urlscan.io logo urlscan.io
SecurityTrails logo

www.bg3.co Open in urlscan Pro
84.17.37.44  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.bg3.co/a/lu-pei-pian-tai-ren-ai-bai-bai-zou-chun-xiang-fang-chang-jia.html
Submission: On August 28 via manual from US — Scanned from AU
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 98 IPs in 9 countries across 107 domains to perform 512 HTTP transactions. The main IP is 84.17.37.44, located in Central, Hong Kong and belongs to CDN77 ^_^, GB. The main domain is www.bg3.co. The Cisco Umbrella rank of the primary domain is 590013.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G2 on May 20th 2022. Valid for: a year.
This is the only time www.bg3.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 84.17.37.44 60068 (CDN77 ^_^)
15 142.251.12.132 15169 (GOOGLE)
1 3 209.58.171.197 59253 (LEASEWEB-...)
4 172.67.71.254 13335 (CLOUDFLAR...)
2 42.99.140.144 4637 (ASN-TELST...)
5 42.99.140.161 4637 (ASN-TELST...)
3 64.120.88.131 133752 (LEASEWEB-...)
19 104.26.3.91 13335 (CLOUDFLAR...)
18 111 172.217.194.156 15169 (GOOGLE)
2 69.16.175.42 20446 (STACKPATH...)
11 74.125.200.156 15169 (GOOGLE)
8 172.217.194.154 15169 (GOOGLE)
1 142.251.12.94 15169 (GOOGLE)
2 142.251.12.97 15169 (GOOGLE)
3 104.211.156.162 8075 (MICROSOFT...)
7 13.76.45.37 8075 (MICROSOFT...)
3 172.217.194.139 15169 (GOOGLE)
2 17 74.125.24.154 15169 (GOOGLE)
2 142.250.4.155 15169 (GOOGLE)
4 142.251.10.157 15169 (GOOGLE)
2 13.33.33.91 16509 (AMAZON-02)
5 172.217.194.132 15169 (GOOGLE)
2 4 103.229.10.211 16509 (AMAZON-02)
1 104.16.88.20 13335 (CLOUDFLAR...)
1 23.207.181.47 16625 (AKAMAI-AS)
1 2 145.40.89.200 54825 (PACKET)
3 14 34.98.64.218 15169 (GOOGLE)
5 9 104.254.151.120 29990 (ASN-APPNEX)
3 51.79.234.101 16276 (OVH)
1 34.107.148.139 15169 (GOOGLE)
1 182.161.73.145 55569 (CRITEO-AS...)
1 54.36.238.155 16276 (OVH)
1 13.251.219.40 16509 (AMAZON-02)
13 52.18.151.34 16509 (AMAZON-02)
3 54.238.123.46 16509 (AMAZON-02)
1 69.173.158.65 26667 (RUBICONPR...)
3 17 104.18.18.126 13335 (CLOUDFLAR...)
37 74.125.200.132 15169 (GOOGLE)
1 13.227.254.11 16509 (AMAZON-02)
1 11 142.251.12.103 15169 (GOOGLE)
1 13.33.33.86 16509 (AMAZON-02)
4 10 172.217.194.157 15169 (GOOGLE)
1 2 23.213.141.184 16625 (AKAMAI-AS)
8 142.251.10.154 15169 (GOOGLE)
4 23.213.140.75 16625 (AKAMAI-AS)
23 74.125.24.149 15169 (GOOGLE)
4 4 89.207.22.140 41041 (VCLK-EU-SE)
1 5 172.64.152.245 13335 (CLOUDFLAR...)
5 6 185.84.60.29 198622 (ADFORM)
5 8 104.18.19.126 13335 (CLOUDFLAR...)
1 1 13.33.88.29 16509 (AMAZON-02)
1 35.213.109.249 15169 (GOOGLE)
10 11 64.202.112.31 23352 (SERVERCEN...)
6 6 103.229.206.240 30419 (MEDIAMATH...)
2 4 202.131.200.84 17941 (BIT-ISLE ...)
2 2 34.239.50.221 14618 (AMAZON-AES)
1 1 52.220.84.85 16509 (AMAZON-02)
1 183.79.249.252 24572 (YAHOO-JP-...)
4 69.174.120.107 3257 (GTT-BACKB...)
2 182.161.73.129 55569 (CRITEO-AS...)
1 54.174.78.62 14618 (AMAZON-AES)
3 4 103.71.26.125 132134 (SPOTX-AS-...)
6 6 52.74.162.2 16509 (AMAZON-02)
1 2 23.52.171.154 20940 (AKAMAI-ASN1)
5 7 50.116.239.135 6336 (TURN-US-ASN)
16 17 3.33.220.150 16509 (AMAZON-02)
9 9 35.213.12.39 15169 (GOOGLE)
2 2 13.115.216.134 16509 (AMAZON-02)
5 8 52.221.138.76 16509 (AMAZON-02)
3 3 169.44.180.92 36351 (SOFTLAYER)
2 103.229.206.241 30419 (MEDIAMATH...)
3 182.161.73.136 55569 (CRITEO-AS...)
1 23.207.180.246 16625 (AKAMAI-AS)
11 23.207.180.23 16625 (AKAMAI-AS)
3 10 52.223.2.229 16509 (AMAZON-02)
1 23.72.44.183 16625 (AKAMAI-AS)
3 11 23.9.185.218 16625 (AKAMAI-AS)
1 18.161.111.41 16509 (AMAZON-02)
2 2 124.146.215.50 2514 (INFOSPHER...)
1 1 13.33.88.36 16509 (AMAZON-02)
2 2 13.33.88.20 16509 (AMAZON-02)
2 2 13.107.42.14 8068 (MICROSOFT...)
1 2 104.18.98.194 ()
2 2 35.213.93.179 ()
1 13.107.21.200 8068 (MICROSOFT...)
5 9 52.46.128.147 ()
3 3 104.69.148.168 ()
2 2 198.8.71.128 ()
4 23.207.180.199 16625 (AKAMAI-AS)
15 15 74.118.186.45 ()
1 21 54.238.120.71 ()
2 23.213.140.31 ()
3 3 13.251.132.205 16509 (AMAZON-02)
2 2 182.161.73.146 55569 (CRITEO-AS...)
2 2 3.121.135.16 ()
2 34.204.58.250 ()
9 12 69.173.158.64 ()
1 119.161.10.11 ()
2 3 52.95.122.74 ()
1 1 52.203.149.43 ()
3 3 13.250.207.233 ()
6 6 18.180.125.109 ()
1 1 64.38.119.27 ()
1 104.18.12.76 13335 (CLOUDFLAR...)
1 54.199.197.118 ()
1 2 23.106.127.52 ()
1 2 3.229.251.39 ()
4 4 209.191.163.209 ()
1 1 72.34.250.75 ()
1 103.231.98.197 ()
3 3 104.254.151.68 ()
3 169.197.150.7 ()
2 67.199.150.81 ()
2 2 74.214.196.131 ()
3 23.106.127.53 ()
3 5 35.190.60.146 ()
1 1 8.43.72.97 ()
3 3 35.227.202.26 ()
2 2 107.178.244.193 ()
1 1 18.155.68.53 ()
3 4 66.225.223.63 ()
1 1 52.54.63.203 ()
1 132.226.63.138 ()
2 2 54.179.176.90 ()
4 4 151.101.130.49 ()
2 2 185.184.8.90 ()
14 103.231.98.194 ()
1 1 18.138.18.111 ()
1 54.178.84.241 ()
1 1 35.186.193.173 ()
1 1 139.162.23.100 ()
6 67.199.150.86 ()
1 2 151.101.193.44 ()
1 1 104.19.173.108 ()
1 195.5.165.20 ()
2 2 107.178.254.65 ()
1 1 34.98.67.3 ()
3 103.231.98.195 ()
1 1 34.102.253.54 ()
1 3.115.174.50 ()
512 98
1    84.17.37.44 (Central, Hong Kong)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-84-17-37-44.cdn77.com
www.bg3.co
15    142.251.12.132 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f132.1e100.net
cdn.ampproject.org
3    209.58.171.197 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
ads.aralego.com
4    172.67.71.254 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.aralego.net
2    42.99.140.144 (Japan)

ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK)
PTR: ip-42-99-140-144.pacnet.net
delivery.adrecover.com
5    42.99.140.161 (Japan)

ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK)
PTR: ip-42-99-140-161.pacnet.net
cdn.adpushup.com
3    64.120.88.131 (Central, Hong Kong)

ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK)
sync.aralego.com
19    104.26.3.91 (United States)

ASN13335 (CLOUDFLARENET, US)
static.bg3.co
111    172.217.194.156 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f156.1e100.net
pagead2.googlesyndication.com
cm.g.doubleclick.net
www.googletagservices.com
2    69.16.175.42 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: tlb.hwcdn.net
code.jquery.com
11    74.125.200.156 (United States)

ASN15169 (GOOGLE, US)
PTR: sa-in-f156.1e100.net
securepubads.g.doubleclick.net
8    172.217.194.154 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f154.1e100.net
adservice.google.com
1    142.251.12.94 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f94.1e100.net
d-42268595762681362673.ampproject.net
2    142.251.12.97 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f97.1e100.net
www.googletagmanager.com
3    104.211.156.162 (Mumbai, India)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
aplogger.adpushup.com
7    13.76.45.37 (Singapore, Singapore)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
feedback.adrecover.com
e3.adpushup.com
3    172.217.194.139 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f139.1e100.net
www.google-analytics.com
17    74.125.24.154 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f154.1e100.net
googleads.g.doubleclick.net
adservice.google.com.au
2    142.250.4.155 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f155.1e100.net
partner.googleadservices.com
4    142.251.10.157 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f157.1e100.net
adservice.google.com.au
2    13.33.33.91 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-33-91.sin2.r.cloudfront.net
adx.holmesmind.com
5    172.217.194.132 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f132.1e100.net
416221ae6b3c2437353cf534d3966fec.safeframe.googlesyndication.com
67f98774e159b14d066cf03f174c923b.safeframe.googlesyndication.com
1658cca735c76dfbd679764915247b41.safeframe.googlesyndication.com
4    103.229.10.211 (Singapore)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
1    104.16.88.20 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    23.207.181.47 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-207-181-47.deploy.static.akamaitechnologies.com
a.teads.tv
2    145.40.89.200 (Ashburn, United States)

ASN54825 (PACKET, US)
prebid.a-mo.net
14    34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
adpushup-d.openx.net
us-u.openx.net
u.openx.net
jp-u.openx.net
9    104.254.151.120 (Los Angeles, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 908.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
ib.adnxs.com
3    51.79.234.101 (Singapore, Singapore)

ASN16276 (OVH, FR)
PTR: ip101.ip-51-79-234.net
onetag-sys.com
1    34.107.148.139 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 139.148.107.34.bc.googleusercontent.com
prebid.media.net
1    182.161.73.145 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
bidder.criteo.com
1    54.36.238.155 (France)

ASN16276 (OVH, FR)
PTR: ip155.ip-54-36-238.eu
rtb.adxpremium.services
1    13.251.219.40 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-251-219-40.ap-southeast-1.compute.amazonaws.com
tlx.3lift.com
13    52.18.151.34 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-151-34.eu-west-1.compute.amazonaws.com
ads.servenobid.com
3    54.238.123.46 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-238-123-46.ap-northeast-1.compute.amazonaws.com
prebid-server.rubiconproject.com
1    69.173.158.65 (Ashburn, United States)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
17    104.18.18.126 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
37    74.125.200.132 (United States)

ASN15169 (GOOGLE, US)
PTR: sa-in-f132.1e100.net
tpc.googlesyndication.com
1    13.227.254.11 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-254-11.sin52.r.cloudfront.net
rules.quantcount.com
11    142.251.12.103 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f103.1e100.net
www.google.com
1    13.33.33.86 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-33-86.sin2.r.cloudfront.net
pxl.qccerttest.com
10    172.217.194.157 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f157.1e100.net
www.googletagservices.com
cm.g.doubleclick.net
2    23.213.141.184 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-213-141-184.deploy.static.akamaitechnologies.com
sync.teads.tv
8    142.251.10.154 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f154.1e100.net
googleads4.g.doubleclick.net
4    23.213.140.75 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-213-140-75.deploy.static.akamaitechnologies.com
cdn.doubleverify.com
23    74.125.24.149 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f149.1e100.net
s0.2mdn.net
4    89.207.22.140 (Singapore, Singapore)

ASN41041 (VCLK-EU-SE, US)
PTR: sin03-login-ds.dotomi.com
dclk-match.dotomi.com
pubmatic-match.dotomi.com
5    172.64.152.245 (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
6    185.84.60.29 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
8    104.18.19.126 (None, )

ASN13335 (CLOUDFLARENET, US)
ssum-sec.casalemedia.com
1    13.33.88.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-88-29.sin2.r.cloudfront.net
s.ad.smaato.net
1    35.213.109.249 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 249.109.213.35.bc.googleusercontent.com
y.one.impact-ad.jp
11    64.202.112.31 (Lovettsville, United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
6    103.229.206.240 (Singapore)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
4    202.131.200.84 (Japan)

ASN17941 (BIT-ISLE Equinix Japan Enterprise K.K., JP)
sync-dsp.ad-m.asia
2    34.239.50.221 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-239-50-221.compute-1.amazonaws.com
sync.srv.stackadapt.com
1    52.220.84.85 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-220-84-85.ap-southeast-1.compute.amazonaws.com
ads.yieldmo.com
1    183.79.249.252 (Japan)

ASN24572 (YAHOO-JP-AS-AP Yahoo Japan, JP)
cksync.yahoo.co.jp
4    69.174.120.107 (Avondale, United States)

ASN3257 (GTT-BACKBONE GTT, US)
tps.doubleverify.com
tpsc-sgc.doubleverify.com
2    182.161.73.129 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
static.criteo.net
1    54.174.78.62 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-174-78-62.compute-1.amazonaws.com
partners.tremorhub.com
4    103.71.26.125 (Singapore, Singapore)

ASN132134 (SPOTX-AS-AP SpotXchange, Inc, US)
sync.search.spotxchange.com
6    52.74.162.2 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-74-162-2.ap-southeast-1.compute.amazonaws.com
ups.analytics.yahoo.com
2    23.52.171.154 (Singapore, Singapore)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-52-171-154.deploy.static.akamaitechnologies.com
ads.stickyadstv.com
7    50.116.239.135 (United States)

ASN6336 (TURN-US-ASN, US)
ad.turn.com
r.turn.com
17    3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
9    35.213.12.39 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 39.12.213.35.bc.googleusercontent.com
x.bidswitch.net
2    13.115.216.134 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-115-216-134.ap-northeast-1.compute.amazonaws.com
pool.admedo.com
8    52.221.138.76 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-221-138-76.ap-southeast-1.compute.amazonaws.com
pr-bh.ybp.yahoo.com
3    169.44.180.92 (United States)

