYAXigAdgEqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AIA4ALR8FzqAk9odHRwczovL3d3dy5iZzMuY28vYS9mcmV0dGVjaHVuLXhpYS14aS1saWUtcWluLXpoaS1zaGFuZy15YW4tAR30KgFsdS1qaS15b3UuaHRtbIADAIgDAZADAJgDF6ADAaoDQRIYMTMxMzI4NjIwOTgzOTY1OTAzNV9zYmlkGhMyMDE0MzI5MzY1Njk3MDE2MjA5IgkzNTIxNzcwNzQqBU0xMTczwAOsAsgDANgD9MDEAeADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA8xNzMuMjQ1LjIwOS4xNjCoBACyBA8IABAEGHgg2AQoATAAOAK4BADABADIBADaBAIIAeAEAfAEspf3pwGIBQGYBQCgBZvwpc-Y2-6cEsAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQDgBQHwBcWUIfoFBAgAEACQBgCYBgC4BgDBBgAAAAAAAPA_0Ab54wLaBhYKEAAAAAAAABE9aAAAEAAYAOAGAfIGAggAgAcBiAcAoAcBugcPCAUaPCAAMAA4iAFAAMgHANIHDQkROAE2CNoHBgklaOAHAOoHAggA8AeY0AqKCAIQAJUIAACAP5gIAQ..&s=963088324e0f28ef8251589479f3b61381be750e&type=nv&nvt=5&jm=1003&px=5&py=300&bw=120&bh=600&sid=7274604041313388480&vd=ct~0|rr~0&sv=224&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=22132338&sw=1600&sh=1200&pw=1600&ph=10935&ww=1600&wh=1200&ft=2
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/224/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.148.251 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
893.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 27 Aug 2022 13:04:53 GMT
X-Proxy-Origin
173.245.209.160; 173.245.209.160; 893.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid
a8e2cf9a-644c-4a43-998d-b8acbbc9c4fb
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.bg3.co
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 7765
42 B
64 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst-pDwSCit79kyhks6k4KT14NBfqJQUGJAIV8a76reIVTK0mTyZvroEj1MKkWTYFeodlGaaWW9CnYQCig6Icaqj7iygxxQtIBmBuba7AaGHloFUIPuLvv8UphAo1whCmJUAh1n1qg5YLMEE8vkGkaAh57MA3ZSyh_7Cxx5-_nQe0g6MeCHeR-e-yeYOdx0lKTgDF1qiS15W9FsUhDOOF4Hbt7_Uv65-qYxD6mfIKHjRgHlhetFGcSnklhWptkTAYQr_0iVgVpFJFrXvqMvyovX__e7jFPwPLryaOIAZjAtHUEOv7CyYBzFZL_SF0bLnqCoWafPOeRPdhTg1cHcR4EFANCx2TFwu_eO_IgM83Omq24qNv_7i55WYW5s_dzDmvA69UbJ82-zfAl6ZtVSI03MnECbBVqmeTW9KWYxCqKk9EX7pO5X6Rllyr7HcI_VOe3e8Oq6tXxV2gH5QBVq_Mf3yU3n8YvbgEMo8aIfyQd7YXFWlJ3NQ3pJvZJ-nb2xd9GJP5tp6Ye_4gX2m-b5wWkzhXKSaUYdS4peSH5x7LOEb4sVf1DpkrUX7_IDgcPsZ-qJjMYjpjG0lNJUTdmfq1Fh3yqdiQHMkLO1OFhcFsfebmCQjiXr0modvLf4zBKnIcvcd3WaISkJp42HYw5JFiQFtGE5V5uD17wLZM1s2xEXfEGVxWMhPp2HWbTuFnkgHiU7pnDrST9t99xocxzyW3x1D3Ai2alu0Xcoh0uQXT3ySa3k2ORyh87ROSPMt4otDQtMs7xC8FqDE82M4nqcfePItPSX8LnE-wTlQ2IVNYyMBkVLhX_rhZUoLRtmAkgBv5rGxtNlFIlXFCc_LJhyfZyzTqjwtBi1FtINTLDU0JEmT90RhXjoURiivOmUXjK3EtHZn6ElWJHPuxJ9avmNrQ5y2ZbQIlZPIpOo_fYH4XrlPPwKeBt4YEqCBCCr1glPC0kBQ-cxqjcOLVweJmxbv0bhq4ekYVEtyamKKfJGAEQyo9bgnUd35EDU-8_w8BzF-b4zDdpbRhuAvXUxslYBIZ7JdbTSDoqB1_m3xBLUN9vctT6EVkRt_XHKfWWZV2ELhTkANUTXvdhgEMA3n4DpYREBTL9i_ezzljrS2sVP4gw73ftwIRHnzA9myHtHQ0n8BRvS_f0pYiPPNkmeWrBqirq7ljTOrij6uNoQ&sai=AMfl-YS9kvsLwzT-FOwMQG_L8r4qW963CZOmSuKfWUMWVg3pfiOE_kqEWa4eoMx9STRGewi32p9Zep7yoQ4of-B4AVKvKR6pDUV7ttx-qKDuh29TGnnjkRLaHSzmedJSTtwC5iZje0SE2OTv&sig=Cg0ArKJSzAX91f4G59chEAE&cid=CAASFeRooWFLr0WWnJe1UXPsbYsaD2JDcw&id=ampim&o=436,1110&d=728,90&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=1030&tls=2030&g=100&h=100&tt=2030&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/frettechun-xia-xi-lie-qin-zhi-shang-yan-xia-lu-ji-you.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Aug 2022 13:04:53 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 9EED
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220822&jk=2976872081566487&bg=!kpGlkdXNAAYUOm8VNDo7ACkAdvg8Wg-3_TxKZTkKbkZ-8inKPb6Woo2RYCuWXLEEAmwvqyoHbVLyGAIAAADGUgAAAAJoAQcKAKFfIrUQSzfiKuz4d1pv_KqGF0L1YGjBEzVgj3xrj8520igEuvFklPAejyzgKvFGEBpROR6_I1MmXxTXaA1ik4XTMvmkWC_gGz6zbXbbyYjjjV7T2dBBq5Qs0W6df3CuKsG4PMcM4uzaaxoxUfVJ7AhU2fPxfefu-X8KISIlQBn1pB0GAhrYyRAkRgcLCKUjtzQjWe7pGdhwvMEzMmwjZTcoUZkC3AAWZ-R6KTixVat80h_7_-G9n3kOG_Mo28pF9Xr6OIC4dxcpRK_SYbaKN7pzO85tIW84PWiggP5Y3Ww87g1sXxYxrDIyUNlpyuD5pBlN95QsS_nnfLSqZCuoxhGFSOue98x5HFomzFDRzzoagF9KwMStkBkMuPhOxdxF1mfY81WNk9b8ZLfq_O_-lppQNbJUdpHVKgZcYD-ZVjgpah4scZ6IGm79TINNGWY2hPqVdfTqvUfT_hNcSw_LRI4Co0EFrIOO3Azn5Bw4J7cZ7_uakkN8HUqNXxTdsP3TP-MKsQpBjG9dTTTv1Y-NzRnEY95niru10Reh2AtBysuty9I_qvF-XLmT5O_MaqIpBKVolJIUsyT49A1B5v-nSxUW8a0qZk2ZXXMIufyZZT7WVNm4m4pejHLPE8mR9COIZZA8z8HXwR3TxQZyGmAhmH4PLVJvLTTj2-isAA41MCYXbkHiIMi5P6-mN2Hf8cbhLtIDV38D7wk1CmlTbaqFOlJ8Jni4A-wj7oIrzbqukDxl-YG45YhBr3P2TRxIJbEmqqi79t9eT4mb2VmNH_yIlon3AFUWCqGX3J9uXSerumk0Ueg7tl6FqBWZZ0SWdgpOPyUC2UdQpw6ZF6QJo9daxctuGDwbuduKdETBNp5FF5bVBsqcsKMfwSrLXlyAp6DBiVwngo-09_Z5PIoJ42MHpVXs_J7f1guhxgi69moLypvJxVa_rSsS5UbeAUs6IiBzjvyePftg1lNeDcn_tGNXx2iExf9YT8P3Gju6sfn2m_nDF7nTk0Hy9qwExwVqmxvjauqdQJuGbESG3htIwvW6aSBpwRCYlW1O7i2GvVQiFZmFQ2JKg7NadUcqBgTCzkHJScVrS_FTwIik1tNvfN73HJH5UREcfRmP5CrflkE_TBex4i2UAbFiYyP-51nuI87vQf5zGaIhmjDkJmFEkk-Dnn1PiSSiLh-lHpnN-eO8HOgZuA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/frettechun-xia-xi-lie-qin-zhi-shang-yan-xia-lu-ji-you.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