ASN36351 (SOFTLAYER, US)
PTR: 5c.b4.2ca9.ip4.static.sl-reverse.com
um.simpli.fi
2    103.229.206.241 (Singapore)

ASN30419 (MEDIAMATH-INC, US)
tags.mathtag.com
3    182.161.73.136 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
gum.criteo.com
1    23.207.180.246 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-207-180-246.deploy.static.akamaitechnologies.com
js-sec.indexww.com
11    23.207.180.23 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-207-180-23.deploy.static.akamaitechnologies.com
contextual.media.net
10    52.223.2.229 (United States)

ASN16509 (AMAZON-02, US)
PTR: ade9ecc7904667038.awsglobalaccelerator.com
eb2.3lift.com
1    23.72.44.183 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-72-44-183.deploy.static.akamaitechnologies.com
acdn.adnxs.com
11    23.9.185.218 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-9-185-218.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
secure-assets.rubiconproject.com
1    18.161.111.41 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-161-111-41.mrs52.r.cloudfront.net
public.servenobid.com
2    124.146.215.50 (Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)
tg.socdm.com
1    13.33.88.36 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-88-36.sin2.r.cloudfront.net
cr-p3.ladsp.jp
2    13.33.88.20 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-88-20.sin2.r.cloudfront.net
cr-pall.ladsp.com
2    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
2    104.18.98.194 (None, )

ASN- ()
p.adsymptotic.com
2    35.213.93.179 (None, )

ASN- ()
a.sportradarserving.com
1    13.107.21.200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
9    52.46.128.147 (None, )

ASN- ()
s.amazon-adsystem.com
3    104.69.148.168 (None, )

ASN- ()
stags.bluekai.com
2    198.8.71.128 (None, )

ASN- ()
p.rfihub.com
4    23.207.180.199 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-207-180-199.deploy.static.akamaitechnologies.com
ads.pubmatic.com
15    74.118.186.45 (None, )

ASN- ()
sync.1rx.io
sync.targeting.unrulymedia.com
21    54.238.120.71 (None, )

ASN- ()
usersync.gumgum.com
2    23.213.140.31 (None, )

ASN- ()
cs.media.net
3    13.251.132.205 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-251-132-205.ap-southeast-1.compute.amazonaws.com
pm.w55c.net
2    182.161.73.146 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
dis.criteo.com
2    3.121.135.16 (None, )

ASN- ()
rtb.mfadsrvr.com
2    34.204.58.250 (None, )

ASN- ()
cs.emxdgt.com
12    69.173.158.64 (None, )

ASN- ()
token.rubiconproject.com
pixel.rubiconproject.com
1    119.161.10.11 (None, )

ASN- ()
ads.yahoo.com
3    52.95.122.74 (None, )

ASN- ()
aax-eu.amazon-adsystem.com
1    52.203.149.43 (None, )

ASN- ()
nep.advangelists.com
3    13.250.207.233 (None, )

ASN- ()
cm.adgrx.com
6    18.180.125.109 (None, )

ASN- ()
match.prod.bidr.io
1    64.38.119.27 (None, )

ASN- ()
bttrack.com
1    104.18.12.76 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.indexww.com
1    54.199.197.118 (None, )

ASN- ()
g2.gumgum.com
2    23.106.127.52 (None, )

ASN- ()
ssbsync.smartadserver.com
2    3.229.251.39 (None, )

ASN- ()
x.yieldlift.com
4    209.191.163.209 (None, )

ASN- ()
ce.lijit.com
ap.lijit.com
1    72.34.250.75 (None, )

ASN- ()
sync.go.sonobi.com
1    103.231.98.197 (None, )

ASN- ()
image8.pubmatic.com
3    104.254.151.68 (None, )

ASN- ()
secure.adnxs.com
3    169.197.150.7 (None, )

ASN- ()
match.deepintent.com
2    67.199.150.81 (None, )

ASN- ()
image6.pubmatic.com
2    74.214.196.131 (None, )

ASN- ()
bh.contextweb.com
3    23.106.127.53 (None, )

ASN- ()
rtb-csync.smartadserver.com
5    35.190.60.146 (None, )

ASN- ()
id.rlcdn.com
idsync.rlcdn.com
1    8.43.72.97 (None, )

ASN- ()
pixel-us-east.rubiconproject.com
3    35.227.202.26 (None, )

ASN- ()
odr.mookie1.com
2    107.178.244.193 (None, )

ASN- ()
pixel.tapad.com
1    18.155.68.53 (None, )

ASN- ()
aa.agkn.com
4    66.225.223.63 (None, )

ASN- ()
sync.outbrain.com
1    52.54.63.203 (None, )

ASN- ()
sync.ipredictive.com
1    132.226.63.138 (None, )

ASN- ()
sync.technoratimedia.com
2    54.179.176.90 (None, )

ASN- ()
ad.360yield.com
4    151.101.130.49 (None, )

ASN- ()
sync-tm.everesttech.net
2    185.184.8.90 (None, )

ASN- ()
creativecdn.com
14    103.231.98.194 (None, )

ASN- ()
simage2.pubmatic.com
1    18.138.18.111 (None, )

ASN- ()
cm.ambientdsp.com
1    54.178.84.241 (None, )

ASN- ()
dps.jp.cinarra.com
1    35.186.193.173 (None, )

ASN- ()
ipac.ctnsnet.com
1    139.162.23.100 (None, )

ASN- ()
gocm.c.appier.net
6    67.199.150.86 (None, )

ASN- ()
image2.pubmatic.com
2    151.101.193.44 (None, )

ASN- ()
trc.taboola.com
match.taboola.com
1    104.19.173.108 (None, )

ASN- ()
csync.loopme.me
1    195.5.165.20 (None, )

ASN- ()
core.iprom.net
2    107.178.254.65 (None, )

ASN- ()
pippio.com
1    34.98.67.3 (None, )

ASN- ()
tags.rd.linksynergy.com
3    103.231.98.195 (None, )

ASN- ()
image4.pubmatic.com
simage4.pubmatic.com
1    34.102.253.54 (None, )

ASN- ()
ads.playground.xyz
1    3.115.174.50 (None, )

ASN- ()
rtb.gumgum.com
Apex Domain
Subdomains		 Transfer
104 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 123
416221ae6b3c2437353cf534d3966fec.safeframe.googlesyndication.com
67f98774e159b14d066cf03f174c923b.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 159
1658cca735c76dfbd679764915247b41.safeframe.googlesyndication.com
1 MB
88 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 218
googleads.g.doubleclick.net — Cisco Umbrella Rank: 52
cm.g.doubleclick.net — Cisco Umbrella Rank: 214
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 303
661 KB
30 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 492
image8.pubmatic.com
image6.pubmatic.com
simage2.pubmatic.com
image2.pubmatic.com
image4.pubmatic.com
simage4.pubmatic.com
45 KB
28 rubiconproject.com
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 1064
fastlane.rubiconproject.com — Cisco Umbrella Rank: 519
eus.rubiconproject.com — Cisco Umbrella Rank: 582
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1015
token.rubiconproject.com
pixel.rubiconproject.com
pixel-us-east.rubiconproject.com
52 KB
25 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 539
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 525
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 456
dsum.casalemedia.com
23 KB
23 gumgum.com
usersync.gumgum.com
g2.gumgum.com
rtb.gumgum.com
7 KB
23 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 280
540 KB
20 bg3.co
www.bg3.co — Cisco Umbrella Rank: 590013
static.bg3.co
246 KB
19 google.com
adservice.google.com — Cisco Umbrella Rank: 88
www.google.com — Cisco Umbrella Rank: 9
5 KB
17 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 371
9 KB
15 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 278
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 488
ads.yahoo.com
10 KB
15 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 361
327 KB
14 servenobid.com
ads.servenobid.com — Cisco Umbrella Rank: 1767
public.servenobid.com — Cisco Umbrella Rank: 3759
9 KB
14 media.net
prebid.media.net — Cisco Umbrella Rank: 1269
contextual.media.net — Cisco Umbrella Rank: 537
cs.media.net
19 KB
14 openx.net
adpushup-d.openx.net — Cisco Umbrella Rank: 13451
us-u.openx.net — Cisco Umbrella Rank: 399
u.openx.net — Cisco Umbrella Rank: 705
jp-u.openx.net — Cisco Umbrella Rank: 9434
3 KB
14 adpushup.com
cdn.adpushup.com — Cisco Umbrella Rank: 13362
aplogger.adpushup.com — Cisco Umbrella Rank: 15364
e3.adpushup.com — Cisco Umbrella Rank: 17352
231 KB
13 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 230
acdn.adnxs.com — Cisco Umbrella Rank: 604
secure.adnxs.com
28 KB
12 amazon-adsystem.com
s.amazon-adsystem.com
aax-eu.amazon-adsystem.com
9 KB
11 1rx.io
sync.1rx.io
7 KB
11 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 572
7 KB
11 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 617
eb2.3lift.com — Cisco Umbrella Rank: 418
4 KB
9 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 292
5 KB
8 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 476
tags.mathtag.com — Cisco Umbrella Rank: 3512
4 KB
8 doubleverify.com
cdn.doubleverify.com — Cisco Umbrella Rank: 471
tps.doubleverify.com — Cisco Umbrella Rank: 475
tpsc-sgc.doubleverify.com
220 KB
7 turn.com
ad.turn.com — Cisco Umbrella Rank: 792
r.turn.com — Cisco Umbrella Rank: 3005
3 KB
7 google.com.au
adservice.google.com.au — Cisco Umbrella Rank: 91302
2 KB
6 bidr.io
match.prod.bidr.io
3 KB
6 adform.net
c1.adform.net — Cisco Umbrella Rank: 612
cm.adform.net Failed
3 KB
6 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 759
gum.criteo.com — Cisco Umbrella Rank: 407
dis.criteo.com — Cisco Umbrella Rank: 712
2 KB
6 aralego.com
ads.aralego.com — Cisco Umbrella Rank: 28872
sync.aralego.com — Cisco Umbrella Rank: 2851
4 KB
5 rlcdn.com
id.rlcdn.com
idsync.rlcdn.com
997 B
5 smartadserver.com
ssbsync.smartadserver.com
rtb-csync.smartadserver.com
2 KB
5 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 816
s.tribalfusion.com — Cisco Umbrella Rank: 2148
3 KB
4 everesttech.net
sync-tm.everesttech.net
1 KB
4 outbrain.com
sync.outbrain.com
1 KB
4 lijit.com
ce.lijit.com
ap.lijit.com
2 KB
4 unrulymedia.com
sync.targeting.unrulymedia.com
2 KB
4 spotxchange.com
sync.search.spotxchange.com — Cisco Umbrella Rank: 521
2 KB
4 ad-m.asia
sync-dsp.ad-m.asia — Cisco Umbrella Rank: 2792
2 KB
4 dotomi.com
dclk-match.dotomi.com — Cisco Umbrella Rank: 2749
pubmatic-match.dotomi.com
2 KB
4 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 194
173 KB
4 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 976
pixel.quantserve.com — Cisco Umbrella Rank: 458
11 KB
4 aralego.net
cdn.aralego.net — Cisco Umbrella Rank: 8473
45 KB
3 mookie1.com
odr.mookie1.com
807 B
3 deepintent.com
match.deepintent.com
99 B
3 adgrx.com
cm.adgrx.com
2 KB
3 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 783
2 KB
3 bluekai.com
stags.bluekai.com
2 KB
3 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 851
2 KB
3 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 746
2 KB
3 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1278
sync.teads.tv — Cisco Umbrella Rank: 1030
767 B
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 45
519 B
3 adrecover.com
delivery.adrecover.com — Cisco Umbrella Rank: 12529
feedback.adrecover.com — Cisco Umbrella Rank: 29164
11 KB
2 pippio.com
pippio.com
716 B
2 taboola.com
trc.taboola.com
match.taboola.com
561 B
2 creativecdn.com
creativecdn.com
700 B
2 360yield.com
ad.360yield.com
623 B
2 tapad.com
pixel.tapad.com
630 B
2 contextweb.com
bh.contextweb.com
1 KB
2 yieldlift.com
x.yieldlift.com
1 KB
2 emxdgt.com
cs.emxdgt.com
133 B
2 mfadsrvr.com
rtb.mfadsrvr.com
1 KB
2 rfihub.com
p.rfihub.com
1 KB
2 sportradarserving.com
a.sportradarserving.com
969 B
2 adsymptotic.com
p.adsymptotic.com
551 B
2 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 370
1 KB
2 ladsp.com
cr-pall.ladsp.com — Cisco Umbrella Rank: 3699
1 KB
2 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1000
2 KB
2 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 594
cdn.indexww.com — Cisco Umbrella Rank: 1405
2 KB
2 admedo.com
pool.admedo.com — Cisco Umbrella Rank: 5040
1 KB
2 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 652
1 KB
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 655
56 KB
2 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 754
996 B
2 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1232
1001 B
2 holmesmind.com
adx.holmesmind.com — Cisco Umbrella Rank: 369022
2 KB
2 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 882
1010 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 78
73 KB
2 jquery.com
code.jquery.com — Cisco Umbrella Rank: 615
60 KB
1 playground.xyz
ads.playground.xyz
463 B
1 linksynergy.com
tags.rd.linksynergy.com
390 B
1 iprom.net
core.iprom.net
279 B
1 loopme.me
csync.loopme.me
406 B
1 appier.net
gocm.c.appier.net
395 B
1 ctnsnet.com
ipac.ctnsnet.com
457 B
1 cinarra.com
dps.jp.cinarra.com
220 B
1 ambientdsp.com
cm.ambientdsp.com
653 B
1 technoratimedia.com
sync.technoratimedia.com
293 B
1 ipredictive.com
sync.ipredictive.com
465 B
1 agkn.com
aa.agkn.com
671 B
1 sonobi.com
sync.go.sonobi.com
655 B
1 bttrack.com
bttrack.com
670 B
1 advangelists.com
nep.advangelists.com
232 B
1 bing.com
c.bing.com — Cisco Umbrella Rank: 204
668 B
1 ladsp.jp
cr-p3.ladsp.jp — Cisco Umbrella Rank: 22525
225 B
1 tremorhub.com
partners.tremorhub.com — Cisco Umbrella Rank: 1001
183 B
1 yahoo.co.jp
cksync.yahoo.co.jp — Cisco Umbrella Rank: 3598
620 B
1 yieldmo.com
ads.yieldmo.com — Cisco Umbrella Rank: 681
502 B
1 impact-ad.jp
y.one.impact-ad.jp — Cisco Umbrella Rank: 2858
218 B
1 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 740
675 B
1 qccerttest.com
pxl.qccerttest.com — Cisco Umbrella Rank: 277114
548 B
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 933
680 B
1 adxpremium.services
rtb.adxpremium.services — Cisco Umbrella Rank: 7555
396 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 422
2 KB
1 ampproject.net
d-42268595762681362673.ampproject.net
0 crwdcntrl.net Failed
sync.crwdcntrl.net Failed
0 semasio.net Failed
uipglob.semasio.net Failed
0 omnitagjs.com Failed
hb-api.omnitagjs.com Failed
512 107
Domain Requested by
62 pagead2.googlesyndication.com cdn.ampproject.org
ads.aralego.com
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
adx.holmesmind.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.bg3.co
www.googletagservices.com
1658cca735c76dfbd679764915247b41.safeframe.googlesyndication.com
55 cm.g.doubleclick.net 22 redirects googleads.g.doubleclick.net
1658cca735c76dfbd679764915247b41.safeframe.googlesyndication.com
www.bg3.co
u.openx.net
eb2.3lift.com
g2.gumgum.com
37 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
googleads.g.doubleclick.net
www.bg3.co
1658cca735c76dfbd679764915247b41.safeframe.googlesyndication.com
pagead2.googlesyndication.com
23 s0.2mdn.net googleads.g.doubleclick.net
www.bg3.co
s0.2mdn.net
1658cca735c76dfbd679764915247b41.safeframe.googlesyndication.com
21 usersync.gumgum.com 1 redirects contextual.media.net
public.servenobid.com
g2.gumgum.com
eus.rubiconproject.com
19 static.bg3.co www.bg3.co
17 match.adsrvr.org 16 redirects cdn.adpushup.com
public.servenobid.com
15 cdn.ampproject.org www.bg3.co
cdn.ampproject.org
securepubads.g.doubleclick.net
14 simage2.pubmatic.com ads.pubmatic.com
14 dsum-sec.casalemedia.com 3 redirects googleads.g.doubleclick.net
ssum-sec.casalemedia.com
14 googleads.g.doubleclick.net 2 redirects cdn.ampproject.org
pagead2.googlesyndication.com
googleads.g.doubleclick.net
1658cca735c76dfbd679764915247b41.safeframe.googlesyndication.com
www.bg3.co
13 ads.servenobid.com cdn.adpushup.com
public.servenobid.com
ssum-sec.casalemedia.com
ssbsync.smartadserver.com
eus.rubiconproject.com
g2.gumgum.com
11 sync.1rx.io 11 redirects
11 contextual.media.net cdn.adpushup.com
contextual.media.net
eus.rubiconproject.com
ads.pubmatic.com
11 b1sync.zemanta.com 10 redirects googleads.g.doubleclick.net
11 www.google.com 1 redirects tpc.googlesyndication.com
googleads.g.doubleclick.net
www.bg3.co
1658cca735c76dfbd679764915247b41.safeframe.googlesyndication.com
11 securepubads.g.doubleclick.net cdn.aralego.net
securepubads.g.doubleclick.net
cdn.adpushup.com
www.bg3.co
10 eb2.3lift.com 3 redirects cdn.adpushup.com
eb2.3lift.com
9 s.amazon-adsystem.com 5 redirects eb2.3lift.com
www.bg3.co
ssum-sec.casalemedia.com
9 x.bidswitch.net 9 redirects ads.pubmatic.com
9 ib.adnxs.com 5 redirects cdn.adpushup.com
googleads.g.doubleclick.net
acdn.adnxs.com
8 pixel.rubiconproject.com 5 redirects www.bg3.co
8 eus.rubiconproject.com cdn.adpushup.com
eus.rubiconproject.com
contextual.media.net
public.servenobid.com
g2.gumgum.com
8 pr-bh.ybp.yahoo.com 5 redirects ssum-sec.casalemedia.com
ads.pubmatic.com
8 ssum-sec.casalemedia.com 5 redirects js-sec.indexww.com
ssum-sec.casalemedia.com
public.servenobid.com
8 googleads4.g.doubleclick.net googleads.g.doubleclick.net
www.bg3.co
8 adservice.google.com cdn.ampproject.org
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
7 us-u.openx.net 3 redirects googleads.g.doubleclick.net
u.openx.net
7 adservice.google.com.au pagead2.googlesyndication.com
securepubads.g.doubleclick.net
6 image2.pubmatic.com ads.pubmatic.com
6 match.prod.bidr.io 6 redirects
6 ups.analytics.yahoo.com 6 redirects
6 sync.mathtag.com 6 redirects
6 c1.adform.net 5 redirects ads.pubmatic.com
6 e3.adpushup.com www.bg3.co
5 ad.turn.com 5 redirects
5 cdn.adpushup.com www.bg3.co
cdn.adpushup.com
4 sync-tm.everesttech.net 4 redirects
4 sync.outbrain.com 3 redirects g2.gumgum.com
4 token.rubiconproject.com 4 redirects
4 sync.targeting.unrulymedia.com 4 redirects
4 ads.pubmatic.com contextual.media.net
public.servenobid.com
g2.gumgum.com
ads.pubmatic.com
4 sync.search.spotxchange.com 3 redirects googleads.g.doubleclick.net
4 sync-dsp.ad-m.asia 2 redirects googleads.g.doubleclick.net
ads.pubmatic.com
4 a.tribalfusion.com 1 redirects 1658cca735c76dfbd679764915247b41.safeframe.googlesyndication.com
ads.pubmatic.com
4 cdn.doubleverify.com googleads.g.doubleclick.net
www.bg3.co
4 www.googletagservices.com googleads.g.doubleclick.net
1658cca735c76dfbd679764915247b41.safeframe.googlesyndication.com
4 adpushup-d.openx.net cdn.adpushup.com
4 cdn.aralego.net www.bg3.co
ads.aralego.com
3 idsync.rlcdn.com 2 redirects ads.pubmatic.com
3 odr.mookie1.com 3 redirects
3 rtb-csync.smartadserver.com ssbsync.smartadserver.com
3 match.deepintent.com ssum-sec.casalemedia.com
g2.gumgum.com
ads.pubmatic.com
3 secure.adnxs.com 3 redirects
3 cm.adgrx.com 3 redirects
3 aax-eu.amazon-adsystem.com 2 redirects www.bg3.co
3 pm.w55c.net 3 redirects
3 secure-assets.rubiconproject.com 3 redirects
3 stags.bluekai.com 3 redirects
3 gum.criteo.com cdn.adpushup.com
contextual.media.net
3 um.simpli.fi 3 redirects ads.pubmatic.com
3 1658cca735c76dfbd679764915247b41.safeframe.googlesyndication.com securepubads.g.doubleclick.net
3 pixel.quantserve.com 2 redirects www.bg3.co
3 prebid-server.rubiconproject.com cdn.adpushup.com
3 onetag-sys.com cdn.adpushup.com
public.servenobid.com
3 www.google-analytics.com www.bg3.co
www.googletagmanager.com
3 aplogger.adpushup.com www.bg3.co
cdn.adpushup.com
3 sync.aralego.com ads.aralego.com
www.bg3.co
3 ads.aralego.com 1 redirects ads.aralego.com
2 pubmatic-match.dotomi.com 2 redirects
2 image4.pubmatic.com ads.pubmatic.com
2 pippio.com 2 redirects
2 tpsc-sgc.doubleverify.com cdn.doubleverify.com
2 creativecdn.com 2 redirects
2 ad.360yield.com 2 redirects
2 pixel.tapad.com 2 redirects
2 id.rlcdn.com 1 redirects ssbsync.smartadserver.com
2 bh.contextweb.com 2 redirects
2 image6.pubmatic.com ads.pubmatic.com
2 ap.lijit.com 2 redirects
2 ce.lijit.com 2 redirects
2 x.yieldlift.com 1 redirects public.servenobid.com
ads.pubmatic.com
2 ssbsync.smartadserver.com 1 redirects public.servenobid.com
2 cs.emxdgt.com contextual.media.net
g2.gumgum.com
2 rtb.mfadsrvr.com 2 redirects
2 dis.criteo.com 2 redirects
2 cs.media.net contextual.media.net
2 p.rfihub.com 2 redirects
2 a.sportradarserving.com 2 redirects
2 p.adsymptotic.com 1 redirects eb2.3lift.com
2 px.ads.linkedin.com 2 redirects
2 cr-pall.ladsp.com 2 redirects
2 jp-u.openx.net u.openx.net
2 tg.socdm.com 2 redirects
2 tags.mathtag.com 1658cca735c76dfbd679764915247b41.safeframe.googlesyndication.com
www.bg3.co
2 pool.admedo.com 2 redirects
2 r.turn.com 1658cca735c76dfbd679764915247b41.safeframe.googlesyndication.com
2 ads.stickyadstv.com 1 redirects googleads.g.doubleclick.net
2 static.criteo.net cdn.adpushup.com
static.criteo.net
2 tps.doubleverify.com cdn.doubleverify.com
2 sync.srv.stackadapt.com 2 redirects
2 dclk-match.dotomi.com 2 redirects
2 sync.teads.tv 1 redirects googleads.g.doubleclick.net
2 htlb.casalemedia.com cdn.adpushup.com
2 prebid.a-mo.net 1 redirects cdn.adpushup.com
2 adx.holmesmind.com pagead2.googlesyndication.com
2 partner.googleadservices.com pagead2.googlesyndication.com
2 www.googletagmanager.com cdn.ampproject.org
cdn.adpushup.com
2 code.jquery.com delivery.adrecover.com
cdn.adpushup.com
2 delivery.adrecover.com www.bg3.co
1 simage4.pubmatic.com ads.pubmatic.com
1 rtb.gumgum.com ads.pubmatic.com
1 ads.playground.xyz 1 redirects
1 tags.rd.linksynergy.com 1 redirects
1 core.iprom.net ads.pubmatic.com
1 csync.loopme.me 1 redirects
1 match.taboola.com ads.pubmatic.com
1 trc.taboola.com 1 redirects
1 gocm.c.appier.net 1 redirects
1 ipac.ctnsnet.com 1 redirects
1 dps.jp.cinarra.com ads.pubmatic.com
1 cm.ambientdsp.com 1 redirects
1 sync.technoratimedia.com g2.gumgum.com
1 sync.ipredictive.com 1 redirects
1 aa.agkn.com 1 redirects
1 pixel-us-east.rubiconproject.com 1 redirects
1 image8.pubmatic.com public.servenobid.com
1 sync.go.sonobi.com 1 redirects
1 g2.gumgum.com public.servenobid.com
1 cdn.indexww.com ssum-sec.casalemedia.com
1 dsum.casalemedia.com ssum-sec.casalemedia.com
1 bttrack.com 1 redirects
1 nep.advangelists.com 1 redirects
1 ads.yahoo.com www.bg3.co
1 c.bing.com eb2.3lift.com
1 cr-p3.ladsp.jp 1 redirects
1 public.servenobid.com cdn.adpushup.com
1 acdn.adnxs.com cdn.adpushup.com
1 u.openx.net cdn.adpushup.com
1 js-sec.indexww.com cdn.adpushup.com
1 partners.tremorhub.com googleads.g.doubleclick.net
1 cksync.yahoo.co.jp googleads.g.doubleclick.net
1 ads.yieldmo.com 1 redirects
1 y.one.impact-ad.jp googleads.g.doubleclick.net
1 s.ad.smaato.net 1 redirects
1 s.tribalfusion.com googleads.g.doubleclick.net
1 pxl.qccerttest.com www.bg3.co
1 rules.quantcount.com secure.quantserve.com
1 fastlane.rubiconproject.com cdn.adpushup.com
1 tlx.3lift.com cdn.adpushup.com
1 rtb.adxpremium.services cdn.adpushup.com
1 bidder.criteo.com cdn.adpushup.com
1 prebid.media.net cdn.adpushup.com
1 a.teads.tv cdn.adpushup.com
1 cdn.jsdelivr.net cdn.adpushup.com
1 secure.quantserve.com cdn.adpushup.com
1 67f98774e159b14d066cf03f174c923b.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 416221ae6b3c2437353cf534d3966fec.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 feedback.adrecover.com www.bg3.co
1 d-42268595762681362673.ampproject.net cdn.ampproject.org
1 www.bg3.co
0 sync.crwdcntrl.net Failed public.servenobid.com
0 uipglob.semasio.net Failed public.servenobid.com
0 cm.adform.net Failed public.servenobid.com
0 hb-api.omnitagjs.com Failed cdn.adpushup.com
512 165

This site contains no links.