sodar
pagead2.googlesyndication.com/pagead/ Frame 0179
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220822&jk=1038135568532041&bg=!SUqlSg7NAAYUOm8VNDo7ACkAdvg8WshakH5AZRvG3m_cSqCbOOtmr8A2kpcWVHux0rWHYsCUHRGG4gIAAAC6UgAAAAJoAQeZAuSexjMg0Y2z2YVgqth9mKUH5zPBTt3Cu4HC-y6mdvAfulne_8LOPuJi04BN3vU-USzICmRwbZO6o0_3U3czhssp8Stre2rasWaCqGHfjWHkiw3M7mvA56GHrU_GZ4sreu30Qslu8vtXhH2kQlc-EhUHnoj5GzeUlZgJ4GGdV1clxESysu2YBVuuggMg8izBG51T4dl6AV-G_dfwa9BRn5nkvKScj1ETtWxURCz_RRg_ELW3N9OVWBPLFbuLVtqsDDlO4wu2805U2TMRzSmtlH9jiq-x5a01_VBbCPpsdir6g4lGy2NJaVY5HswhkxSdj1TRaceG6fFtpi-I1J13OT6fIO39vVe2Msh9IwGXI0NKMYRftyEeBtEQUcQ6W7UkSBQkKmuQx_qocYUGPOPfNWhfOxrtG_BGu49cWdP05k_9tCqgFbnTGGsMLJ-tl_kzl2sjPlMLwgfnXCNa-irnZ-rBmV9iuoT2jz2H2-HmpCNYhHNTp0kDWqps0hm4g84MuKmSRBkgUGGQOlplhCId1nzvfTdsMe5lKsj474ijtADqEBonMnf9Q2F8RZqyOpgdgQecNZt4x5SVvsduxEsG7Q0KyaiUin8GUs_426gwJVt9OWiuBfVw5H5p7xFxQuDy1U4z8Rkpkzhnt4rwnozXmLkcoFpigtVWp5vaHGu9QdbYPFdKrngfvKfobJAgNt0VH-GQi5m7e_s2YDGwJsHdpeZpJ7477X7MK2pxt6TSqLtKmuaFxATU1I6PNcok70WSFTxxqzmmGOvHagm8aIdxS8WJetfAfNTo1AkvMecppzCHxTBFLW37DAQkBfNphL2XpQGWCF2ouGDd9abXtKL9MhzqS0wxBQBnplbXnUneIxsNaniv_8JQuJJgtIVlRatdcTt2t_UBumIufmrdR1kliuYX5lfiMOjVz4ZeVFTykNB-HcDCrTN4CqHda6A4e8TQplkc3LABauVyO9cX4lGwJLnNiJL9dw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/frettechun-xia-xi-lie-qin-zhi-shang-yan-xia-lu-ji-you.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

sodar
pagead2.googlesyndication.com/pagead/ Frame 142A
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220822&jk=2515766910733113&bg=!-_il-LzNAAYUOm8VNDo7ACkAdvg8Wlb30nDGzoY4iraM4C7dafn6_ncat80VfyJRvAbEUjldeSUrUAIAAAB-UgAAAAJoAQeZAqklsUjLpmMCes3M6OdQT0Z52o7ApWIwyy1Ut3efOwEvrK0jKIfWvBe8D-6kYJQzxcwEK1YkjAJNLpOBn9IwsA2u3u2hkhfqQWkUA6wd55EgDlNzH_YBmZtBfS6s0UnFiO-h2nv-gNKxULaIG_QFlRZWceQdu0ZqIMQ85PZPLZubHvng5441QShsRrczwtyijdwV6Hgt_U2-HUDjKlsN7pCYhwZXlZ5JFyd0dQS24M7tzNQrIxu--9isgeAV_YSGupILmMtr9DcryjOqUySfRXo_CdE_MeEt4OTYPvjLdTAh5VAxsdNkZYzJ8XpP0XLQEcCHxABsUoh5jW29lOBI0LYAOgts8uEzj5T6iW2RR8vh2gwYbDI1bWBvlSE3uyeBJzglDcpQCZEOc7Cn4uPma6bpPspR2YLCAOLcuF8d9xxGT-5wVzx8I27Un2ujdIGUMIjyvVcgVk_whHi0ILCbpGaN3E9E0QwoL0bW0isSdceUrY1TEKTKu8JNro2cv0rxSKUHcTy-xQIlAMIM33Tw48ZvHquTD3sNSKMPg7i-zcn3AlmBvQkdji_gT91L-dc7jAXls-QbcQ0_ba8ZsF07zuhsj04a0DJ-rDEpjvs9hWGhG6v2Y7aymIXpHVS3Vg8ZXMKN0TkIwD9zFskXmVUrOWQYMu5HSs6BybNqe7duitsagnh_EpsI2dFbRmuJmBJSCKMTwsR9DYxU7o_NPauCphtgVcHLftdHfbMeCXa7Ly2cgPX1CEyUWvhEyjAMr1qh59vEXPTLDleSh978Tg1WvnsZa0ngBare8OQ5BC9wlfs8w9ZvZlzsVuvfCvnUjVdjnRo5WKhCGSxqTEawn5n_QeuLovxQg3VnOmGhQ6TH1rOFY_ddtmdb43oE12LjkAE8vlIhV5JVgSnpUiU
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/frettechun-xia-xi-lie-qin-zhi-shang-yan-xia-lu-ji-you.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

log
hblg.media.net/ Frame B136
35 B
194 B
Image
General
Full URL
https://hblg.media.net/log?log=kfk&evtid=adplog&&lmt_enf=true&req_mtype%3C%3E=0&mx_nsz=1&spSource=0&insl=0&ifst=0&vid=1313286209839659035&s_city=los+angeles&ugd=4&bcat%3C%3E=IAB14-1%23%23IAB7-39&exp=ssProfile%3D0%7Csfl%3Dfalse%7CssBucket%3D0%7Cbfl%3D-100%7Csch%3D1%7Cclt%3D2%7Cfl_rl%3D1%7Ckbb_se%3D1%7Cdbr%3D1%7Ctpi%3D1&app=0&ctr=-1.0&mx_TAF=2&device_id=4&ae=false&mx_UCC=1&prspt=headerBid&mx_bss_algos%3C%3E=0&usp_status=0&seat=BID_API&og_cbdp=0.010&size=120x600&mx_TAS=1&mx_gpid_sent=false&xtmax=148&commit_id=d0280a84&scrid=352177074&itypeid=21&mx_SPRIG=0&viewability=79&renderer=0&be=0&rtime=24.0&adj0=0.0&tmax=150&s_ip=104.254.150.138&adj2=0.0&adj1=0.0&adtypes=0&mx_aabpc=0&reqid=1313286209839659035&sc=NSW&mowxReqId=90cf79fb388642a2bf17d320ccedbb0f_1&ifdp=0&requrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffrettechun-xia-xi-lie-qin-zhi-shang-yan-xia-lu-ji-you.html&bidrestime=1661605488816&pv_adtype=0&cc=AU&strg=NO_STRATEGY&pcrid=8CU4JWBS7-781214713-35-1&coppa_enf=true&devmodel=Unknown&bdp=0.010&ct=Beaconsfield&spIsReq=3&s=1&abs=0%7C0%7Cxtmax%3D148%7CNO_STRATEGY%7Cbrr%3D1&mx_epbc=8CU4JWBS7&dnt_enf=false&mx_ssBucket=0&vls=0&asn=54203&mang=1&fleet=common&mx_isLossNtf=false&advUrl=https%3A%2F%2Frelated.360topics.com&dn=bg3.co&dt=O&acid=90cf79fb388642a2bf17d320ccedbb0f&actltime=47&act=headerBid&iframingState=0&mx_lr_seg_deal=1&dfpBd=0.01&sckfl=0&dmm_erpm=false&mx_lr=0&coppa_applied=N&mview=1&smbrid=11901&bfs=103&rfc=-1&prvApiId=8CU4JWBS7&epcexp=false&pubid=pub-appnexus-exp&mx_bsProfile=0&cid=8CU2CV286&bcrid=352177074&omul=1.0&res_mtype=0&apPrfs%3C%3E=62%23%2313%23%2361&chnl=NO_STRATEGY&pst=0&reqsize=120x600&adpos=0&itype=APPNEXUS_EXPERIMENT&mx_g_one_uid_sent=None&user_data_cnt=0&spCst=0&mx_sid=8CU4JWBS7&tgtval=pub-appnexus-exp&__expireat=1661606089091&dnt_status=N&reftype=0&viewability_vendor=EXCHANGE&prvAccId=781214713&ckfl=0&lper=1&mx_tgs=120x600&dummy_vsid=false&cbdp=0.01&pvdTmax=104&ltime=30.0&epc=781214713&prvReqId=72252282246795_138604127_75211561241&zip=2015&exid=31&spFst=0&mx_GCID=0&cliIPType=v4&pexid=APPNEXUS_EXPERIMENT-1800859&ybnca_erpm=0.01&brsrclk=0&sbdrid=196&rtttime=58&apTags%3C%3E=75&mx_PC=1&wsip=mowx-ff548b566-8r7bk&currsrc_date=2022-08-26+00%3A00%3A00&mx_divid=22132338&geoll=false&omid=0&debug_ts=2022-08-27+13%3A04%3A48&mx_ssProfile=0&devbrand=Unknown&mx_SC=0&reftime=15000&pbidflr=0.000&spbf=0&currsrc=API&fpusp=false&mnrfc=-1&moau=true&ocurr=USD&stagid=22132338&snm=SUCCESS&mx_IAB2=0&usp_enf=0&bidflr=0.000&coppa_status=N&incentive_type=0&skadidfl=0&pid=8PR113JGC&spTo=3&ecp=0.09&pvid=4&schain_cmpl=1&is_ortb=true&mx_aurl_hc=0&ucrid_ver=2&mx_maq_call=false&mx_uid_sent=0&mx_sbp=-10.0&mnrf=0&slotVisibility=0&dbf=1&gdpr=0&dmm_ogerpm=false&csip=rtb-common-77ffd8d77f-g4slh.LA&mx_bsBucket=0&mx_aurt=0&spIvt=3&dsid=22132338&ptype=23&media=0&acsn=1&dtc=west_la&mx_aqcpl_crid=4&ogbdp=0.01&tpbTkn=false&fpuReq=1&vcmplrt=-1.0&crid=752115612&geo_source=2&sat=1&mnet_ckfl=0&dfpDiv=22132338&opbidflr=0.000&impId=2014329365697016209&rme=adm&bdata=sd2%3Dnull~iurl_l%3D40~ogerpm%3D0.01~vw_exc%3D0.79~smm_bid%3D0.01~vis_sd%3D654~dc2%3D1~scd%3Dnsw~v_asn%3D54203~vl2r_sd%3D2022082706~iurl_b%3D5509.95~url_tkc%3D0~std%3D22132338~MP%3D.*tech.*~last%3D~vis_url_b%3D0.99~ip%3D3bw0X6~fbb%3D0~vis_url_l%3D30~riipua%3D1%2C1~et%3D24~rc%3D1~rps_sd%3D2022082707~vis_b%3D997.99~url_b%3D0.18~url_tvi%3D0~smm_wr%3D43.1777~ecp_eer%3D9~url_l%3D40~gcat%3D-1~bb%3D196~vv%3D0~l2r_b%3D1000~erpm%3D0.01~MFB%3DB~bm%3D1.05~smm_sd%3D2022082704~sid%3D12948fd0fab38e7f7d124a8d9506e143~sd%3D0~uid%3Df2daDTzDjEaMKA4hA~btd%3D242893839924056638882556428602181621569999897251187488849696732796512682007669964800~d2p_l%3D50~3pcf%3D326.15~uim%3D0~dmm_strg%3Dno_strategy~d2p_b%3D1~ogd2p_b%3D0.99~vurl_b%3D0.35~ss%3DNA~uiw%3D-1~ce%3D0~rps_b%3D26.16~vurl_l%3D30~CI%3D2727~nts%3D1~MP2%3D.*tech.*~tb%3D-1~ct%3Dbeaconsfield~basis2%3D196~basis1%3D196~isRef%3D0~ivurl_b%3D2.85~PF%3D0~isif%3D0~lc%3D3~bid%3D0.01~dc%3D8~vl2r_b%3D0.51~ivurl_l%3D30~supply_tag_id%3D22132338%7Eviewability%3D0.79016%7Ecbdp%3D0.010%7Edmm%3Dno_strategy%7Esuid%3D%7Einsl%3D0%7Edtc%3Dwest_la%7Edalg%3Dno_strategy%7Ehtml%3D1%7Esobp%3D%7Ebdpcapd%3D0%7Edmm_erpm%3Dfalse%7Ebflr%3D0.000%7Eogbid%3D0.010%7Eitype_id%3D21%7Eseller_tag_id%3D22132338%7EcarrierId%3D0%7Edcut%3D1%7Edogb%3D0-1~ibc%3D1~ddt%3D-1~nsz%3D1~tgs%3D120x600~bsb%3D0~bsp%3D0~tmx%3D104&utime=4058&sf=0&cpr=0.2625703094358358&evttyp=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/frettechun-xia-xi-lie-qin-zhi-shang-yan-xia-lu-ji-you.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.252.26 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-252-26.deploy.static.akamaitechnologies.com
Software
Jetty(9.4.35.v20201120) /
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Aug 2022 13:04:54 GMT
server
Jetty(9.4.35.v20201120)
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Sat, 27 Aug 2022 13:04:54 GMT
json
gum.criteo.com/sid/
0
0

rid
match.adsrvr.org/track/
108 B
647 B
XHR
General
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1661278076254.v6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
6846ec8e3f7ed8d061fcb4b2ac3e57a63d21dd885d2e71e012266269a591bd8c

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 27 Aug 2022 13:04:54 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
108
expires
Mon, 26 Sep 2022 13:04:54 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame 6BD5
52 KB
17 KB
Document
General
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1661278076254.v6.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 -, , ASN (),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
29793
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sat, 27 Aug 2022 13:04:54 GMT
ETag
W/"623de86a-cf34"
Expires
Wed, 03 Aug 2022 04:41:10 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
1, 38991
X-Served-By
cache-lga21978-LGA, cache-syd10139-SYD
X-Timer
S1661605495.567696,VS0,VE0
checksync.php
contextual.media.net/ Frame 8625
36 KB
12 KB
Document
General
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1661278076254.v6.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.195.152.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
f7062c98fda4d3b0023264ee0eeb56825e6ad1154ca6f7c399b1219ba65cc82e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
11782
content-type
text/html; charset=UTF-8
date
Sat, 27 Aug 2022 13:04:54 GMT
expires
Mon, 29 Aug 2022 13:04:54 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
ixmatch.html
js-sec.indexww.com/um/ Frame A2E6
0
0

/
onetag-sys.com/usync/ Frame 31CA
0
0
Document
General
Full URL
https://onetag-sys.com/usync/?cb=1661605488670
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1661278076254.v6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.79.234.100 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip100.ip-51-79-234.net
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
sync.html
public.servenobid.com/ Frame 299F
0
0

sync
eb2.3lift.com/ Frame 2A81
Redirect Chain
  • https://eb2.3lift.com/sync?
  • https://eb2.3lift.com/sync?&ld=1
0
0

usync.html
eus.rubiconproject.com/ Frame 4B98
0
0

pd
u.openx.net/w/1.0/ Frame 24C8
532 B
636 B
Document
General
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1661278076254.v6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
ce49f5315b30be52bd5f8f9a41a0d9abe35fd9fa7650d24d168b1966d7342003

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
324
content-type
text/html
date
Sat, 27 Aug 2022 13:04:54 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
json
gum.criteo.com/sid/ Frame
0
0
Preflight
General
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.bg3.co
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Sat, 27 Aug 2022 13:04:53 GMT
expires
0
pragma
no-cache
server-processing-duration-in-ticks
1063
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
cs
ad.turn.com/r/ Frame 24C8
0
0

sd
us-u.openx.net/w/1.0/ Frame 24C8
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=306a1fb4-426c-77c4-e22e-61287e827b4c&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=66eb5718-c2c5-41f9-847a-03a744a00fbc&ttd_puid=306a1fb4-426c-77c4-e22e-61287e827b4c&gdpr=0&gdpr_consent=
43 B
257 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=66eb5718-c2c5-41f9-847a-03a744a00fbc&ttd_puid=306a1fb4-426c-77c4-e22e-61287e827b4c&gdpr=0&gdpr_consent=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Aug 2022 13:04:54 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 27 Aug 2022 13:04:54 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=66eb5718-c2c5-41f9-847a-03a744a00fbc&ttd_puid=306a1fb4-426c-77c4-e22e-61287e827b4c&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
335
sync_before
tg.socdm.com/rtb/ Frame 24C8
0
0

3
cr-p3.ladsp.jp/cookiesender/ Frame 24C8
0
0

pixel
cm.g.doubleclick.net/ Frame 24C8
170 B
189 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MWMwNWNjN2UtOGIxYi0yOTYwLWY3Y2UtM2I5MWI0NjBiNTJj
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Aug 2022 13:04:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 24C8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIU0ei6o5MVEs-35n9Y5400&google_cver=1
0
0