Subject Issuer Validity Valid
*.bg3.co
AlphaSSL CA - SHA256 - G2		 2022-05-20 -
2023-06-21		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2022-08-08 -
2022-10-31		 3 months crt.sh
cdn.adpushup.com
R3		 2022-06-29 -
2022-09-27		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-05-18 -
2023-05-18		 a year crt.sh
*.aralego.com
Sectigo RSA Domain Validation Secure Server CA		 2021-10-21 -
2022-11-20		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-08-08 -
2022-10-31		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2022-08-03 -
2023-07-14		 a year crt.sh
*.google.com
GTS CA 1C3		 2022-08-08 -
2022-10-31		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-08-08 -
2022-10-31		 3 months crt.sh
*.adpushup.com
Sectigo ECC Domain Validation Secure Server CA		 2022-08-02 -
2023-09-02		 a year crt.sh
*.adrecover.com
Sectigo RSA Domain Validation Secure Server CA		 2020-06-22 -
2022-09-24		 2 years crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-08-08 -
2022-10-31		 3 months crt.sh
*.google.com.au
GTS CA 1C3		 2022-08-08 -
2022-10-31		 3 months crt.sh
*.holmesmind.com
Go Daddy Secure Certificate Authority - G2		 2022-05-19 -
2023-06-20		 a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-22 -
2022-09-21		 a year crt.sh
teads.tv
R3		 2022-08-17 -
2022-11-15		 3 months crt.sh
*.a-mo.net
R3		 2022-06-18 -
2022-09-16		 3 months crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-10 -
2023-01-03		 a year crt.sh
*.media.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-06 -
2023-05-04		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-08-27 -
2022-11-22		 3 months crt.sh
*.adxpremium.services
Sectigo RSA Domain Validation Secure Server CA		 2022-08-26 -
2023-08-05		 a year crt.sh
*.3lift.com
Amazon		 2022-05-13 -
2023-06-11		 a year crt.sh
ads.servenobid.com
Amazon		 2022-05-29 -
2023-06-27		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-08-08 -
2022-10-31		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-08-08 -
2022-10-31		 3 months crt.sh
qccerttest.com
Amazon		 2022-04-04 -
2023-05-03		 a year crt.sh
*.doubleverify.com
DigiCert SHA2 Secure Server CA		 2021-12-23 -
2022-12-23		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-08-08 -
2022-10-31		 3 months crt.sh
y.one.impact-ad.jp
Sectigo RSA Domain Validation Secure Server CA		 2022-03-04 -
2023-03-25		 a year crt.sh
edge01.yahoo.co.jp
Cybertrust Japan SureServer CA G4		 2022-08-05 -
2023-09-04		 a year crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-06-21 -
2022-09-23		 3 months crt.sh
*.mathtag.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-18 -
2023-04-25		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-12-12 -
2022-12-13		 a year crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2021-12-10 -
2022-12-09		 a year crt.sh
*.servenobid.com
Amazon		 2022-02-06 -
2023-03-07		 a year crt.sh
www.bing.com
Microsoft RSA TLS CA 01		 2022-06-10 -
2022-12-10		 6 months crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2022-02-04 -
2023-02-03		 a year crt.sh
*.emxdgt.com
Amazon		 2022-06-03 -
2023-07-02		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-06-14 -
2022-12-07		 6 months crt.sh
*.gumgum.com
Amazon		 2022-05-06 -
2023-06-04		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-25 -
2023-01-25		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2022-05-02 -
2023-06-03		 a year crt.sh
*.technoratimedia.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-09-17 -
2022-10-05		 a year crt.sh
*.ad-server.k8s.jp.ggops.com
Amazon		 2022-02-15 -
2023-03-16		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-06 -
2022-10-07		 a year crt.sh
sync-dsp.ad-m.asia
GlobalSign GCC R3 DV TLS CA 2020		 2022-07-21 -
2023-08-22		 a year crt.sh
*.jp.cinarra.com
Sectigo RSA Domain Validation Secure Server CA		 2022-05-14 -
2023-06-13		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-28 -
2022-12-29		 a year crt.sh
*.iprom.net
R3		 2022-06-19 -
2022-09-17		 3 months crt.sh

This page contains 92 frames:

Primary Page: https://www.bg3.co/a/lu-pei-pian-tai-ren-ai-bai-bai-zou-chun-xiang-fang-chang-jia.html
Frame ID: 47D9876D6A0BBAD68003FF07D73FD6F2
Requests: 100 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: FB0E3FC2C385DA1D81011E98066CB202
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 6033CC470308301E7752F1A3A1F280DB
Requests: 8 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: 5591FACDE94810BA22F8EB2E2282880F
Requests: 9 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: AD056D46BFEE989B138680A7D2DEDE6F
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=1600x250&w=1600&h=250&ptt=12&adk=2733026255&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-26409948333996239669&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=470780615&nhd=0&adx=0&ady=3009&oid=2&is_amp=5&amp_v=2208121708000&d_imp=1&c=7799005149&ga_cid=amp-7CyGMWah7TnXWr9O9EIxJQ&ga_hid=5149&dt=1661721557095&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Flu-pei-pian-tai-ren-ai-bai-bai-zou-chun-xiang-fang-chang-jia.html&bdt=2295&dtd=370&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Frame ID: A6CDC86D67B538744584BF3FD91D6769
Requests: 1 HTTP requests in this frame

Frame: https://adx.holmesmind.com/adx-file/20220802/wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
Frame ID: F8D20DA8EAEC768942E210E12D14FB7F
Requests: 8 HTTP requests in this frame

Frame: https://adx.holmesmind.com/adx-file/20220802/wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
Frame ID: 0D923BC1E1BA24D1B075E327DD3C4556
Requests: 8 HTTP requests in this frame

Frame: https://416221ae6b3c2437353cf534d3966fec.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 0E34E6A9E0760BB2F81A73F46E972864
Requests: 1 HTTP requests in this frame

Frame: https://67f98774e159b14d066cf03f174c923b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: E073E3EF9586AAAE422AD52F534D6C7D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661721559094&bpp=6&bdt=210&idt=292&shv=r20220822&mjsv=m202208180101&ptt=5&saldr=sa&correlator=3192124272842&frm=8&ife=1&pv=2&ga_vid=573015669.1661721559&ga_sid=1661721559&ga_hid=748760412&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31069004%2C31064018&oid=2&pvsid=1139310003802546&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.onhdry252n6&fsb=1&dtd=306
Frame ID: 42AFA115DCAF61FDB49C736DB99FCE7D
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661721559119&bpp=12&bdt=229&idt=365&shv=r20220822&mjsv=m202208180101&ptt=5&saldr=sa&correlator=3634509533723&frm=8&ife=1&pv=2&ga_vid=1648317943.1661721559&ga_sid=1661721559&ga_hid=1884503631&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C44760911%2C31069063&oid=2&pvsid=4299496234072682&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.w2twi0i8v5bv&fsb=1&dtd=379
Frame ID: 98C7CE16134D1401D2036BCE27C8D9BC
Requests: 15 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 43C5B42D4A4FF1C52A7E21B2586A3C82
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 92CE2574B4419C232A97FB88F6263AFC
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 485B73072EAF2C94F8A6A474100AFE2F
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F628A1CDAAC6B7AA6ADC7C54BE871FC7
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGTmNcDEIqkx94DGLP9vdABMAE&v=APEucNUmVVpl5Bzv81m67ejg-wv7xEzygvG678SfnVsy4a27na7-LQerFIGXjP-JWjKx_-NEvoxJLwtKgBtvJBRUNP9P4DOOWQ
Frame ID: A8D4BC3CA836398F1B747DAF459CDF7A
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGTmNcDEIqkx94DGLP9vdABMAE&v=APEucNWUIXaHD2CDmWPxG9jJFxFFZHx3qk5j4MhA8uUW4f0nJPYdlKLvrT2Ki5-Lvjz0f_2fv7zfhX7aDovHVRXsZ3CJRu1aAg
Frame ID: 9AC18479972050DD1AC251098FA6D595
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 86E0E41D02ED18C80E2DC2DB61C43F0C
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 8D5D644EA4932C2F893D00B3D28A404D
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 45D68832E4FC474EE16CA969C7062373
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 039EF5D5EB070B3DB6A847455DF9B926
Requests: 3 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements2986.js
Frame ID: 3DF8C6D316926E677077E1C95C53DA0E
Requests: 3 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements2986.js
Frame ID: 95A1589E56F8E1A5CF53C9E29AB902EB
Requests: 3 HTTP requests in this frame

Frame: https://1658cca735c76dfbd679764915247b41.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 7B892F123898859F5C38098988B81DA4
Requests: 1 HTTP requests in this frame

Frame: https://1658cca735c76dfbd679764915247b41.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 3E0756022587F5B0225E6B003AAB7482
Requests: 16 HTTP requests in this frame

Frame: https://1658cca735c76dfbd679764915247b41.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 49A38F727D882B78B0718CE10C45EBA0
Requests: 16 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012208081650000/amp4ads-v0.mjs
Frame ID: C9766035A139BAFA572CC85E9C8FD298
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNCgQRCLx0IYl8WtcTAB&v=APEucNXqvW_xcuLkIJT_Y4T05h7mm19N6mbcgEeNaZNTlBvxZet0fDGxzojfNJBaHVDo8nDgSEIXaeTBF6xeNaQhXEqRVKjA8A
Frame ID: 250468D6EC42580BEFA6C4E0CD9FC3E1
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNCgQRCLx0IYisqtcTAB&v=APEucNW3uLoT-UHRU3p5gj5W4nSFvvwxATWWmhWG7rsvToDf1XbGtSayI_VXJANIQfobDT9qahN0G0qG-XX_4WJSoicxvrdGKw
Frame ID: 855B4F7E5A1C6C8EA2A08F08EE19E72C
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 3F98F7A611061AA980D4496C44481750
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 3DB80BEBC7C4F4345991C0848789986A
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 0C57FB1634325489E0577E273C7B058F
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 4FE1D2B0394544CE83C31F8F189BCFC6
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/8198994083416997216/index.html
Frame ID: A099F8E1C9FEF2BE098E3FBC697D72BF
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/8148161235429666024/index.html
Frame ID: 1D64B68FDBD13620D7D9EEF9FAFDC5B2
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: FCE00BD2F2E70F5C7630651AFA2AC095
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 371A3485641792F46A79C586161154E7
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: AB90F5660DAE202008E838E0CB4F432B
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C0488CC58D52A52E285A8A84F234315B
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 241ABB30C363CAFCBC1580F58E04E4C3
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4ECE92A3AFD158F01491D5DA6A3C81BE
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B3503115A58E27E09D78889082C5E39A
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 9C8EF2F9EDEB86C53013962CD3FD818C
Requests: 2 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: A726ACB9276193557703840B7845BBF1
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Frame ID: D8ECE68F86ABA7E8897768B7802B955C
Requests: 13 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?&ld=1
Frame ID: FB83A01159A7F1B17FB0A0FAD4D6824C
Requests: 11 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 99659EC1C216167490252F1690DC92C4
Requests: 7 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: EB565A63681CD2B40FF7750CCDB1CC89
Requests: 3 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1661721559792
Frame ID: CBF521F97596E26FEC74DC9764AC4264
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: CB765D39BA73ED85A0A8208B9CE50686
Requests: 10 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: C869BD7F202EA3414ED9AD2DAEB12989
Requests: 13 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: BAA7FEA1F6B3AAF7E59C78DC6A6B0A33
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=medianet
Frame ID: 3696F32F50DC713A0E43406362D5C095
Requests: 3 HTTP requests in this frame

Frame: https://contextual.media.net/cksync.html?cs=8&vsid=3047231651531946000V10&type=rkt&refUrl=&vid=17215656183047231651531946000V10&ovsid=1972084067056602999
Frame ID: C12CD25D2BD81D0E5BD5C3C0A144F5BF
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3047231651531946000V10%26type%3Dpba%26refUrl%3D%26vid%3D17215656183047231651531946000V10%26ovsid%3DPM_UID
Frame ID: 78C4F55DB351E3E660BF572D9F2A7657
Requests: 20 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26uid%3D
Frame ID: BAD0D430F2D60FFBC905F53FA3F41DBC
Requests: 5 HTTP requests in this frame

Frame: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Frame ID: 9B6F96E9B55D807DB43343E138E67B6F
Requests: 16 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Frame ID: 7D859FB78BC485C56BDD10D57F8A772A
Requests: 1 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Frame ID: 63FF75ACD001F7F6E162F3FD969314A6
Requests: 6 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Frame ID: 41855C87702DDAB448B9B10D584EFF48
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Frame ID: E16E74848ED0224D06816100D0856B07
Requests: 3 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=mmh&i=84fa630b-dbd9-4d00-b5d5-397227d1a460&gdpr=0&gdpr_consent=
Frame ID: 7BF605DF75C8017695C69C5C570568E8
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=atm&i=Ywvb3wAJ1ZmpyAAK&gdpr=0&gdpr_consent=&_test=Ywvb3wAJ1ZmpyAAK
Frame ID: 6F1123524CE33C7CB1186696B6881A87
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=YV82MTBlNTc1OS02MjRkLTRjMzktODQwOC05ZWY1OTE2ZDBmZTA=&gdpr=0&gdpr_consent=
Frame ID: 4D3381E71E33484C873D8AE8EF38B980
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: 534DC481FF4EADCF81DE9FEBD21055D2
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=ttd&i=6e62aa03-1100-4557-a9b0-7c8160baab44
Frame ID: 03593B744D05D88AB86C0228A9EB67C4
Requests: 1 HTTP requests in this frame

Frame: https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID&gdpr=0&gdpr_consent=
Frame ID: EFC62C44B6F146922FA2E9E4B3BED2BF
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=Ywvb3sCo8YMAALh8bYIAAAAA
Frame ID: 42E8F08484FFEEF43567DED17309B6D9
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=iex&i=Ywvb2fifO9Odw.d0VttCDwAA%26862
Frame ID: 10494D74970845D2A08E19AE776DE1F7
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=DgIEBdIPGLXZXQUL9gIE&pi=gumgum&tc=1
Frame ID: 7B8A1565DBDCD1B06B379DD34323D329
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: 2A383B76CE87F2BBFC04BF64BF92DF4D
Requests: 3 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=2D90B5A0-E1E6-4867-B4F1-D1A01815D501
Frame ID: 2BEC537402AFEBC439BE3EC2E1BC335B
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:84fa630b-dbd9-4d00-b5d5-397227d1a460&gdpr=0&gdpr_consent=
Frame ID: 1C5B65F3B82E0D142CA17C90B32D325C
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Ywvb3wADGacWZABN&gdpr=0&gdpr_consent=&_test=Ywvb3wADGacWZABN
Frame ID: 26AA1BE5B6DD018A0BD85417947C9951
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=wumor5sk1xl
Frame ID: FA2521200294F1B1510E7679A03BCC39
Requests: 1 HTTP requests in this frame

Frame: https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=pubmatic&rd=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw%26piggybackCookie%3D
Frame ID: 603A8CF3658BFF19C19B03E51B5D6D61
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: 80F946F6F2D10FB7DC5DDD0283C409CD
Requests: 1 HTTP requests in this frame

Frame: https://dps.jp.cinarra.com/pxd?PLATFORM_ID=D&USER_ID=2D90B5A0-E1E6-4867-B4F1-D1A01815D501
Frame ID: 6C3B483F1FF629A8A27FDB70EB9BCACB
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=aac1720807414abc910ece0cfdfee7ad
Frame ID: CCDBE7D0373FCEE398B06E6F60616619
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:Pr3JOiBj1OspGK5&gdpr=0&gdpr_consent=
Frame ID: C7A3EBB59F594495A0E6E5E8825E977B
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=IbFZEJ9cBFKSDhH239sLYw
Frame ID: 03F1B52F3F889CFB03A686B911631103
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-e5a3c33b-e27c-4690-bcbb-2a21b8ec33b8-004
Frame ID: 0817BE2A1B691B0A5507153A84F98219
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=186419c4-2717-11ed-81cb-cf971f131576
Frame ID: AC446B6CCA858B15EB91DF4028A65F3C
Requests: 1 HTTP requests in this frame

Frame: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=d1d7729d-16e1-4e2a-8cfb-37937b965e69-tucta05615f&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Frame ID: 92CE4B87584801B32CE2E0E9EB85613B
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={viewer_token}&gdpr=0
Frame ID: 8E2CC074E2098BC1D250080B043ED34C
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync
Frame ID: 9B868275C5A0D218105187A21A1AD931
Requests: 1 HTTP requests in this frame