bql.php
lg3.media.net/ Frame 2BF5
15 B
159 B
Script
General
Full URL
https://lg3.media.net/bql.php?vgd_len=5557&&&vgd_l2type=sca&fp=mXXCGSbyQ02SUlFVFMqlVDiAN0zwTFN-XbYT9H3RFxLnP4_IygMA-ZnpNch5ZxglRJvEJdFdmu1DH_R2x6ulkuKRQA9NyGTbh3UWQv3hlg7cqx5dPCZwyddZ4nOdQol6&cme=Hlzsn5Wuk_tVcJVq2Ug_hJdXnM_ZoWv2fRfg4Sq1lv7X3kxDkQL1axZK0XpJewrBMoAFg-mFWTfU4-dTu-7uqo8Sj0Z9NbaTFTVvx2J1iod8h6i2eu-Y2TD5Np5nExUyeRM3XlLSKZf7jtZXfHuRHQWKeNQUdvzIQkQ0TQ8RYDYQo7X_LcyyJTTwfQwYppIFfNIJBT8nzXs6UVz5hf78zg%3D%3D%7C%7CnrAhJd-HtFdyM14nRvTXI4kLiS0DJrj-LLzXftIhXpPhWisSJ7dXYCQRbrUvoxPfhbJ8Agguuw9bxZFTE2UM6cWyh8ex_pRuma9smOqcY0RF4ksjbvPdhQ%3D%3D%7Csj1-8fOEyOCcYyjx9FAvxCCsJeAEyD3U%7CRvFXxLzDEkSmWM8qdSNB_Gihhnpi2bXdas2iOTNOLnawMF4m7k38skcca_KGPnsZBObOP1HqLvtdI-0K-JrHcpSKSylpO6hftImul3iNzz4QD9NjWt-z3trx0zLvqessgy1IGHT41Iht3Lo30OmRAo2TX6v5JDBG6prVUZWyn9eZgr1H0eXoHdlPyhTnIB-g5yc6x-l8w5gX9xD6sh6veba-7Qtm7Snn5bkrzQtwHwE%3D%7Cu8A6SM53vAfcrpZuel3W3DwMTuFdyyxb%7CR0pGwT-1wLcnervD5TbKub4gKhjiBXnT%7C&v=1&geo=-33.91%7C151.2&dlper=20&lper=100&lpid=&tsid=3&q=&prv=&type=&ps=&hint=&td=&cc=AU&wsip=170785139&bca=0&ugd=4&vgd_fcic=0&vgde_setid=Nff&vgd_dnquo=01_9&ksu=224&fdkt=240&vgde_kbbh=ffoyxQJuOu99&kwd[]=Best+Cryptocurrencies+to+Buy&kwt[]=240&kbc[]=a8c5cf0754323e1139b173ce42054d81.d2s&kwp[]=1&kid[]=329544111&kbc2[]=1%3D0.16%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C10%3D5.27%7C66%3D1.55%7C60%3D0.31%7C63%3D0.32%7C62%3D1.75%7C12%3D0.07%7Cps%3D0.413%7C3%3D1.10%7C4%3D3.58&ktd[]=274894815488&ktrkt[]=Best+Cryptocurrencies+to+Buy&kwd[]=Best+Priced+Car+Insurance&kwt[]=240&kbc[]=a8c5cf0754323e1139b173ce42054d81.d2s&kwp[]=2&kid[]=48970281&kbc2[]=1%3D1.21%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C10%3D5.27%7C66%3D1.55%7C60%3D1.66%7C63%3D0.32%7C62%3D1.02%7C12%3D0.53%7Cps%3D0.413%7C3%3D0.67%7C4%3D3.64&ktd[]=274894815488&ktrkt[]=Best+Priced+Car+Insurance&kwd[]=Value+of+My+Used+Car&kwt[]=240&kbc[]=a8c5cf0754323e1139b173ce42054d81.d2s&kwp[]=3&kid[]=29672219&kbc2[]=1%3D0.91%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C10%3D5.27%7C66%3D1.55%7C60%3D0.91%7C63%3D0.32%7C62%3D1.33%7C12%3D0.73%7Cps%3D0.413%7C3%3D0.48%7C4%3D2.75&ktd[]=274911592704&ktrkt[]=Value+of+My+Used+Car&kwd[]=Vitamins+for+Hair+Loss&kwt[]=240&kbc[]=a8c5cf0754323e1139b173ce42054d81.d2s&kwp[]=4&kid[]=30111142&kbc2[]=1%3D0.56%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C10%3D5.27%7C66%3D0.42%7C60%3D0.56%7C63%3D0.32%7C62%3D1.11%7C12%3D0.55%7Cps%3D0.413%7C3%3D0.11%7C4%3D3.72&ktd[]=274911592704&ktrkt[]=Vitamins+for+Hair+Loss&kwd[]=Online+Gaming&kwt[]=112&kbc[]=&kwp[]=5&kid[]=21238501&kbc2[]=&ktd[]=&kwd[]=Social+Networking&kwt[]=112&kbc[]=&kwp[]=6&kid[]=26415966&kbc2[]=&ktd[]=&kwd[]=Health+and+Fitness&kwt[]=112&kbc[]=&kwp[]=7&kid[]=13428339&kbc2[]=&ktd[]=&kwd[]=Cheap+Laptops&kwt[]=112&kbc[]=&kwp[]=8&kid[]=5669430&kbc2[]=&ktd[]=&cid=8CU4JWBS7&vwid=1661605492230080506&vi=1661605492230080506&tdAdd[]=ib%3D0&vsid=3046070936835270&tdAdd[]=asnum%3D54203&vgde_test_data_struct=%7B%22EO7E8O%22%3Au%7D&vgd_cdv=784&vgd_l3_sc=NSW&vgd_chost=contextual.media.net&vgd_hb_audit_1=8CU2CV286&vgd_hb_audit_2=752115612&vgd_katbid=-102&vgd_pdtid=1&vgd_implt=3&vgd_l2wsip=170785139&vgd_nrrv=96642&vgd_nrrmf=1c80a&vgd_nrrsf=scrr&vgd_cty=beaconsfield&vgd_go_pid=8POGBHUQ8&&tdAdd[]=%7C%40%7Cabp%3A1%3A2&vgd_ifrmode=10&vgd_l1rakh=1661605491169804570&sttm=1661605492894&upk=1661605493.5256&hvsid=00001661605492894029185683527255&verid=3111299&vgd_matchstr=hr%3D0%7Cbcat%3Dh%2Ci2%7Ccsh%3D1&sbdrId=196&lineitemid=4&vgd_ecrid=352177074&vgd_isiolc=1&vgd_fcm_enc_mis=1&pid=8POGBHUQ8&&abpl=2&&kbbq=%26asn%3D54203&&vgd_vstrid=3046070936835270&vgde_bdata=QOfvzxjj~8xLjMjvH9~myJLEYv9.9u~eBMJ-Nv9.hi~QYYMG8Ov9.9u~e8QMQOvFXH~ONfvu~QNOvzQB~eM1QzvXHf9A~ejfLMQOvf9ff9Wfh9F~8xLjMGvXX9i.iX~xLjM7UNv9~Q7OvffuAfAAW~c0v.*7JNw.*~j1Q7v~e8QMxLjMGv9.ii~8EvAGB9tF~kGGv9~e8QMxLjMjvA9~L88Ex1vu%2Cu~J7vfH~LNvu~LEQMQOvf9ff9Wfh9h~e8QMGviih.ii~xLjMGv9.uW~xLjM7e8v9~QYYMBLvHA.uhhh~JNEMJJLvi~xLjMjvH9~yN17vou~GGvuiF~eev9~jfLMGvu999~JLEYv9.9u~csRvR~GYvu.9X~QYYMQOvf9ff9Wfh9H~Q8OvufiHWkO9k1GAWJhkhOufH1WOiX9FJuHA~QOv9~x8OvkfO1r_lrd41cCKHwK~G7OvfHfWiAWAiifH9XFFAWWWfXXFHfWF9fuWuFfuXFiiiiWihfXuuWhHWWWHiFiFhAfhiFXufFWf99hFFiiFHW99~OfEMjvX9~AENkvAfF.uX~x8Yv9~OYYMQ7LyvzmMQ7L17Jy5~OfEMGvu~myOfEMGv9.ii~exLjMGv9.AX~QQvIK~x8Bvou~NJv9~LEQMGvfF.uF~exLjMjvA9~%3DVvfhfh~z7Qvu~c0fv.*7JNw.*~7Gvou~N7vGJ1NmzQk8JjO~G1Q8QfvuiF~G1Q8QuvuiF~8QDJkv9~8exLjMGvf.WX~0sv9~8Q8kv9~jNvA~G8Ov9.9u~ONvW~ejfLMGv9.Xu~8exLjMjvA9~QxEEj5M71yM8OvffuAfAAW~e8JB1G8j875v9.hi9uF~NGOEv9.9u9~OYYvzmMQ7L17Jy5~Qx8Ov~8zQjv9~O7NvBJQ7Mj1~O1jyvzmMQ7L17Jy5~w7Yjvu~QmGEv~GOEN1EOv9~OYYMJLEYvk1jQJ~GkjLv9.999~myG8Ov9.9u9~875EJM8Ovfu~QJjjJLM71yM8OvffuAfAAW~N1LL8JLVOv9~ONx7vu~OmyGv9ou~8GNvu~OO7vou~zQlvu~7yQvuf9-F99~GQGv9~GQEv9~7Y-vu9H&vgd_optout=0&vgd_cfud=220401&vgd_scsver=296&vgd_bhv_kbb=-1&vgd_go_ent=1&vgd_l2ch=0&vgd_rensize=120_600&vgd_scr_h=1200&vgd_scr_w=1600&vgd_ect=4g&vgd_dtc=west_la&vgd_mbr=1&vgd_l1rpth=%2Fnmedianet.js&vgd_pgids=1&&tdAdd[]=uiparams%3D%3Brend_w%3A120%3Brend_h%3A600%3Bwin_w%3A1600%3Bwin_h%3A1200&&vgd_uspa=0&vgd_sc=NSW&vgd_l1rhst=contextual.media.net&hvsid=00001661605492894029185683527255&subBdr=196&bdrid=4&rc=0&rand=1661605493712&acid=90cf79fb388642a2bf17d320ccedbb0f&matm=1661605493713&requrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffrettechun-xia-xi-lie-qin-zhi-shang-yan-xia-lu-ji-you.html&vgd_x_pos=5&vgd_y_pos=300&vgd_ren_page_h=10935&vgd_ltimesrc=1&vgd_ltime=2831&vgd_rtime=1968&vgd_etm=14&vgd_l1hcsd=O3m3f%7C5684&vgd_l1ch=1&vgd_lhl=2867&vgd_pgid=p1360947487t202208271304&vgd_adprefflag=01&vgd_csip=rtb-common-77ffd8d77f-g4slh.LA&vgd_sbSup=1&vgd_nrrs=96642&vgd_cntrdt=SL%7CDIV-google_ads_iframe_%2F103512698%2C22574853003%2F22579309510_0__container__%7CDIV-STICKY_ADP_42753_120X600_104b282a-bd11-4d8d-ad64-0492063b6cba&vgd_eadm=1&vgd_end=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/frettechun-xia-xi-lie-qin-zhi-shang-yan-xia-lu-ji-you.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.252.26 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-252-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=21600
server
Apache
date
Sat, 27 Aug 2022 13:04:54 GMT
ntcoent-length
15
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
max-age=46670
content-length
15
sync
gum.criteo.com/ Frame 8625
0
0

multi-sync.html
secure-assets.rubiconproject.com/utils/xapi/ Frame 6AF0
0
0

cm
p.rfihub.com/ Frame BC52
0
0

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame BD4F
0
0

getuid
ib.adnxs.com/ Frame 8625
0
0

cksync.html
contextual.media.net/ Frame 8625
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3046070936835270...
  • https://contextual.media.net/cksync.html?cs=8&vsid=3046070936835270000V10&type=opx&refUrl=&vid=16054946553046070936835270000V10&ovsid=f846762b-e96c-4d24-8161-1f46cc6de990
0
0