Frame: https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 75E889B47FDC634BAAB360954CA2B2CA
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Frame ID: A525014C8F6FF98D36B49605A4A4E39B
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/cksync.php?cs=8&vsid=3047231651531946000V10&type=pba&refUrl=&vid=17215656183047231651531946000V10&ovsid=2D90B5A0-E1E6-4867-B4F1-D1A01815D501
Frame ID: 969D4DA82168E0A205F820BB2743AC1A
Requests: 1 HTTP requests in this frame

Frame: https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID
Frame ID: F12AE295E266C72B8C704FA6BCE8708B
Requests: 1 HTTP requests in this frame

Frame: https://x.yieldlift.com/setuid?bidder=pubmatic&gdpr=0&gdpr_consent=&us_privacy=1YN-&uid=2D90B5A0-E1E6-4867-B4F1-D1A01815D501
Frame ID: 07C27CE62B83C81DDA8034D4127E0638
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

陸配篇-臺人愛拜拜走春 像放長假 - 天天要聞

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/pagead/show_ads\.js
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

512
Requests

73 %
HTTPS

0 %
IPv6

107
Domains

165
Subdomains

98
IPs

9
Countries

3995 kB
Transfer

11268 kB
Size

99
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • https://ads.aralego.com/sdk HTTP 301
  • https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
Request Chain 64
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Flu-pei-pian-tai-ren-ai-bai-bai-zou-chun-xiang-fang-chang-jia.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661721557239&bpp=14&bdt=1457&idt=509&shv=r20220822&mjsv=m202208180101&ptt=5&saldr=sa&correlator=7121588321552&frm=23&ife=1&pv=2&ga_vid=1153781641.1661721558&ga_sid=1661721558&ga_hid=1005037345&ga_fc=0&ga_cid=amp-7CyGMWah7TnXWr9O9EIxJQ&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1786&biw=1600&bih=1200&isw=336&ish=280&ifk=1789568956&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068921&oid=2&pvsid=3438147721141787&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.8nde9ymvw9wq&btvi=1&fsb=1&dtd=526 HTTP 302
  • https://adx.holmesmind.com/adx-file/20220802/wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
Request Chain 68
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Flu-pei-pian-tai-ren-ai-bai-bai-zou-chun-xiang-fang-chang-jia.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661721557257&bpp=11&bdt=1491&idt=583&shv=r20220822&mjsv=m202208230101&ptt=5&saldr=sa&correlator=7121588321552&frm=23&ife=1&pv=1&ga_vid=1616707180.1661721558&ga_sid=1661721558&ga_hid=1096349236&ga_fc=0&ga_cid=amp-7CyGMWah7TnXWr9O9EIxJQ&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=3453126527&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31069151%2C44769175&oid=2&pvsid=300050850714559&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.2gctonz5lgze&fsb=1&dtd=598 HTTP 302
  • https://adx.holmesmind.com/adx-file/20220802/wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
Request Chain 146
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGHmZZCV-wEnZ1H6waHHmL8&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGHmZZCV-wEnZ1H6waHHmL8&google_cver=1&C=1
Request Chain 147
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Ywvb2PA2IabfVgpZrBwbvAAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGHmZZCV-wEnZ1H6waHHmL8&google_cver=1
Request Chain 148
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEBVUmf2TA2OJF6klorr_E1E&google_cver=1
Request Chain 149
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzYxMjk2NDIwMDE4MDE2ODAxMw%3D%3D
Request Chain 150
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEP16w3iIWrYD9fImq9j_zb0&google_cver=1
Request Chain 151
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=Y2ZhMjQ2MzEtNzE0NC0yMmY4LWQwOWItNWY2YzFmZjAzY2Vl
Request Chain 152
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEPOoAzzWZEVD2IFRBZYo9_s&google_cver=1
Request Chain 153
  • https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=YmU1YjlkMWUtM2RhMC00Mjk3LTgyY2ItNDI2MDFiZjVkOGU1
Request Chain 179
  • https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESELrtd6fpPSpoI0i2ZJpPMvg&google_cver=1&google_push=AehlK4DKFA0fLotQVVwocNEuJOHdc2vcgVVOmYATTK0tf2JvivjoIIwwszEDGoOAiu2KwVAXVjr9L6Kh2rpM5jhYuWwZb2iiCIuNWg HTTP 302
  • https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=1603c0833113204e&is_secure=true&networkId=14000&version=1&google_gid=CAESELrtd6fpPSpoI0i2ZJpPMvg&google_cver=1&google_push=AehlK4DKFA0fLotQVVwocNEuJOHdc2vcgVVOmYATTK0tf2JvivjoIIwwszEDGoOAiu2KwVAXVjr9L6Kh2rpM5jhYuWwZb2iiCIuNWg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAALfryHZfyRaAMmprxtAAAAAAA&expiration=1661807962&google_cver=1&is_secure=true&google_gid=CAESELrtd6fpPSpoI0i2ZJpPMvg&google_push=AehlK4DKFA0fLotQVVwocNEuJOHdc2vcgVVOmYATTK0tf2JvivjoIIwwszEDGoOAiu2KwVAXVjr9L6Kh2rpM5jhYuWwZb2iiCIuNWg
Request Chain 180
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEJqiImm9F3PpZudHcOTfxyg&google_cver=1&google_push=AehlK4BFuUoBUCwPp90SJYMPJXA9H3zEuwJHKdbhYw-BDaG74lTDNCimg6vJ4WbRSyDWNQqgIAx1kQwzfiXg81iaolj-6KP3w6G-&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAehlK4BFuUoBUCwPp90SJYMPJXA9H3zEuwJHKdbhYw-BDaG74lTDNCimg6vJ4WbRSyDWNQqgIAx1kQwzfiXg81iaolj-6KP3w6G-%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEJqiImm9F3PpZudHcOTfxyg&google_cver=1&google_push=AehlK4BFuUoBUCwPp90SJYMPJXA9H3zEuwJHKdbhYw-BDaG74lTDNCimg6vJ4WbRSyDWNQqgIAx1kQwzfiXg81iaolj-6KP3w6G-&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAehlK4BFuUoBUCwPp90SJYMPJXA9H3zEuwJHKdbhYw-BDaG74lTDNCimg6vJ4WbRSyDWNQqgIAx1kQwzfiXg81iaolj-6KP3w6G-%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 181
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEPTh3ix2N_HZ5Kn08oArDds&google_cver=1&google_push=AehlK4Dp6_3hAU6CUwyWBbCa-xFzSVeYt2EZl6OI3IZwdZrX6esUki2FjUW4bjvgr_lukURSUzBWLziiOUmUpsna2o5-2oTPr2D3Wg HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEPTh3ix2N_HZ5Kn08oArDds&google_cver=1&google_push=AehlK4Dp6_3hAU6CUwyWBbCa-xFzSVeYt2EZl6OI3IZwdZrX6esUki2FjUW4bjvgr_lukURSUzBWLziiOUmUpsna2o5-2oTPr2D3Wg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODkwMDAyNjIyMDE2NDU2NjIwNw&google_push=AehlK4Dp6_3hAU6CUwyWBbCa-xFzSVeYt2EZl6OI3IZwdZrX6esUki2FjUW4bjvgr_lukURSUzBWLziiOUmUpsna2o5-2oTPr2D3Wg
Request Chain 182
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEGkES_KrYMaPxv3at8uvlkU&google_cver=1&google_push=AehlK4C15jlTvy2sZWl4sI-Z8vr9SmDkFRcAHMQv80sV6vpVETvGKUZowri_FsHrXquj3JXtAhN8cpCkj92upyXUbwdPUA5Xk75hYw HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEGkES_KrYMaPxv3at8uvlkU&google_push=AehlK4C15jlTvy2sZWl4sI-Z8vr9SmDkFRcAHMQv80sV6vpVETvGKUZowri_FsHrXquj3JXtAhN8cpCkj92upyXUbwdPUA5Xk75hYw&s=184023&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEGkES_KrYMaPxv3at8uvlkU&google_hm=Ywvb2fifO9Odw-d0VttCDwAAA14AAAAB&google_nid=index&google_push=AehlK4C15jlTvy2sZWl4sI-Z8vr9SmDkFRcAHMQv80sV6vpVETvGKUZowri_FsHrXquj3JXtAhN8cpCkj92upyXUbwdPUA5Xk75hYw
Request Chain 183
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEKxvWiUqxXaCTkO8H3F-kTQ&google_cver=1&google_push=AehlK4DhWUvTH5UhTT-XNGbWrh3Ug98r6CpC5Tla0mPKhQ2OPr7iDNbmsZoci1tE7cpZboyTXnzmgnkHHZgK5r11G15TRiXKFYOflg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_hm=55d788a4&google_redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FadExInit%3Dg&google_push=AehlK4DhWUvTH5UhTT-XNGbWrh3Ug98r6CpC5Tla0mPKhQ2OPr7iDNbmsZoci1tE7cpZboyTXnzmgnkHHZgK5r11G15TRiXKFYOflg
Request Chain 185
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEI6CoX7hA8kv1mqCIjCHQA8&google_cver=1&google_push=AehlK4DVM2rYG-BzGgaK5CNo2-Eh-nuBRsc3PlNz8x8eCIY5HP0b4Cl8r7l67cdy1VWu5qwLf5pQAl6PSJvn4otKJaRlb-3xMNHWIBU HTTP 302
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEI6CoX7hA8kv1mqCIjCHQA8&google_push=AehlK4DVM2rYG-BzGgaK5CNo2-Eh-nuBRsc3PlNz8x8eCIY5HP0b4Cl8r7l67cdy1VWu5qwLf5pQAl6PSJvn4otKJaRlb-3xMNHWIBU&s=2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AehlK4DVM2rYG-BzGgaK5CNo2-Eh-nuBRsc3PlNz8x8eCIY5HP0b4Cl8r7l67cdy1VWu5qwLf5pQAl6PSJvn4otKJaRlb-3xMNHWIBU&google_hm=eFBBb0lzQ2duVWhjTjlHMzhzdnk= HTTP 302
  • https://b1sync.zemanta.com/usersync/googleadx/?google_error=5
Request Chain 188
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEO2XN-dt9DABAXI9IBqlTqQ&google_cver=1&google_push=AehlK4DedeDG4jjuw_8aDYs5qAdIWqKxZkTQwuMqRF3PpsqdLXMhDnbQIA_UrdsfhF4YSd-HVWCIgJaEuLJkWHWHGq6HtARUx6kgZObUd2anBHidkwS8SfEOqgyXAqC6XDqddHcCROgh5A HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AehlK4DedeDG4jjuw_8aDYs5qAdIWqKxZkTQwuMqRF3PpsqdLXMhDnbQIA_UrdsfhF4YSd-HVWCIgJaEuLJkWHWHGq6HtARUx6kgZObUd2anBHidkwS8SfEOqgyXAqC6XDqddHcCROgh5A
Request Chain 189
  • https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=google&pixel_match=y&google_gid=CAESEIyRRCqLNao2dFqiYIvYIxE&google_cver=1&google_push=AehlK4D_FJUJuMGLDCK_mf6h0eMMk5eiH20zAKsVij_t51aKcb4yQSsqqreskXryyHxDsn6q8kULz416DSfXt4XByeY5-au4NBOuVeWEx5F6qg2Ydy1x7ix2YFXhK4rMjtP1MQt_Qo9v4hg HTTP 302
  • https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=google&pixel_match=y&google_gid=CAESEIyRRCqLNao2dFqiYIvYIxE&google_cver=1&google_push=AehlK4D_FJUJuMGLDCK_mf6h0eMMk5eiH20zAKsVij_t51aKcb4yQSsqqreskXryyHxDsn6q8kULz416DSfXt4XByeY5-au4NBOuVeWEx5F6qg2Ydy1x7ix2YFXhK4rMjtP1MQt_Qo9v4hg&uid-set=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=admatrix_dsp&google_push=AehlK4D_FJUJuMGLDCK_mf6h0eMMk5eiH20zAKsVij_t51aKcb4yQSsqqreskXryyHxDsn6q8kULz416DSfXt4XByeY5-au4NBOuVeWEx5F6qg2Ydy1x7ix2YFXhK4rMjtP1MQt_Qo9v4hg&google_hm=NnJMaWN1UFpvSnM=&suid-set=1 HTTP 302
  • https://sync-dsp.ad-m.asia/dsp/api/sync/result?s=google&suid-set=1&google_error=5
Request Chain 190
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEKYPpNhohYWrqPAzeMVWJIE&google_cver=1&google_push=AehlK4Axk8ro0gdY01kNkkgIEJQp0pU8pQTYebuY4VAtUt5ABdpOqlxrVk0QTHVOQe2E2ENm7uygFpPCKWKEJxEd_pGTTGN1nlrDzQDfVGQ2I2bEPR11-2YvtqeyAW3P1fzzEowRTR2fEyY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=vYFjBwSSSQ101uaKom6VpmfR_hc&google_push=AehlK4Axk8ro0gdY01kNkkgIEJQp0pU8pQTYebuY4VAtUt5ABdpOqlxrVk0QTHVOQe2E2ENm7uygFpPCKWKEJxEd_pGTTGN1nlrDzQDfVGQ2I2bEPR11-2YvtqeyAW3P1fzzEowRTR2fEyY
Request Chain 191
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEGkES_KrYMaPxv3at8uvlkU&google_cver=1&google_push=AehlK4BNcn31imph8JeuDiHtcNyxgK7USxkb8iyv8SLWeJQcm7V93MavPP5oNG2YoY-2O8YoDQKLjX0DGWviYZUqh1fkJqIGjSWaEZarCyHOefjKrW3KLcrNZTuF-9mImiDtoGJeVLiSPas HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEGkES_KrYMaPxv3at8uvlkU&google_push=AehlK4BNcn31imph8JeuDiHtcNyxgK7USxkb8iyv8SLWeJQcm7V93MavPP5oNG2YoY-2O8YoDQKLjX0DGWviYZUqh1fkJqIGjSWaEZarCyHOefjKrW3KLcrNZTuF-9mImiDtoGJeVLiSPas&s=184023&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEGkES_KrYMaPxv3at8uvlkU&google_hm=Ywvb2fifO9Odw-d0VttCDwAAA14AAAAB&google_nid=index&google_push=AehlK4BNcn31imph8JeuDiHtcNyxgK7USxkb8iyv8SLWeJQcm7V93MavPP5oNG2YoY-2O8YoDQKLjX0DGWviYZUqh1fkJqIGjSWaEZarCyHOefjKrW3KLcrNZTuF-9mImiDtoGJeVLiSPas
Request Chain 192
  • https://ads.yieldmo.com/exptsync?google_gid=CAESELmLXQ3SV-_wDxuMRrp_ToI&google_cver=1&google_push=AehlK4CTYr6UkUi0HfIzc6X1wSCCDrmNS69-Id9p621JjhismJHcjzTt7gBPqk6-roETLmWAzuTkj77p6a0j9ML-qc3o0RkHCjO8FL7oXjIlgLNJ_O8-Cb-iWizLi1R4NPxapjsEZkAPEA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AehlK4CTYr6UkUi0HfIzc6X1wSCCDrmNS69-Id9p621JjhismJHcjzTt7gBPqk6-roETLmWAzuTkj77p6a0j9ML-qc3o0RkHCjO8FL7oXjIlgLNJ_O8-Cb-iWizLi1R4NPxapjsEZkAPEA&google_hm=ZzNjNWI5ZGVjNDY1NTI5OTI4Njg=
Request Chain 244
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 245
  • https://cm.g.doubleclick.net/pixel?google_nid=tremor_video_dbm&google_cm&google_dbm HTTP 302
  • https://partners.tremorhub.com/sync?UIGL=CAESECv4W3jOQyxBQjKB_Shw-to&google_cver=1
Request Chain 246
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEOVGqRlx6iGptFbT-nEsUGM&google_cver=1 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEOVGqRlx6iGptFbT-nEsUGM&google_cver=1&__user_check__=1&sync_id=16de8912-2717-11ed-85ca-195d36af0507
Request Chain 247