rmp1r1
sync.1rx.io/usersync2/ Frame 8625
0
0

ping_match.gif
pm.w55c.net/ Frame 8625
0
0

usersync.aspx
dis.criteo.com/dis/ Frame 8625
0
0

sync
x.bidswitch.net/ Frame 8625
0
0

/
b1sync.zemanta.com/usersync/medianet/ Frame 8625
0
0

sync
rtb.mfadsrvr.com/ Frame 8625
0
0

um
cs.emxdgt.com/ Frame 8625
0
0

async_usersync
ib.adnxs.com/ Frame 6BD5
0
0

bqi.php
lg3.media.net/ Frame B136
0
0

vevent
lax1-ib.adnxs.com/ Frame B136
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
hb-api.omnitagjs.com
URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffrettechun-xia-xi-lie-qin-zhi-shang-yan-xia-lu-ji-you.html&CanonicalUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffrettechun-xia-xi-lie-qin-zhi-shang-yan-xia-lu-ji-you.html&PublisherDomain=https%3A%2F%2Fbg3.co%2F
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEO5aT6Pe2U1Fdld7kUIuFfw&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
Domain
gum.criteo.com
URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&cw=1&pbt=1&lsw=1
Domain
js-sec.indexww.com
URL
https://js-sec.indexww.com/um/ixmatch.html
Domain
public.servenobid.com
URL
https://public.servenobid.com/sync.html
Domain
eb2.3lift.com
URL
https://eb2.3lift.com/sync?&ld=1
Domain
eus.rubiconproject.com
URL
https://eus.rubiconproject.com/usync.html
Domain
ad.turn.com
URL
https://ad.turn.com/r/cs?pid=9&gdpr=0
Domain
tg.socdm.com
URL
https://tg.socdm.com/rtb/sync_before?proto=openx
Domain
cr-p3.ladsp.jp
URL
https://cr-p3.ladsp.jp/cookiesender/3
Domain
us-u.openx.net
URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIU0ei6o5MVEs-35n9Y5400&google_cver=1
Domain
gum.criteo.com
URL
https://gum.criteo.com/sync?r=2&c=321&gdpr=0&gdpr_pd=0&gdpr_consent=&us_privacy=&j=window.advBidxc.mnetRtusId
Domain
secure-assets.rubiconproject.com
URL
https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=medianet
Domain
p.rfihub.com
URL
https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3046070936835270000V10%26type%3Drkt%26refUrl%3D%26vid%3D16054946553046070936835270000V10%26ovsid%3D%7Buserid%7D
Domain
ads.pubmatic.com
URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3046070936835270000V10%26type%3Dpba%26refUrl%3D%26vid%3D16054946553046070936835270000V10%26ovsid%3DPM_UID
Domain
ib.adnxs.com
URL
https://ib.adnxs.com/getuid?https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3046070936835270000V10%26type%3Dapx%26refUrl%3D%26vid%3D16054946553046070936835270000V10%26ovsid%3D%24UID
Domain
contextual.media.net
URL
https://contextual.media.net/cksync.html?cs=8&vsid=3046070936835270000V10&type=opx&refUrl=&vid=16054946553046070936835270000V10&ovsid=f846762b-e96c-4d24-8161-1f46cc6de990
Domain
sync.1rx.io
URL
https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3046070936835270000V10%26type%3Dr1%26refUrl%3D%26vid%3D16054946553046070936835270000V10%26ovsid%3D%5BRX_UUID%5D
Domain
pm.w55c.net
URL
https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3046070936835270000V10%26type%3Ddxu%26refUrl%3D%26vid%3D16054946553046070936835270000V10%26ovsid%3D_wfivefivec_
Domain
dis.criteo.com
URL
https://dis.criteo.com/dis/usersync.aspx?r=115&p=259&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40
Domain
x.bidswitch.net
URL
https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1
Domain
b1sync.zemanta.com
URL
https://b1sync.zemanta.com/usersync/medianet/?cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3046070936835270000V10%26type%3Dzem%26refUrl%3D%26vid%3D16054946553046070936835270000V10%26ovsid%3D__ZUID__
Domain
rtb.mfadsrvr.com
URL
https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=3046070936835270000V10
Domain
cs.emxdgt.com
URL
https://cs.emxdgt.com/um?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3046070936835270000V10%26type%3Demx%26refUrl%3D%26vid%3D16054946553046070936835270000V10%26ovsid%3D%24UID
Domain
ib.adnxs.com
URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Domain
lg3.media.net
URL
https://lg3.media.net/bqi.php?vgd_len=2983&lf=3&&vgd_hb_audit_1=8CU2CV286&vgd_hb_audit_2=752115612&vgd_l2type=sca&pid=8POGBHUQ8&katbid=-102&katen=1&cme=Hlzsn5Wuk_tVcJVq2Ug_hJdXnM_ZoWv2fRfg4Sq1lv7X3kxDkQL1axZK0XpJewrBMoAFg-mFWTfU4-dTu-7uqo8Sj0Z9NbaTFTVvx2J1iod8h6i2eu-Y2TD5Np5nExUyeRM3XlLSKZf7jtZXfHuRHQWKeNQUdvzIQkQ0TQ8RYDYQo7X_LcyyJTTwfQwYppIFfNIJBT8nzXs6UVz5hf78zg==||nrAhJd-HtFdyM14nRvTXI4kLiS0DJrj-LLzXftIhXpPhWisSJ7dXYCQRbrUvoxPfhbJ8Agguuw9bxZFTE2UM6cWyh8ex_pRuma9smOqcY0RF4ksjbvPdhQ==|sj1-8fOEyOCcYyjx9FAvxCCsJeAEyD3U|RvFXxLzDEkSmWM8qdSNB_Gihhnpi2bXdas2iOTNOLnawMF4m7k38skcca_KGPnsZBObOP1HqLvtdI-0K-JrHcpSKSylpO6hftImul3iNzz4QD9NjWt-z3trx0zLvqessgy1IGHT41Iht3Lo30OmRAo2TX6v5JDBG6prVUZWyn9eZgr1H0eXoHdlPyhTnIB-g5yc6x-l8w5gX9xD6sh6veba-7Qtm7Snn5bkrzQtwHwE=|u8A6SM53vAfcrpZuel3W3DwMTuFdyyxb|R0pGwT-1wLcnervD5TbKub4gKhjiBXnT|&gdpr=0&prid=8PRVCXX19&cid=8CU4JWBS7&crid=781214713&requrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffrettechun-xia-xi-lie-qin-zhi-shang-yan-xia-lu-ji-you.html&vi=1661605492230080506&ugd=4&cc=AU&sc=NSW&bdrid=4&subBdr=196&startTime=1661605492888&l2type=sca&vgd_l1rakh=1661605491169804570&l1ch=1&sttm=1661605492894&upk=1661605493.5256&hvsid=00001661605492894029185683527255&acid=90cf79fb388642a2bf17d320ccedbb0f&verid=3111299&vgd_bdata=sd2%3Dnull~iurl_l%3D40~ogerpm%3D0.01~vw_exc%3D0.79~smm_bid%3D0.01~vis_sd%3D654~dc2%3D1~scd%3Dnsw~v_asn%3D54203~vl2r_sd%3D2022082706~iurl_b%3D5509.95~url_tkc%3D0~std%3D22132338~MP%3D.*tech.*~last%3D~vis_url_b%3D0.99~ip%3D3bw0X6~fbb%3D0~vis_url_l%3D30~riipua%3D1%2C1~et%3D24~rc%3D1~rps_sd%3D2022082707~vis_b%3D997.99~url_b%3D0.18~url_tvi%3D0~smm_wr%3D43.1777~ecp_eer%3D9~url_l%3D40~gcat%3D-1~bb%3D196~vv%3D0~l2r_b%3D1000~erpm%3D0.01~MFB%3DB~bm%3D1.05~smm_sd%3D2022082704~sid%3D12948fd0fab38e7f7d124a8d9506e143~sd%3D0~uid%3Df2daDTzDjEaMKA4hA~btd%3D242893839924056638882556428602181621569999897251187488849696732796512682007669964800~d2p_l%3D50~3pcf%3D326.15~uim%3D0~dmm_strg%3Dno_strategy~d2p_b%3D1~ogd2p_b%3D0.99~vurl_b%3D0.35~ss%3DNA~uiw%3D-1~ce%3D0~rps_b%3D26.16~vurl_l%3D30~CI%3D2727~nts%3D1~MP2%3D.*tech.*~tb%3D-1~ct%3Dbeaconsfield~basis2%3D196~basis1%3D196~isRef%3D0~ivurl_b%3D2.85~PF%3D0~isif%3D0~lc%3D3~bid%3D0.01~dc%3D8~vl2r_b%3D0.51~ivurl_l%3D30~supply_tag_id%3D22132338%7Eviewability%3D0.79016%7Ecbdp%3D0.010%7Edmm%3Dno_strategy%7Esuid%3D%7Einsl%3D0%7Edtc%3Dwest_la%7Edalg%3Dno_strategy%7Ehtml%3D1%7Esobp%3D%7Ebdpcapd%3D0%7Edmm_erpm%3Dfalse%7Ebflr%3D0.000%7Eogbid%3D0.010%7Eitype_id%3D21%7Eseller_tag_id%3D22132338%7EcarrierId%3D0%7Edcut%3D1%7Edogb%3D0-1~ibc%3D1~ddt%3D-1~nsz%3D1~tgs%3D120x600~bsb%3D0~bsp%3D0~tmx%3D104&matchstring=hr%3D0%7Cbcat%3Dh%2Ci2%7Ccsh%3D1&vgd_matchstr=hr%3D0%7Cbcat%3Dh%2Ci2%7Ccsh%3D1&vgd_sc=NSW&lineitemid=4&infr=1&stime=1661605491760&vgd_ecrid=352177074&l1hcsd=l1!O3m3f|5684&vgd_l1rhst=contextual.media.net&vgd_uspa=0&vgd_isiolc=1&pvl=%7B%22dtc%22%3A%22west_la%22%2C%22mbr%22%3A1%2C%22l1rpth%22%3A%22%2Fnmedianet.js%22%2C%22pgids%22%3A1%7D&vgd_fcm_enc_mis=1&l2ch=0&vgd_pgid=p1360947487t202208271304&vgd_pgids=1
Domain
lax1-ib.adnxs.com
URL
https://lax1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffrettechun-xia-xi-lie-qin-zhi-shang-yan-xia-lu-ji-you.html&e=wqT_3QKGBeiGAgAAAwDWAAUBCPCsqJgGEJHjiPirvJX6GxgAKjYJexSuR-F6hD8RYVRSJ6CJgD8ZAAAAgD0Ktz8hYQ0SACkRJNAxAAAAQOF6lD8w8uzGCjj9XEDqXEjgA1Cyl_enAVi5tIoBYABotZGzAXgAgAEBigEDVVNEkgUG8GmYAXigAdgEqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AIA4ALR8FzqAk9odHRwczovL3d3dy5iZzMuY28vYS9mcmV0dGVjaHVuLXhpYS14aS1saWUtcWluLXpoaS1zaGFuZy15YW4tAR30KgFsdS1qaS15b3UuaHRtbIADAIgDAZADAJgDF6ADAaoDQRIYMTMxMzI4NjIwOTgzOTY1OTAzNV9zYmlkGhMyMDE0MzI5MzY1Njk3MDE2MjA5IgkzNTIxNzcwNzQqBU0xMTczwAOsAsgDANgD9MDEAeADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA8xNzMuMjQ1LjIwOS4xNjCoBACyBA8IABAEGHgg2AQoATAAOAK4BADABADIBADaBAIIAeAEAfAEspf3pwGIBQGYBQCgBZvwpc-Y2-6cEsAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQDgBQHwBcWUIfoFBAgAEACQBgCYBgC4BgDBBgAAAAAAAPA_0Ab54wLaBhYKEAAAAAAAABE9aAAAEAAYAOAGAfIGAggAgAcBiAcAoAcBugcPCAUaPCAAMAA4iAFAAMgHANIHDQkROAE2CNoHBgklaOAHAOoHAggA8AeY0AqKCAIQAJUIAACAP5gIAQ..&s=963088324e0f28ef8251589479f3b61381be750e&type=pv&jm=1003&px=5&py=300&bw=120&bh=600&sf=1&sid=7274604041313388480&vd=ct~0|rr~5&sv=224&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=22132338&ft=2