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_id=16d62fc3-2717-11ed-b728-16511c4d0107 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=MTZkNjJmOGItMjcxNy0xMWVkLWI3MjgtMTY1MTFjNGQwMTA3
Request Chain 248
  • https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true&verify=true HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS0uZTVPWG90RTJ1RkdpX184dWdyem1aZDNvbi5mRTNIbn5B
Request Chain 249
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm&google_dbm HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEGqDHjOuzNjlvNNtZ7iVa-c&google_cver=1
Request Chain 250
  • https://ads.stickyadstv.com/user-matching?id=11 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=ZjE0YmNjYjZjMGJmYWVjZDQwNzI0ZjVjOTNlM2UyNWQ=&gdpr=0&gdpr_consent=
Request Chain 263
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESELikDWBIPjAh28opMmxhJiU&google_cver=1&google_push=AehlK4CrKAcUyB25SuHr6VNuLGgqU3vjAnmsmjerPf_JDMfIRoZ_7WDuVm_63BZ2hhBPup1LPyfjuNPSBug9ALc6wL9zcXN9FOwGPBdkYWqXUhcVKRKmc5h2JfN8Yws-j8FjIl9kh8AQLFsY3QkUMK4Kfgc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzM2OTE1NTYzNDQ5ODc3MDY5Mg==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESELikDWBIPjAh28opMmxhJiU&google_cver=1
Request Chain 265
  • https://match.adsrvr.org/track/cmf/google?google_gid=CAESEILtUSC7m0--l17YtNrFBZk&google_cver=1&google_push=AehlK4ARA3FLHGA8xm89cYvWQVKMPd_-rUOo22RioiVH0q1b52yPrymosWkVz8mmTtkGOJiWy8bVoNsPdJTAUTranSqkAQFPbba0nNxvYUGxeB79OrazBkgAzdF7uKNmCbvVYshiKu-N-dN96fpCyVJciRQ HTTP 302
  • https://match.adsrvr.org/track/cmb/google?google_gid=CAESEILtUSC7m0--l17YtNrFBZk&google_cver=1&google_push=AehlK4ARA3FLHGA8xm89cYvWQVKMPd_-rUOo22RioiVH0q1b52yPrymosWkVz8mmTtkGOJiWy8bVoNsPdJTAUTranSqkAQFPbba0nNxvYUGxeB79OrazBkgAzdF7uKNmCbvVYshiKu-N-dN96fpCyVJciRQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=NmU2MmFhMDMtMTEwMC00NTU3LWE5YjAtN2M4MTYwYmFhYjQ0&google_push&gdpr=0&gdpr_consent=&ttd_tdid=6e62aa03-1100-4557-a9b0-7c8160baab44
Request Chain 266
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEAGcUB1UFnDPzI0MAI0MfG4&google_cver=1&google_push=AehlK4BexsKOxsohF5WDRaeHsarBnDTbVwfFuGNo1MEuqegba2nofwkbpis_lYqLXFfDzli35hOdYGj7dFTgJuaMvM8s_A-mokOhmog7gwV-o3QYX7sSSb3_Vqtzod8hm9vk6bEyMi9txBLbcnMA6yfma64 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEAGcUB1UFnDPzI0MAI0MfG4&google_cver=1&google_push=AehlK4BexsKOxsohF5WDRaeHsarBnDTbVwfFuGNo1MEuqegba2nofwkbpis_lYqLXFfDzli35hOdYGj7dFTgJuaMvM8s_A-mokOhmog7gwV-o3QYX7sSSb3_Vqtzod8hm9vk6bEyMi9txBLbcnMA6yfma64 HTTP 302
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_custom_parameter=f114f8fa-a65c-4aa6-ad4c-32818ddf1088 HTTP 302
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_custom_parameter=f114f8fa-a65c-4aa6-ad4c-32818ddf1088 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=bd13a21d-2815-47ce-b65b-009cb57a9626&user_group=1&ssp=google&bsw_param=f114f8fa-a65c-4aa6-ad4c-32818ddf1088 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AehlK4BexsKOxsohF5WDRaeHsarBnDTbVwfFuGNo1MEuqegba2nofwkbpis_lYqLXFfDzli35hOdYGj7dFTgJuaMvM8s_A-mokOhmog7gwV-o3QYX7sSSb3_Vqtzod8hm9vk6bEyMi9txBLbcnMA6yfma64&google_hm=8RT4-qZcSqatTDKBjd8QiA==
Request Chain 267
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESELB_9UqT2cKxANXF4cQEA9E&google_cver=1&google_push=AehlK4BfczsCn4k7ojQRAmyhi9fwLAsRJMZ35pQTv3NWokhs48vP2Xmgz2t_TuOEO5vR14D2bXN_O0KqqBBk17fcrsCkqx_hQSZTD3HFxbWusVwXz5OuiAZP3sJTcqrmvMx1d81Q2lS4X19hUxljoWrU494 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AehlK4BfczsCn4k7ojQRAmyhi9fwLAsRJMZ35pQTv3NWokhs48vP2Xmgz2t_TuOEO5vR14D2bXN_O0KqqBBk17fcrsCkqx_hQSZTD3HFxbWusVwXz5OuiAZP3sJTcqrmvMx1d81Q2lS4X19hUxljoWrU494&google_hm=NzQ2NjAwMTIyNzI1MjY4NTEwOA%3D%3D
Request Chain 268
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEPTh3ix2N_HZ5Kn08oArDds&google_cver=1&google_push=AehlK4BOM2wp5yDiEcu0I9mnq_IqboMlMGC3m4CcVBTZwniwM3Sg3iNZk9zidDim1GoSkRSlqiHFBh0Vp4eRu5Tj9SWL2CwH3ruwNnmYzwKFLw-kyEJ1nmviCruiDFVcXW_LtKt-n-A38mjx7ONE-fa34Fk HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODkwMDAyNjIyMDE2NDU2NjIwNw&google_push=AehlK4BOM2wp5yDiEcu0I9mnq_IqboMlMGC3m4CcVBTZwniwM3Sg3iNZk9zidDim1GoSkRSlqiHFBh0Vp4eRu5Tj9SWL2CwH3ruwNnmYzwKFLw-kyEJ1nmviCruiDFVcXW_LtKt-n-A38mjx7ONE-fa34Fk
Request Chain 269
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEKRP2Xpbi3e3yOe-5hJfkIE&google_cver=1&google_push=AehlK4BNeoQ8Gt_ocVmW8GMKdV3gWVCv0xSv9O2oL8gXdBRkm48xhP5y74UX75cxJnewWN_snCIc5v2Ry_n0yTf9S5hi5oEDXKr0wUSn4HvrofRE2mquPXxA65k86A7AoJ5uBmk5eb70bOZXhxkfERl1sUM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AehlK4BNeoQ8Gt_ocVmW8GMKdV3gWVCv0xSv9O2oL8gXdBRkm48xhP5y74UX75cxJnewWN_snCIc5v2Ry_n0yTf9S5hi5oEDXKr0wUSn4HvrofRE2mquPXxA65k86A7AoJ5uBmk5eb70bOZXhxkfERl1sUM&google_hm=eFBBb0lzQ2duVWhjTjlHMzhzdnk=
Request Chain 272
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESELikDWBIPjAh28opMmxhJiU&google_cver=1&google_push=AehlK4CyxVZm_3AdLQDeymLMaukh7oevdM6Klv3Sn3bq20Uz2H1L0caEM4NTwVkQoVQsOkAmqJ16M1fOmmBHOleTriaCncgUN3Fh-Q HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzI5NzA5ODA0MDQ2MDg0Mjc1Ng==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESELikDWBIPjAh28opMmxhJiU&google_cver=1
Request Chain 274
  • https://um.simpli.fi/gp_match?google_gid=CAESEAV-1GgY-8k_33neJM0tVVU&google_cver=1&google_push=AehlK4AEj-OzEwEBuuFx49x_rmpHZ-l99qEbTVpG06adLYeRgV7ue2hXo6mI28PlXiPOBeDMSUhdfHJbHWQsUDbUw2edad6rBV0kNQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=44CD1B8CE5F8492FB0A28F9ECD8170E7&google_push=AehlK4AEj-OzEwEBuuFx49x_rmpHZ-l99qEbTVpG06adLYeRgV7ue2hXo6mI28PlXiPOBeDMSUhdfHJbHWQsUDbUw2edad6rBV0kNQ
Request Chain 275
  • https://match.adsrvr.org/track/cmf/google?google_gid=CAESEILtUSC7m0--l17YtNrFBZk&google_cver=1&google_push=AehlK4CKxlGFqkYQysss9y30ypkhylEZp6UukQr9e1AbhMw05_s-ixxzBmheLM0c6-fzQL2PqYjJO-Q_eJlCjjL0QY16K_a61n11Qg HTTP 302
  • https://match.adsrvr.org/track/cmb/google?google_gid=CAESEILtUSC7m0--l17YtNrFBZk&google_cver=1&google_push=AehlK4CKxlGFqkYQysss9y30ypkhylEZp6UukQr9e1AbhMw05_s-ixxzBmheLM0c6-fzQL2PqYjJO-Q_eJlCjjL0QY16K_a61n11Qg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=NmU2MmFhMDMtMTEwMC00NTU3LWE5YjAtN2M4MTYwYmFhYjQ0&google_push&gdpr=0&gdpr_consent=&ttd_tdid=6e62aa03-1100-4557-a9b0-7c8160baab44
Request Chain 276
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESELB_9UqT2cKxANXF4cQEA9E&google_cver=1&google_push=AehlK4Bs1wwS57b-m__kEwhwVXmxqRnc1bX0JYjzadBLWiAD3J74ZzOWdPFmVLJ_LwKjmYACKF6juotxNxz13pVDkXidwrpUgehsTA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AehlK4Bs1wwS57b-m__kEwhwVXmxqRnc1bX0JYjzadBLWiAD3J74ZzOWdPFmVLJ_LwKjmYACKF6juotxNxz13pVDkXidwrpUgehsTA&google_hm=MzQxOTQxMzc2NTc0Njk4NDA0MA%3D%3D
Request Chain 277
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEPTh3ix2N_HZ5Kn08oArDds&google_cver=1&google_push=AehlK4DdWEDVh7xKxB8tY8G4UKB7QeAlN2lkmpRx1EBzwpLZ71KXmPsBpEDnqWRwZmlyuZSLYs7zMcBRbQlVuHWokJlEFx3EVWpT HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODkwMDAyNjIyMDE2NDU2NjIwNw&google_push=AehlK4DdWEDVh7xKxB8tY8G4UKB7QeAlN2lkmpRx1EBzwpLZ71KXmPsBpEDnqWRwZmlyuZSLYs7zMcBRbQlVuHWokJlEFx3EVWpT
Request Chain 278
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEKRP2Xpbi3e3yOe-5hJfkIE&google_cver=1&google_push=AehlK4B_Z56uyqt1XF3faJxsLXdqnbLkVy7LkpH8jqZdHjHMZ-bgsTdE6Jb5_fZsHokBWij4NVnzlZ-qj_WxNt2KC82NzzLczRpl3A HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AehlK4B_Z56uyqt1XF3faJxsLXdqnbLkVy7LkpH8jqZdHjHMZ-bgsTdE6Jb5_fZsHokBWij4NVnzlZ-qj_WxNt2KC82NzzLczRpl3A&google_hm=eFBBb0lzQ2duVWhjTjlHMzhzdnk=
Request Chain 343
  • https://eb2.3lift.com/sync HTTP 302
  • https://eb2.3lift.com/sync?&ld=1
Request Chain 349
  • https://ad.turn.com/r/cs?pid=9&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=3369155634498770692&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 350
  • https://match.adsrvr.org/track/cmf/openx?oxid=e3cd95fb-b833-7c5c-c57b-05d5d512f28e&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=6e62aa03-1100-4557-a9b0-7c8160baab44&ttd_puid=e3cd95fb-b833-7c5c-c57b-05d5d512f28e&gdpr=0&gdpr_consent=
Request Chain 351
  • https://tg.socdm.com/rtb/sync_before?proto=openx HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Ywvb3cCo8YMAALh8bV8AAAAA
Request Chain 352
  • https://cr-p3.ladsp.jp/cookiesender/3 HTTP 302
  • https://cr-pall.ladsp.com/cookiesender/3 HTTP 302
  • https://cr-pall.ladsp.com/cookiesender/3?cr=true HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AYwMgQAJ_KB0ks8ADsWuDgxPnc8AAAGC5lLctw
Request Chain 354
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEP16w3iIWrYD9fImq9j_zb0&google_cver=1
Request Chain 361
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3658&xuid=6e62aa03-1100-4557-a9b0-7c8160baab44&dongle=0cfd
Request Chain 362
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDE1MzI3MDIxOTY5NDExNzYyNzAyOQ%3D%3D HTTP 302
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Request Chain 363
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEMDqGdTwe6vPvJST5ZeBHcY&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 364
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDE1MzI3MDIxOTY5NDExNzYyNzAyOQ%3D%3D
Request Chain 365
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=4153270219694117627029&dbredirect=true&gdpr=0&consent= HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=4153270219694117627029&dbredirect=true&gdpr=0&consent=&cookiesTest=true HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=87a0bead-f911-49bf-83b1-edbb79239dad&_noobservation=1 HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=87a0bead-f911-49bf-83b1-edbb79239dad&_noobservation=1&_expected_cookie=00927e8535f8c4f45a8088709c0b6201
Request Chain 366
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=4153270219694117627029&gdpr=0&gdpr_consent= HTTP 302
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift HTTP 302
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=a1cd311a-9479-45b8-8de4-b816fbc2c133&ssp=triplelift HTTP 302
  • https://eb2.3lift.com/xuid?mid=2409&xuid=f114f8fa-a65c-4aa6-ad4c-32818ddf1088&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 368
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/4153270219694117627029?gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-JuZYFUZE2oTz2hcaT8VVHg15iPcd8a2qXCw30KkM.w--~A&dongle=0883
Request Chain 369
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=4153270219694117627029 HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=4153270219694117627029&dcc=t
Request Chain 370
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent= HTTP 302
  • https://stags.bluekai.com/site/23178?id=xPAoIsCgnUhcN9G38svy&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5PBIEC32JONBWO3SVNBRU4OKHGM4HG5TZ&gdpr=0 HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5PBIEC32JONBWO3SVNBRU4OKHGM4HG5TZ HTTP 302
  • https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=xPAoIsCgnUhcN9G38svy
Request Chain 372
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=medianet HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=medianet
Request Chain 373
  • https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3047231651531946000V10%26type%3Drkt%26refUrl%3D%26vid%3D17215656183047231651531946000V10%26ovsid%3D%7Buserid%7D HTTP 302
  • https://contextual.media.net/cksync.html?cs=8&vsid=3047231651531946000V10&type=rkt&refUrl=&vid=17215656183047231651531946000V10&ovsid=1972084067056602999
Request Chain 375
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3047231651531946000V10%26type%3Dapx%26refUrl%3D%26vid%3D17215656183047231651531946000V10%26ovsid%3D%24UID HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3047231651531946000V10&type=apx&refUrl=&vid=17215656183047231651531946000V10&ovsid=3612964200180168013
Request Chain 376
  • https://us-u.openx.net/w/1.0/cm?id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3047231651531946000V10%26type%3Dopx%26refUrl%3D%26vid%3D17215656183047231651531946000V10%26ovsid%3D HTTP 302
  • https://contextual.media.net/cksync.html?cs=8&vsid=3047231651531946000V10&type=opx&refUrl=&vid=17215656183047231651531946000V10&ovsid=2be1fc64-1333-46bc-a634-7bbb67fd6052