Verdicts & Comments Add Verdict or Comment

96 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| adpushup object| ucfad_async object| AMP object| adRecover object| AMP_CONFIG object| AMP_EXP object| __AMP_LOG function| HTMLElementOrig object| __AMP_ERRORS object| __AMP_MODE function| __AMP_REPORT_ERROR object| __AMP_TOP object| __AMP_SERVICES object| __AMP_URL_CACHE object| __AMP__EXPERIMENT_TOGGLES boolean| __AMP_TAG object| __AMP_EXTENDED_ELEMENTS function| __AMP_BASE_CE_CLASS function| setImmediate function| clearImmediate object| ucf object| request string| paramsString undefined| $ undefined| jQuery function| jqAlias number| ampAdSlotIdCounter string| currentState object| __AMP_EXPERIMENT_BRANCHES object| goog_identity_prom string| __AMP_DEFAULT_BOOTSTRAP_SUBDOMAIN number| ampAdGoogleIfiCounter object| gaGlobal number| ampAdPageCorrelator object| googletag object| _apPbJs object| hbAnalytics object| adpTags object| google_reactive_ads_global_state object| _apPbJsChunk object| _pbjsGlobals object| mnet string| nobidVersion object| nobid object| Criteo object| listeningFors number| 3pla object| ap_link_preview_states object| apLinkPreviewUtils object| apEuCountries object| _qevents object| google_ad_modifications number| google_global_correlator object| google_prev_clients function| quantserve function| __qc object| ezt object| _qoptions function| qtrack boolean| descriptionPage object| ggeac object| google_tag_data boolean| google_plmetrics object| google_js_reporting_queue object| dataLayer function| gtag undefined| google_measure_js_timing object| google_tag_manager function| onYouTubeIframeAPIReady object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| criteo_pubtag object| criteo_pubtag_prebid_117 object| Criteo_prebid_117 object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| _mNDetails number| lnt_z

40 Cookies

Domain/Path Name / Value
.aralego.com/ Name: sspid
Value: 7a062bef-2227-3322-8e5c-bd51fa577a3d
www.bg3.co/ Name: __AP_SESSION__
Value: 3cf912c7-32fc-4aaf-886c-37a12675745a
.aralego.com/ Name: euconsent-v2
Value:
.aralego.com/ Name: gdpr
Value: 1
www.bg3.co/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.bg3.co/ Name: _pubcid
Value: e3c620ed-ebeb-4833-b8f8-a9c01aa548b1
.adpushup.com/ Name: ap_uid
Value: d464e7d0-2608-11ed-9165-000d3ac6927e
.adpushup.com/ Name: ap_usid
Value: d464e7d1-2608-11ed-9165-000d3ac6927e
.openx.net/ Name: i
Value: e3c620ed-ebeb-4833-b8f8-a9c01aa548b1|1661605488
.prebid.a-mo.net/ Name: __amc
Value: 1_1661605488_1661605488
.a-mo.net/ Name: amuid2
Value: 44fe1ebd-2645-4685-9ce3-0d5870692cba
.prebid.a-mo.net/ Name: sd_amuid2
Value: 44fe1ebd-2645-4685-9ce3-0d5870692cba
.adnxs.com/ Name: icu
Value: ChgIm_VtEAoYASABKAEw8KyomAY4AUABSAEQ8KyomAYYAA..
.adnxs.com/ Name: uuid2
Value: 4935468557941728842
.rubiconproject.com/ Name: khaos
Value: L7BX08OU-X-8AVE
.rubiconproject.com/ Name: audit
Value: 1|WD0cx+9RTMI8yurx69PghLUyebV3a1stBl74NJeAz/mzyunf5g0dsy5zFwEio2Ja4HEYI5ehIrUHstlW8EOOMtzpQ7vzkXQ/
.bg3.co/ Name: __gpi
Value: UID=00000921b21e0a69:T=1661605489:RT=1661605489:S=ALNI_MZWy2XmVIb8LH6Oam0Pug0_O4MZ5A
www.bg3.co/ Name: qcSxc
Value: 1661605489415
.teads.tv/ Name: tt_viewer
Value: 1ec59416-f578-4060-9ad0-7981a77eb5d2
.quantserve.com/ Name: mc
Value: 630a1671-7fa5d-dc07f-39800
.bg3.co/ Name: __qca
Value: P0-1406094425-1661605489412
.doubleclick.net/ Name: IDE
Value: AHWqTUm4TiwYRzL6OYXitQ1EHk-3SXczqX0kulq8JPSJUi0nW3jLKWfh8-pnk0a5FZY
.bg3.co/ Name: _ga_Z0TZ7TDHS1
Value: GS1.1.1661605490.1.0.1661605490.0.0.0
.bg3.co/ Name: _ga
Value: GA1.1.1212040557.1661605490
.bg3.co/ Name: __gads
Value: ID=385c6467c989c131:T=1661605489:S=ALNI_MZb3oZ0N64Xv2Bnk6eGdOfu3ghTSg
.adsrvr.org/ Name: TDID
Value: 66eb5718-c2c5-41f9-847a-03a744a00fbc
.casalemedia.com/ Name: CMID
Value: YwoWdcgTHpa4MY-Qthh88QAA
.casalemedia.com/ Name: CMPS
Value: 845
.casalemedia.com/ Name: CMPRO
Value: 845
.ctnsnet.com/ Name: cid_c89c7a3f0b8e4016a450508ba983961d
Value: 1
.ctnsnet.com/ Name: gid_CAESEBlEfmoRojelpEWjhS8yGno
Value: 1
.adsrvr.org/ Name: TDCPM
Value: CAEYBSABKAIyCwi0j97p7o2EOxAFOAE.
.pubmatic.com/ Name: KTPCACOOKIE
Value: YES
.media.net/ Name: visitor-id
Value: 3046070936835270000V10
.lijit.com/ Name: ljt_reader
Value: FN0wBGZHBZ1CRQpZSYWmhGjd
.pubmatic.com/ Name: KADUSERCOOKIE
Value: A2A4C7F0-6CD5-4512-8DFF-A1297C84F74C
.media.net/ Name: data-ttd
Value: 66eb5718-c2c5-41f9-847a-03a744a00fbc~~1
.casalemedia.com/ Name: CMTS
Value: 267
.inmobi.com/ Name: idsp_c
Value: 6a26be16-e21c-4dde-a4a6-af2ed49b5e73
.media.net/ Name: data-g
Value: CAESEIJSp7YhSOqWIfdunUnGBGY~~10

8 Console Messages

Source Level URL
Text
network error URL: https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffrettechun-xia-xi-lie-qin-zhi-shang-yan-xia-lu-ji-you.html&CanonicalUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffrettechun-xia-xi-lie-qin-zhi-shang-yan-xia-lu-ji-you.html&PublisherDomain=https%3A%2F%2Fbg3.co%2F
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
other warning URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-22152624563774328125&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=3509&oid=2&is_amp=5&amp_v=2208121708000&d_imp=1&c=63845009983&ga_cid=amp-6-J3JV8ln4DyLWd_OBUk5w&ga_hid=9983&dt=1661605487417&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffrettechun-xia-xi-lie-qin-zhi-shang-yan-xia-lu-ji-you.html&bdt=2499&dtd=292&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
network error URL: https://cdn.adpushup.com/42753/L2EvZnJldHRlY2h1bi14aWEteGktbGllLXFpbi16aGktc2hhbmcteWFuLXhpYS1sdS1qaS15b3UuaHRtbA==.json
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://rtb.adxpremium.services/openrtb2/auction
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
network error URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4126554779393986&output=html&adk=1812271804&adf=2253520751&plat=1%3A520%2C2%3A520%2C8%3A512%2C9%3A520%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1049088%2C32%3A32&format=0x0&url=https%3A%2F%2Fadx.holmesmind.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661605491651&bpp=3&bdt=465&idt=295&shv=r20220822&mjsv=m202208250101&ptt=9&saldr=aa&nras=1&correlator=1605525451437&frm=8&ife=1&pv=2&ga_vid=188311204.1661605492&ga_sid=1661605492&ga_hid=200177508&ga_fc=0&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=713434785&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31069064%2C31069172%2C31064018&oid=2&pvsid=1038135568532041&tmod=1100051554&uas=0&nvt=1&top=https%3A%2F%2Fwww.bg3.co%2F&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=4&bc=31&ifi=1&uci=1.ynnhoub56t0m&fsb=1&dtd=316
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4126554779393986&output=html&h=280&slotname=4923695364&adk=3446667921&adf=552093739&pi=t.ma~as.4923695364&w=336&fwrn=16&psa=0&format=336x280&url=https%3A%2F%2Fadx.holmesmind.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661605491654&bpp=2&bdt=468&idt=332&shv=r20220822&mjsv=m202208250101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=1605525451437&frm=8&ife=1&pv=1&ga_vid=188311204.1661605492&ga_sid=1661605492&ga_hid=200177508&ga_fc=0&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=713434785&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31069064%2C31069172%2C31064018&oid=2&pvsid=1038135568532041&tmod=1100051554&uas=0&nvt=1&top=https%3A%2F%2Fwww.bg3.co%2F&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.b8wzoz5z7vhe&fsb=1&dtd=337
Message:
Failed to load resource: the server responded with a status of 403 ()
other warning URL: https://cdn.ampproject.org/rtv/012208081650000/v0/amp-ad-exit-0.1.mjs(Line 1)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://cdn.ampproject.org/rtv/012208081650000/v0/amp-ad-exit-0.1.mjs(Line 1)
Message:
Unrecognized feature: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