Request Chain 377
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3047231651531946000V10%26type%3Dr1%26refUrl%3D%26vid%3D17215656183047231651531946000V10%26ovsid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&zcc=1&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3047231651531946000V10%26type%3Dr1%26refUrl%3D%26vid%3D17215656183047231651531946000V10%26ovsid%3D%5BRX_UUID%5D&cb=1661721566716 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8243816866 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/6e62aa03-1100-4557-a9b0-7c8160baab44 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-e5a3c33b-e27c-4690-bcbb-2a21b8ec33b8-004?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-e5a3c33b-e27c-4690-bcbb-2a21b8ec33b8-004 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rhy&i=RX-e5a3c33b-e27c-4690-bcbb-2a21b8ec33b8-004
Request Chain 378
  • https://cm.g.doubleclick.net/pixel?cs=8&google_nid=media&google_cm=1&google_hm=MzA0NzIzMTY1MTUzMTk0NjAwMFYxMA%3D%3D&google_sc=1 HTTP 302
  • https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEKgiKj8ayvo_mjAFpsg5utE&google_cver=1
Request Chain 379
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3047231651531946000V10%26type%3Ddxu%26refUrl%3D%26vid%3D17215656183047231651531946000V10%26ovsid%3D_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3047231651531946000V10%26type%3Ddxu%26refUrl%3D%26vid%3D17215656183047231651531946000V10%26ovsid%3D_wfivefivec_ HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3047231651531946000V10&type=dxu&refUrl=&vid=17215656183047231651531946000V10&ovsid=Pr3JOiBj1OspGK5
Request Chain 380
  • https://dis.criteo.com/dis/usersync.aspx?r=115&p=259&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=0069af59-2f00-44bb-bc06-080891483741
Request Chain 381
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1 HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Dmedianet%26bsw_param%3Df114f8fa-a65c-4aa6-ad4c-32818ddf1088&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=80&user_id=84fa630b-dbd9-4d00-b5d5-397227d1a460&expires=30&ssp=medianet&bsw_param=f114f8fa-a65c-4aa6-ad4c-32818ddf1088&gdpr=0&gdpr_consent= HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=f114f8fa-a65c-4aa6-ad4c-32818ddf1088&gdpr=0&gdpr_consent=&gdpr_pd=
Request Chain 382
  • https://b1sync.zemanta.com/usersync/medianet/?cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3047231651531946000V10%26type%3Dzem%26refUrl%3D%26vid%3D17215656183047231651531946000V10%26ovsid%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=xPAoIsCgnUhcN9G38svy&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPLYKBAW6SLTINTW4VLIMNHDSRZTHBZXM6JGOJSWMVLSNQ6SM5DZOBST26TFNUTHM2LEHUYTOMRRGU3DKNRRHAZTANBXGIZTCNRVGE2TGMJZGQ3DAMBQKYYTAJTWONUWIPJTGA2DOMRTGE3DKMJVGMYTSNBWGAYDAVRRGA HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPLYKBAW6SLTINTW4VLIMNHDSRZTHBZXM6JGOJSWMVLSNQ6SM5DZOBST26TFNUTHM2LEHUYTOMRRGU3DKNRRHAZTANBXGIZTCNRVGE2TGMJZGQ3DAMBQKYYTAJTWONUWIPJTGA2DOMRTGE3DKMJVGMYTSNBWGAYDAVRRGA HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&ovsid=xPAoIsCgnUhcN9G38svy&refUrl=&type=zem&vid=17215656183047231651531946000V10&vsid=3047231651531946000V10
Request Chain 383
  • https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=3047231651531946000V10 HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=medianet&ssp_user_id=3047231651531946000V10 HTTP 302
  • https://contextual.media.net/cksync.php?type=mf&ovsid=e8569581-5318-4780-946c-2d4219110e28&cs=1
Request Chain 385
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=6e62aa03-1100-4557-a9b0-7c8160baab44
Request Chain 386
  • https://token.rubiconproject.com/token?pid=26594 HTTP 302
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L7DU41EK-1I-GX9S&sigv=1&esig=2~c4d20b1ec7182b8747215cf34221cc0b2d30a587
Request Chain 387
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=nBzg17TKQHa5i1ub8rzn4Q&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=nBzg17TKQHa5i1ub8rzn4Q
Request Chain 388
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/ItXldLEKbRdJh5UjVZWU_Mn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=3419413765746984040
Request Chain 389
  • https://match.adsrvr.org/track/cmf/rubicon HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=6e62aa03-1100-4557-a9b0-7c8160baab44&gdpr=0&gdpr_consent=&expires=30
Request Chain 390
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEIYrZ1Ohp7LVcNya4OVaqO8&google_cver=1
Request Chain 391
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=zGvJMriARI2RtgM1RblDFw&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=zGvJMriARI2RtgM1RblDFw
Request Chain 392
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDdEVTQxRUstMUktR1g5Uw==
Request Chain 393
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OWE1NmZkZGE4OWU4NGFmN2M5NGYzZTg5Njc0YmI3NzBmZmZiYTQyOA
Request Chain 395
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Ywvb2fifO9Odw-d0VttCDwAAA14AAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEGkES_KrYMaPxv3at8uvlkU&google_cver=1
Request Chain 396
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Ywvb2fifO9Odw-d0VttCDwAAA14AAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Ywvb2fifO9Odw-d0VttCDwAAA14AAAAB&dcc=t
Request Chain 397
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=6e62aa03-1100-4557-a9b0-7c8160baab44&expiration=1664313565&gdpr=0&gdpr_consent=
Request Chain 399
  • https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-63c69843-30ba-4deb-bd91-84f0af7ed1c2
Request Chain 400
  • https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE HTTP 302
  • https://cm.adgrx.com/bridge.gif?AG_PID=casale HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=41&external_user_id=186419c4-2717-11ed-81cb-cf971f131576
Request Chain 401
  • https://match.prod.bidr.io/cookie-sync/ie HTTP 303
  • https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1 HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAKsKE7GF7gAAA6mr2G1sQ&expiration=1662931167
Request Chain 402
  • https://bttrack.com/pixel/cookiesync?source=67e94f23-25d6-4008-8236-375d1743c2e0&secure=1 HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=156&external_user_id=eef0d3f2-0416-40f0-9dc1-f143305712f3
Request Chain 409
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Request Chain 410
  • https://pixel.rubiconproject.com/exchange/sync.php?p=13702&gdpr=0&gdpr_consent=&us_privacy=1YN-& HTTP 302
  • https://x.yieldlift.com/setuid?bidder=rubicon&uid=L7DU41EK-1I-GX9S&gdpr=0&us_privacy=1YN-
Request Chain 411
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID HTTP 302
  • https://ads.servenobid.com/sync?pid=312&uid=3612964200180168013
Request Chain 412
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D HTTP 302
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=310&uid=FOS_DRZHV9dqWrtqShi1abO6
Request Chain 413
  • https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID&sovrn_retry=true HTTP 307
  • https://ads.servenobid.com/sync?pid=310&uid=FOS_DLZHM4q9jnWASeyi_Dzw
Request Chain 414
  • https://x.yieldlift.com/getuid?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D314%26uid%3D%24UID HTTP 301
  • https://ads.servenobid.com/sync?pid=314&uid=eyJ4dWlkIjoiY2ZkOGUyZjUtMzY3MC00ZWQwLWIzMzYtMGNmM2IwM2ZhODk3IiwiZHAiOnt9LCJiZGF5IjoiMjAyMi0wOC0yOFQyMToxOToyNi45NTA1MThaIn0=
Request Chain 415
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1661721566715 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8248891708 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/6e62aa03-1100-4557-a9b0-7c8160baab44 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-e5a3c33b-e27c-4690-bcbb-2a21b8ec33b8-004?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-e5a3c33b-e27c-4690-bcbb-2a21b8ec33b8-004 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rhy&i=RX-e5a3c33b-e27c-4690-bcbb-2a21b8ec33b8-004
Request Chain 416
  • https://p.rfihub.com/cm?pub=44007&in=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=324&uid=1921700045503418964
Request Chain 417
  • https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D HTTP 302
  • https://ads.servenobid.com/sync?pid=332&uid=7fd949bf-675e-4dde-95b0-2bdab49806f3
Request Chain 418
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=1&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-mo.net%252Fcchain%252F0%252F473%253Fgdpr%253D0%2526gdpr_consent%253D%2526us_privacy%253D1YN-%2526A%253Dc020465a-5a4e-4adb-a4ac-6bead996d320%2526bidder%253Dpubmatic%2526cbx%253DaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%25253D%2526uid%253D%2523PMUID
Request Chain 419
  • https://ups.analytics.yahoo.com/ups/58559/occ HTTP 302
  • https://ads.servenobid.com/sync?pid=337&uid=y-45yQxPdE2uEC.boVpA307e6Lte0NaMdNEklPESk-~A
Request Chain 420
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID HTTP 302
  • https://prebid.a-mo.net/cchain/0?cb=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D6%26r%3DCid1YS1hYjljNTYyNS05MmNhLTNjMDEtYThhNy0zNWE5MGJiZDUxZTcqU2h0dHBzOi8vYWRzLnNlcnZlbm9iaWQuY29tL3N5bmM_cGlkPTM0NiZ1aWQ9dWEtYWI5YzU2MjUtOTJjYS0zYzAxLWE4YTctMzVhOTBiYmQ1MWU3MgIGEjgB%26buyeruid%3D HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F6%3Fgdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26A%3Dc020465a-5a4e-4adb-a4ac-6bead996d320%26bidder%3Dappnexus%26cbx%3DaHR0cHM6Ly9zc3AuZGlzcXVzLmNvbS9tYXRjaD9iaWRkZXI9NiZyPUNpZDFZUzFoWWpsak5UWXlOUzA1TW1OaExUTmpNREV0WVRoaE55MHpOV0U1TUdKaVpEVXhaVGNxVTJoMGRIQnpPaTh2WVdSekxuTmxjblpsYm05aWFXUXVZMjl0TDNONWJtTV9jR2xrUFRNME5pWjFhV1E5ZFdFdFlXSTVZelUyTWpVdE9USmpZUzB6WXpBeExXRTRZVGN0TXpWaE9UQmlZbVExTVdVM01nSUdFamdCJmJ1eWVydWlkPQ%253D%253D%26uid%3D%24UID HTTP 302
  • https://prebid.a-mo.net/cchain/0/6?gdpr=&gdpr_consent=&us_privacy=&A=c020465a-5a4e-4adb-a4ac-6bead996d320&bidder=appnexus&cbx=aHR0cHM6Ly9zc3AuZGlzcXVzLmNvbS9tYXRjaD9iaWRkZXI9NiZyPUNpZDFZUzFoWWpsak5UWXlOUzA1TW1OaExUTmpNREV0WVRoaE55MHpOV0U1TUdKaVpEVXhaVGNxVTJoMGRIQnpPaTh2WVdSekxuTmxjblpsYm05aWFXUXVZMjl0TDNONWJtTV9jR2xrUFRNME5pWjFhV1E5ZFdFdFlXSTVZelUyTWpVdE9USmpZUzB6WXpBeExXRTRZVGN0TXpWaE9UQmlZbVExTVdVM01nSUdFamdCJmJ1eWVydWlkPQ%3D%3D&uid=3612964200180168013 HTTP 302
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%2F6%3Fgdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26A%3Dc020465a-5a4e-4adb-a4ac-6bead996d320%26bidder%3Dsovrn%26cbx%3DaHR0cHM6Ly9zc3AuZGlzcXVzLmNvbS9tYXRjaD9iaWRkZXI9NiZyPUNpZDFZUzFoWWpsak5UWXlOUzA1TW1OaExUTmpNREV0WVRoaE55MHpOV0U1TUdKaVpEVXhaVGNxVTJoMGRIQnpPaTh2WVdSekxuTmxjblpsYm05aWFXUXVZMjl0TDNONWJtTV9jR2xrUFRNME5pWjFhV1E5ZFdFdFlXSTVZelUyTWpVdE9USmpZUzB6WXpBeExXRTRZVGN0TXpWaE9UQmlZbVExTVdVM01nSUdFamdCJmJ1eWVydWlkPQ%253D%253D%26uid%3D%24UID HTTP 307
  • https://prebid.a-mo.net/cchain/1/6?gdpr=&gdpr_consent=&us_privacy=&A=c020465a-5a4e-4adb-a4ac-6bead996d320&bidder=sovrn&cbx=aHR0cHM6Ly9zc3AuZGlzcXVzLmNvbS9tYXRjaD9iaWRkZXI9NiZyPUNpZDFZUzFoWWpsak5UWXlOUzA1TW1OaExUTmpNREV0WVRoaE55MHpOV0U1TUdKaVpEVXhaVGNxVTJoMGRIQnpPaTh2WVdSekxuTmxjblpsYm05aWFXUXVZMjl0TDNONWJtTV9jR2xrUFRNME5pWjFhV1E5ZFdFdFlXSTVZelUyTWpVdE9USmpZUzB6WXpBeExXRTRZVGN0TXpWaE9UQmlZbVExTVdVM01nSUdFamdCJmJ1eWVydWlkPQ==&uid=FOS_DRZHV9dqWrtqShi1abO6 HTTP 302
  • https://ssum.casalemedia.com/usermatchredir?s=191503&gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F3%2F6%3Fgdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26A%3Dc020465a-5a4e-4adb-a4ac-6bead996d320%26bidder%3Dindex_rtb%26cbx%3DaHR0cHM6Ly9zc3AuZGlzcXVzLmNvbS9tYXRjaD9iaWRkZXI9NiZyPUNpZDFZUzFoWWpsak5UWXlOUzA1TW1OaExUTmpNREV0WVRoaE55MHpOV0U1TUdKaVpEVXhaVGNxVTJoMGRIQnpPaTh2WVdSekxuTmxjblpsYm05aWFXUXVZMjl0TDNONWJtTV9jR2xrUFRNME5pWjFhV1E5ZFdFdFlXSTVZelUyTWpVdE9USmpZUzB6WXpBeExXRTRZVGN0TXpWaE9UQmlZbVExTVdVM01nSUdFamdCJmJ1eWVydWlkPQ%253D%253D%26uid%3D HTTP 302