662c115c0e3ccb5729ad6c5f93c0b573.safeframe.googlesyndication.com
934150ba64037595b99cf76f8cc62da6.safeframe.googlesyndication.com
a.teads.tv
acdn.adnxs.com
ad.turn.com
adpushup-d.openx.net
ads.aralego.com
ads.as.criteo.com
ads.pubmatic.com
ads.servenobid.com
adservice.google.com
adservice.google.com.au
adx.holmesmind.com
ap.lijit.com
aplogger.adpushup.com
b1sync.zemanta.com
bidder.criteo.com
cat.sg1.as.criteo.com
ccd5150b2641588b54634302df65e07b.safeframe.googlesyndication.com
cdn.adnxs.com
cdn.adpushup.com
cdn.ampproject.org
cdn.aralego.net
cdn.jsdelivr.net
cdnjs.cloudflare.com
cm.g.doubleclick.net
code.jquery.com
contextual.media.net
cr-p3.ladsp.jp
cs.emxdgt.com
cs.media.net
csm.as.criteo.net
d-984379383978768384.ampproject.net
delivery.adrecover.com
dis.criteo.com
e3.adpushup.com
eb2.3lift.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gum.criteo.com
hb-api.omnitagjs.com
hblg.media.net
htlb.casalemedia.com
ib.adnxs.com
image6.pubmatic.com
ius.ctnsnet.com
js-sec.indexww.com
lax1-ib.adnxs.com
lg3.media.net
match.adsrvr.org
mweb.ck.inmobi.com
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
pix.as.criteo.net
pixel.quantserve.com
pm.w55c.net
prebid-server.rubiconproject.com
prebid.a-mo.net
prebid.media.net
public.servenobid.com
pxl.qccerttest.com
qsearch-a.akamaihd.net
res-a.akamaihd.net
rtb.adxpremium.services
rtb.mfadsrvr.com
rtb.sg1.as.criteo.com
rules.quantcount.com
secure-assets.rubiconproject.com
secure.quantserve.com
securepubads.g.doubleclick.net
ssum-sec.casalemedia.com
static.bg3.co
static.criteo.net
sync.1rx.io
sync.aralego.com
tg.socdm.com
tlx.3lift.com
tpc.googlesyndication.com
u.openx.net
us-u.openx.net
warp.media.net
www.bg3.co
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
ad.turn.com
ads.pubmatic.com
b1sync.zemanta.com
cm.g.doubleclick.net
contextual.media.net
cr-p3.ladsp.jp
cs.emxdgt.com
dis.criteo.com
eb2.3lift.com
eus.rubiconproject.com
gum.criteo.com
hb-api.omnitagjs.com
ib.adnxs.com
js-sec.indexww.com
lax1-ib.adnxs.com
lg3.media.net
p.rfihub.com
pm.w55c.net
public.servenobid.com
rtb.mfadsrvr.com
secure-assets.rubiconproject.com
sync.1rx.io
tg.socdm.com
us-u.openx.net
x.bidswitch.net
103.229.10.211
104.16.87.20
104.17.25.14
104.18.19.126
104.211.156.162
104.254.148.251
104.254.151.68
104.26.2.91
104.26.5.103
104.45.178.220
13.227.254.108
13.227.254.119
13.76.45.37
135.125.163.79
142.250.4.132
142.251.10.156
142.251.12.113
142.251.12.147
142.251.12.157
142.251.12.97
145.40.89.200
151.101.1.108
172.217.194.155
172.253.118.132
172.253.118.94
172.253.118.95
182.161.73.129
182.161.73.132
182.161.73.135
182.161.73.136
182.161.73.141
182.161.73.142
182.161.73.145
182.161.73.148
209.191.163.152
209.58.188.181
23.195.152.23
23.195.153.54
23.36.252.26
23.72.44.183
34.107.148.139
35.186.193.173
35.244.159.8
35.72.150.84
42.99.128.160
42.99.128.170
42.99.140.161
42.99.140.201
46.137.217.248
51.79.234.100
52.223.40.198
52.51.145.107
52.84.251.100
64.120.88.131
64.74.236.191
67.199.150.81
69.16.175.10
69.173.158.65
74.125.130.155
74.125.200.154
74.125.24.132
74.125.24.156
74.125.24.157
74.125.24.94
84.17.37.44
0054b3a920f40c3dce6071d17392be43591699d507882788f429bb8db7d3f570
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
0346ab5a96c6a4791857bc561062e9fc4a4da217e313a346301a3cca9d4d4e92
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
07572f31a00b1843fc6d9a1eb3155eaf2a46089213d6740f302cf34f83738040
07c9514d479841e0d951c676a6953e57ae21c38e5600994ed208b8fdf694d199
085ea12022594c152e1b5494e17c136399352cef86fae9228e0ac91109c5670f
0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0962992388017b566b3a129965a7dcd3da217015293874236154b9d4613f176e
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c58544061d214763994239abcbcdcce90e8701e1d8ae99677d1d5b004f84083
0cd9528219ef70262bf6d74aaf63531acf8e2ab42f97aa8c3dd16981715c8114
0eca7e79db55f3157420b914bf536d0a110490409d178d41159bfa242b486ee3
112440d87c2f699e23fd61a0e6a408cd84ae1a5ed31350afb0b2a7e27a626e04
1357c86a4e45e3952db994d4675927cb7b2f86c24b79d06df1e6b569e59c3d48
14cfb5058acaf3af2f07088f1582f29941d7a4cc74fd1cea5050cecad862d154
15446508429de64433a71df2c087fe46a64ce0acaae7cc3fea16863f87533fbe
17d2a9596b37d5d8c0e8b46eda67f51c04e05703e5619deff979d5ef50563e91
18a6fc4b79a6db4fba28c841d4268c65e3a1a501d89424a02af57419e23ca280
19cafd6b3b7d4a9749f727caa20956e00a703103be6289d325954f03b15a4c1a
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced
1c877b4b7e75bf2c8432415bb762ed9bfc73830abf68497eff686fcc9fa44f9f
1e14ddde632bad66a3f79d6dc2c6a212d3b1b5cd8100cb6b73984b8797c5ed86
1f858d8299192b5ca34af0690afa23f1dac2beece41926a34f1709bfbc4ef37a
21902e4026c2f774fbd13f64845d6fd3a823c1ea64ee93e76a9fe06a49a74711
25fcf0806bf713ff336d57c035de6c134c3df5e45571cae6bc6330e0d7541b20
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16
26a4252e292a4f69e01c0ea9b8055c61ef1fb66f59164bcf68c1a7e0cc96f45f
2e01e1a85b9fe90e524e05f308d43d9046322bd507c6cfcfe155a84f04001fb9
310d6154eb3b7f4dd01b96460cf6e2c15612455be57a900a85632965bb2f9aca
326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347
3378135f525fc551ce49d2c117e9967735794757a4c71910d8c1b8fa38bf3f2c
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6
36df198b5853cb6a659189147fadeb7e4a8939bce04a509d7cc8c8d77327ff17
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
40b5f6acfe971488e28b4570d0b485406d6a56cbdf45e86f0df9b1f040eb6d0d
418697da4b44e32914ee7bd55cd76f4357482f63e5300f4933b376e783049721
41f36457d5ec5bd7d115c29bea53e0d1ff77de7418837ef39e897f3b7d497e8a
4242b94ce98cb9817eadddce9155e017482314faeca6213ba2e8c7bbdd2ed0c0
426672611bbbc647117d08bde6639d92d1e87f0c28396dcd455acb8b7b6fee2f
436258a61b89ee88ab203ef06fd731594564a0abc0c02dbdf48984f962911ee2
45421b1117999f41f0a77836862ef980fced68b7ef2187e52a69f9498c5d0394
48b36b1879dbd6ce673a05b43b340a10f4c8232553f0897d9ccd97303bce0512
4b1cd67cf729be0ce796042faf438acea34dcbcf8fc36379614abc4416ab243a
4bb41cfdf507ba614e8f2a51a78f3dd68f519196db9d9cb052167ce3463f4316
4dc189b45c6485c80edecc3b8b60fdd033b1408ec6e11fa940f4ac977a8d8904
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
548d272b46050f15d85562546e94c5488be5789930c34b019be8e553aa9c995d
54c1ea9ca5901b92a1ab310900602091458061c2773de65f9001907efe7f54c6
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
57ba9c79273602051bd0fa9f6dcd52a3f199dc59f134308efeeaad35424b8311
5b75fc97f12153262c1bea6a3f0a55292f0238da4e4f312946a7482aa128ac35
5c6e81664d4eceb22dec97dcfdf650d9043fe61c43c6a0bcfb8cb545a3bb6317
5c78e1a303886cac32f78421019b58a14d3b74d8eb268802db33e6437d4b7923
5d3ec097e4d388b45acf79691a9b664ab7a18cd0f115ebc40dd2c3b057675cd0
5f8d71069d619040e5ea451d199616bf459fb1ebc73e2e5a5ade04b3c0f6d405
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62303a8bdeeab2dd019e885346daaf8ede1130860dc8a81015a24b1d45c0668a
655af67ebe93f6012d7326e7bdee1359cacba6e681f757dd56c54cd4bbf78569
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
680a29be3f13a3483a4194555684bdcc7064476c95da922cc011af5b26e8153d
6846ec8e3f7ed8d061fcb4b2ac3e57a63d21dd885d2e71e012266269a591bd8c
695071987c12a1ad595b0bff4d16ef2b43401b5bb83bb67a64b854d3089b8ea1
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6d22d62449376f9a0b47bab525f433d016f962f7e5507641d25ab86e9f0fb246
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088
6dd09c80d743e5c5e9bd8ab6ceed8f1a48d40e914681043e0cacd30f584ec1df
70fa25d0cd4744b6b91054ad55e3e931dad31cc85915b13e33e4e674426c7cc1
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
72f1d89a509fe4d5299f212708cfd03ae7987d73a9148ae660575414afdc9ecc
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658
73cebcd1f01c0af24cf0b3dfdc4989de4feed5f04fc5d399f6096d5194201400
740ffa5ffc4ed6a504bcc5f6f9fe5bcd3af393bf1a3d621944bac18722075553
76c183c04077fce70fc2db1992cb7c178c323d5a9ba54300fa3d773b50e2a1af
7756d206dc3ead613edcff96d9a65e380e24c1dd9c973425762d0628bfc3faaf
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
7a84b4e7610de90beff7f1efea51e39aaf7ca64e3996a2479fc3aadba1601515
7a8e969e32d42428484be3c622fb81717c6a213ec2db7fb068c46614bb8c6115
7e1d89a2853fa4deb7da5d312fc314996980c1e8d6c603fe8aff8b825e451bab
7f45d8142061f8f4202823f6f63a809d0f99783ef6958407e14166538b80632c
7fb70ba34e95710c4ca6e83db74f6adf908bb3d2d193c4b4f17b4dbf550bc354
7fbe43670adc1b1355a02414c9a7568e7bc75a72c90521dace689a6adc62e380
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8492f3fc13f89700f09e8a96308911979a6289be084af2c497ea54dbd7dd7f5f
85df6a888180aa37ac71991e22dc32db0800b427df7aa8a52321a463743f3137
85e0d236edb3aa4832ad8f75bf295bcc6ece1e607b0d74707776eb12f8034ad2
8a0c1c270cb5596a9d3173f7c23568083fc137d184179101e02a54ed205b2853
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8ae78cfe6ee6192120b022cb3c00d586542309c4b88076fe6f12c0f7ef65f015
8b37c9eae1b2195454bbe1e66949dbb6e685610435bae8d8f5c0ffc4a057f643
8bac9c023fad9d6721b69f7fe5cfbd0da812fd66ec2c428ae4a141cc44f2e4e9
8c03afe161b10b51214f2528481a2d43a401b5df3a5597613e4212348309b8eb
8c2bd1ef66bd7bf19048d1caeb635ec749de0b96f86580bc16242aa9d9f56dd8
8c4ad01d08f0011b7d553e918c6d359cdbe076e847d074adad1fe0f8c557333b
8d0377b1685d345fd261f141bfae113c9e8135fc805c73a659d3a786f928512b
8d200dc372fb333c0ca488fba2a569a686cbf5f1ba0cc0544a4a8c96a4f91de3
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f2cf341750d3b307949d4aeaf4822e6747548779aed9d4e9f251bf0a3741cd2
8fee654b0181484237a2ef15cafbb05b9672af9839c16bbf93a7e47b93fef884
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5
968012b3a49390a10d31c6d36b2aab796ec167a83378b5f9787756ee7cb035c5
968de6d4e2b0a1aab3bbec4ecad8ee920c6dd1fb87a7d96965c34aa75dd3ddf8
96ee24d7663a687fdc56a25bd030c0f39488914a1a3af94df7fd28cb7e4846d7
97c27ca9d701c1bc25d74a3891f924013a985448df21029e41e484d1642032c2
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b3eae4292163b775684350c0ecd69b5c054a27a11b702736c54068d07541c54
a0959a3ef0c2403f6026292415a5ecd2f9eabf8d11ff040609eb8c5d88734810
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a23f3ab75520683eca1f3dd55eabd046fa3eb1757df256d7e6fc8a7c5ca2ce28
a262a5112396b9c0482177af06d68b939c66fcd4600fd6f89467e7131662741c
a290667465aa84f46612254766040676178b0e3159da30729d1fe455c38ec05e
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a3091ebecde91deb56d669ff7133df84f03b3b03bc1865d79ea285931bd59c55
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4a38aa390f7121eddf5ead56cd065be2d1a21dc1d2849a5878d7f78c6c99dfd
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a8993772c9eb591474f38d257bebc8c4286703e1af72d04c8c294be5fff7b649
a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87
aa446b1f105b20f07c49f55c8ea00ef9bc42d7f0c5f747319823f00a480ff7f6
ac75a3a92e9c575d688506eb5ae2ea99b56978554ec7f869fd3c07c07975b946
ad60e3be7f4d97123ac3615e2f7230d09ac303d67025d91cf12c19777081628a
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
afb64c0ac0ff75a8ede1c6c9d9cd7065b3bbf7f98b7bc25ab4079aa04354414f
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc
b37bd059a2794987b85d962dab8732d3f4a9df0ef8ebf9767131949e1f2198d5
bb6c8503e3a93e9a64147ebf3438ed7981d4309f92c25611fe9b029d9fa044cf
c29926b9ad980ae58538fa8aa23b29a626379d648d4f31270af5fac26e724c15
c3ca3f47ae641ef3f739380d5807f6ff7e7790170c80746ec722cb5809589c5a
c453de61916f32a1ea1d3962ed9f59c1b3b0e0ffa3f05fa1781d3cb07fecc44e
c643d21f6601f5e7342c02e57504609a3d55fad8bc167f5b09e9b0b9400bab2f
c652cb3dcc3b49133285c42c49b296c3a3af4f9fceffde1022a6e3539e2422b1
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
c8312a2de149eff593e775bde3266115e41d074a592cf91a2b0f636a0c293ecf
c8a7ea184c79a6f61c400968314d03aae7c327f03efc03603f6a3cbada7bfb9a
c93237ed2d3ea7fd72f147acd808dc55ac1645c54d4f75c1aaf6dd5b24c26a75
cbcdb4c75801db2fc6e6686038fd68c3512f262c3e256ef1df50978975a699e5
ce49f5315b30be52bd5f8f9a41a0d9abe35fd9fa7650d24d168b1966d7342003
ce888eff79ddf55f5aec373177d152da27406a08145668aea1e1fea0844e2638
d1555f710e3e03e1b2a96c77e01a8d363d3d2617884e6a42f2dd7211c1b4dc07
d2e5722cf0b8d8df31200550801d755733c56d9ca2758b7041fbed009e0c9d08
d7689a57b0416971095f20696868bcb7a23d9797bd19917709e794bc51058730
d9d0eba257f42eb63ae63882963492f2810f431e7f9fba85de1eef04a90cad49
da4085030009e98daf6eb2656f5fae35c7a3bb947e1a290ddbb20581cc2678b9
dc4764cec9d43cd7e2fc41759b4fcca5dd0e466d6b772d9d5269e93f8f229cd5
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
df25595198d8e23e02a255be79b6a61b60fab15b874df949ba894c9997f1fdab
dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26
dfa30c002ae349bd9deea49bba12643d4f45ce804ec09a6ea72597094f26efa4
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e144e8b6ee619780391596ee29839469ce3f0914740edf0a6e42e109ab003f21
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e44bf64365025aa3e687241dfda1dee8a8e0e2a6586d5005fd666986923eead5
e7a634c391e048608f5b2ff3d634b0353e516bd3f627cb84c03c45729631c9ff
e813a8d8d41c0dbdc33020ad6ef27d16afd2b590ceeb998e267409c8f666b829
e8d8bfd98539e33026741ab2c3c67de7d218f6bfe4ac2b2d5a76270e4a045f66
ec61d9fd1b3609a3a53f377ed07059c3dc7d2cb1502022e0623b4ebc1ea0f35e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1e691269432cba8bed2110866d1a1a67546edcb41cb7e9f5e3fc9de6736a59e
f219e67bb11c9a8f7b89e0e4913886e5a272afd176bdf1eebe4ca1a84a9e16ab
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f635632e2628ccd042ca87a2c91b47aba7e93229144d513527b98654669ad2b3
f64003cbe1aab2a61268e31c2e1d062ee24c5babd4f205c1879b6534dd2960b1
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f68da585bb661e8001ba4c70e8ada2ccc64dfffac368fd8c514d2f1cf2cadcf2
f7062c98fda4d3b0023264ee0eeb56825e6ad1154ca6f7c399b1219ba65cc82e
f7555cb46baf7c93d1b7947f5ce8ac2c61e67a5b201ebd720befde8ffd6fc47c
f805a9e156dd05799e3f01a02726beb1830c39a30c85003581f4b4069d43e997
f897d8b843023a9b619bea24c98a05bd57dc9771de8f0ab63ef66c0a038ab14c
fbb779a7370a139fb31695b848086c585e83ce2ee4f4633d6a47d8020ed39edd
fd862efe970dbc8b2bc627771371f5d92be3bb7eadaa95c2b30f5561fd36c872
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e