  • https://prebid.a-mo.net/cchain/3/6?gdpr=&gdpr_consent=&us_privacy=&A=c020465a-5a4e-4adb-a4ac-6bead996d320&bidder=index_rtb&cbx=aHR0cHM6Ly9zc3AuZGlzcXVzLmNvbS9tYXRjaD9iaWRkZXI9NiZyPUNpZDFZUzFoWWpsak5UWXlOUzA1TW1OaExUTmpNREV0WVRoaE55MHpOV0U1TUdKaVpEVXhaVGNxVTJoMGRIQnpPaTh2WVdSekxuTmxjblpsYm05aWFXUXVZMjl0TDNONWJtTV9jR2xrUFRNME5pWjFhV1E5ZFdFdFlXSTVZelUyTWpVdE9USmpZUzB6WXpBeExXRTRZVGN0TXpWaE9UQmlZbVExTVdVM01nSUdFamdCJmJ1eWVydWlkPQ%3D%3D&uid=Ywvb2fifO9Odw.d0VttCDwAA%26862 HTTP 302
  • https://cm.adform.net/cookie?gdpr=0&gdpr_consent=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F5%2F6%3Fgdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26A%3Dc020465a-5a4e-4adb-a4ac-6bead996d320%26bidder%3Dadform%26cbx%3DaHR0cHM6Ly9zc3AuZGlzcXVzLmNvbS9tYXRjaD9iaWRkZXI9NiZyPUNpZDFZUzFoWWpsak5UWXlOUzA1TW1OaExUTmpNREV0WVRoaE55MHpOV0U1TUdKaVpEVXhaVGNxVTJoMGRIQnpPaTh2WVdSekxuTmxjblpsYm05aWFXUXVZMjl0TDNONWJtTV9jR2xrUFRNME5pWjFhV1E5ZFdFdFlXSTVZelUyTWpVdE9USmpZUzB6WXpBeExXRTRZVGN0TXpWaE9UQmlZbVExTVdVM01nSUdFamdCJmJ1eWVydWlkPQ%253D%253D%26uid%3D%24UID
Request Chain 421
  • https://ups.analytics.yahoo.com/ups/58632/occ HTTP 302
  • https://ads.servenobid.com/sync?pid=339&uid=y-45yQxPdE2uEC.boVpA307e6Lte0NaMdNEklPESk-~A
Request Chain 422
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=3612964200180168013
Request Chain 423
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=84fa630b-dbd9-4d00-b5d5-397227d1a460
Request Chain 424
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3369155634498770692
Request Chain 425
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Ywvb2fifO9Odw-d0VttCDwAAA14AAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/Ywvb2fifO9Odw-d0VttCDwAAA14AAAAB
Request Chain 426
  • https://match.prod.bidr.io/cookie-sync/ie HTTP 303
  • https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1 HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAAg8E7GF7gAAA8KvkJmxw&expiration=1662931167
Request Chain 427
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=44CD1B8CE5F8492FB0A28F9ECD8170E7
Request Chain 428
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Ywvb2fifO9Odw-d0VttCDwAAA14AAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Ywvb2fifO9Odw-d0VttCDwAAA14AAAAB&dcc=t
Request Chain 435
  • https://bh.contextweb.com/bh/rtset?pid=560288&ev=1&rurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D92%26partneruserid%3D%25%25VGUID%25%25&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=92&partneruserid=DTxuxCwAw4iZ&ev=1&pid=560288&gdpr_consent=&gdpr=0
Request Chain 436
  • https://match.prod.bidr.io/cookie-sync/sas?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/sas?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAAg8U7GF7gAAA8KvkJmxw&gdpr=0
Request Chain 437
  • https://pixel.quantserve.com/pixel/p-EtBqU4Lj3YbAv.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=80&gdpr=0&partneruserid=d1el1iUG8YxsVfPSdwC4jHRco4VsBfHWJVXl2pP_
Request Chain 438
  • https://id.rlcdn.com/711890.gif?credir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D136%26partneruserid%3D&gdpr=0&gdpr_consent= HTTP 307
  • https://id.rlcdn.com/1000.gif?memo=CNK5KxoNCN-3r5gGEgUI6AcQAEJOaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2k9MSZwYXJ0bmVyaWQ9MTM2JnBhcnRuZXJ1c2VyaWQ9SgA
Request Chain 439
  • https://pixel.rubiconproject.com/exchange/sync.php?p=medianet&khaos=L7DU41EK-1I-GX9S HTTP 302
  • https://contextual.media.net/cksync.php?type=rbcn&ovsid=L7DU41EK-1I-GX9S
Request Chain 440
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=duration_media&khaos=L7DU41EK-1I-GX9S HTTP 302
  • https://ads.servenobid.com/sync?pid=323&uid=L7DU41EK-1I-GX9S
Request Chain 441
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=3612964200180168013
Request Chain 442
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=a_610e5759-624d-4c39-8408-9ef5916d0fe0&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=f114f8fa-a65c-4aa6-ad4c-32818ddf1088&ssp=gumgum2&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10528852980564319547&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.visitorid%3D%24%7BTA_DEVICE_ID%7D%26ssp%3Dgumgum2%26gdpr_consent%3D%26gdpr%3D0 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2910&partner_device_id=10528852980564319547&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.visitorid%3D%24%7BTA_DEVICE_ID%7D%26ssp%3Dgumgum2%26gdpr_consent%3D%26gdpr%3D0 HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=1a130944-7064-46ff-ad28-4a4d716baf58&ssp=gumgum2&gdpr_consent=&gdpr=0 HTTP 302
  • https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=10528852980564319547&ssp=gumgum2&gdpr=0&gdpr_consent= HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_785409&src.visitorId=209500804257005052207&ssp=gumgum2&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10528852980564319547&ssp=gumgum2&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=bsw&i=f114f8fa-a65c-4aa6-ad4c-32818ddf1088
Request Chain 443
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28xorzk6B3lHFuTMjZMwZw5TEBmXWyEI9K0uVLZcFHlNxT54_03950f5JHXGgD8X_L%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28xorzk6B3lHFuTMjZMwZw5TEBmXWyEI9K0uVLZcFHlNxT54_03950f5JHXGgD8X_L%29 HTTP 302
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=a_610e5759-624d-4c39-8408-9ef5916d0fe0&obuid=ENC(xorzk6B3lHFuTMjZMwZw5TEBmXWyEI9K0uVLZcFHlNxT54_03950f5JHXGgD8X_L) HTTP 302
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=icco6m5&ttd_tpi=1$CMP HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=ttd&uid=6e62aa03-1100-4557-a9b0-7c8160baab44
Request Chain 444
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=14f0318b-9026-440a-a200-15381d42f3c8
Request Chain 445
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-bd816307-0492-490d-74d6-e68aa26e95a6$ip$103.209.254.23
Request Chain 446
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=oth&i=y-JhD7RNFE2pf0I9laIvpqaPxIVabllvSVmIRV~A
Request Chain 447
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=a346ca98-1097-4cf9-85bd-0b31f9131484
Request Chain 450
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=a_610e5759-624d-4c39-8408-9ef5916d0fe0&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=xPAoIsCgnUhcN9G38svy&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT26CQIFXUS42DM5XFK2DDJY4UOMZYON3HSJTVONPXA4TJOZQWG6J5GEWS2LI&gdpr=0&us_privacy=1--- HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT26CQIFXUS42DM5XFK2DDJY4UOMZYON3HSJTVONPXA4TJOZQWG6J5GEWS2LI HTTP 302
  • https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=xPAoIsCgnUhcN9G38svy&us_privacy=1---
Request Chain 451
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=idi&i=189553ca-d53d-49b6-a12c-9f8ff48b699e
Request Chain 452
  • https://sync.1rx.io/usersync2/floor6?gdpr=0&gdpr_consent=&dspret=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/floor6?zcc=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D&cb=1661721566814 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8261123244 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/6e62aa03-1100-4557-a9b0-7c8160baab44 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-e5a3c33b-e27c-4690-bcbb-2a21b8ec33b8-004?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-e5a3c33b-e27c-4690-bcbb-2a21b8ec33b8-004 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rhy&i=RX-e5a3c33b-e27c-4690-bcbb-2a21b8ec33b8-004
Request Chain 453
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://usersync.gumgum.com/usersync?b=pln&i=Xu9LgtoR4mMk&ev=1&pid=558355
Request Chain 454
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sad&i=6836486443982208980
Request Chain 456
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
  • https://usersync.gumgum.com/usersync?b=mmh&i=84fa630b-dbd9-4d00-b5d5-397227d1a460&gdpr=0&gdpr_consent=
Request Chain 457
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=Ywvb3wAJ1ZmpyAAK HTTP 302
  • https://usersync.gumgum.com/usersync?b=atm&i=Ywvb3wAJ1ZmpyAAK&gdpr=0&gdpr_consent=&_test=Ywvb3wAJ1ZmpyAAK
Request Chain 460
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=ttd&i=6e62aa03-1100-4557-a9b0-7c8160baab44
Request Chain 462
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=Ywvb3sCo8YMAALh8bYIAAAAA
Request Chain 463
  • https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=iex&i=Ywvb2fifO9Odw.d0VttCDwAA%26862
Request Chain 464
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=DgIEBdIPGLXZXQUL9gIE&pi=gumgum&tc=1
Request Chain 465
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 473
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:84fa630b-dbd9-4d00-b5d5-397227d1a460&gdpr=0&gdpr_consent=
Request Chain 474
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=Ywvb3wADGacWZABN HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Ywvb3wADGacWZABN&gdpr=0&gdpr_consent=&_test=Ywvb3wADGacWZABN
Request Chain 475
  • https://cm.ambientdsp.com/cm/send?vc=pmj HTTP 301
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=wumor5sk1xl
Request Chain 477
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Request Chain 479
  • https://ipac.ctnsnet.com/int/cm?exc=14&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA%3D%26piggybackCookie%3D%5Buser_id%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=aac1720807414abc910ece0cfdfee7ad
Request Chain 480
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:Pr3JOiBj1OspGK5&gdpr=0&gdpr_consent=
Request Chain 481
  • https://gocm.c.appier.net/pubmatic HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=IbFZEJ9cBFKSDhH239sLYw
Request Chain 482
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2469040282 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/6e62aa03-1100-4557-a9b0-7c8160baab44 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-e5a3c33b-e27c-4690-bcbb-2a21b8ec33b8-004?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-e5a3c33b-e27c-4690-bcbb-2a21b8ec33b8-004 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-e5a3c33b-e27c-4690-bcbb-2a21b8ec33b8-004
Request Chain 483
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=186419c4-2717-11ed-81cb-cf971f131576
Request Chain 484
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID HTTP 302
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=d1d7729d-16e1-4e2a-8cfb-37937b965e69-tucta05615f&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Request Chain 485
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}&gdpr=0&gdpr_consent= HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={viewer_token}&gdpr=0
Request Chain 490
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=LZC1oOHmSGe08dGgGBXVAQ%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 491
  • https://idsync.rlcdn.com/420486.gif?partner_uid=2D90B5A0-E1E6-4867-B4F1-D1A01815D501 HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CIbVGRIwCiwIARCMowEaJDJEOTBCNUEwLUUxRTYtNDg2Ny1CNEYxLUQxQTAxODE1RDUwMRAAGg0I37evmAYSBQjoBxAAQgBKAA HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=616937d12674ba6086d10bf1f2f0ad446a85742918fc897c068e9d83026897ef791426b5417dce21&_=2 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlA2MTY5MzdkMTI2NzRiYTYwODZkMTBiZjFmMmYwYWQ0NDZhODU3NDI5MThmYzg5N2MwNjhlOWQ4MzAyNjg5N2VmNzkxNDI2YjU0MTdkY2UyMRAAGgwI4LevmAYSBAgCEABCAEoA HTTP 302
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlA2MTY5MzdkMTI2NzRiYTYwODZkMTBiZjFmMmYwYWQ0NDZhODU3NDI5MThmYzg5N2MwNjhlOWQ4MzAyNjg5N2VmNzkxNDI2YjU0MTdkY2UyMRAAGgwI4LevmAYSBAgCEABCAEoA&google_gid=CAESEDLvL5V4F_KpiQzArsbTSMc&google_cver=1 HTTP 307
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3= HTTP 303
  • https://idsync.rlcdn.com/458249.gif?partner_uid=ed277fbe-5e4a-4a99-9d1e-ee4a705c1d38
Request Chain 492
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=84fa630b-dbd9-4d00-b5d5-397227d1a460
Request Chain 493
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MkQ5MEI1QTAtRTFFNi00ODY3LUI0RjEtRDFBMDE4MTVENTAx&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 494
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEISttK5Zj2MYgIlvvMurd8o&google_cver=1
Request Chain 495
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:44CD1B8CE5F8492FB0A28F9ECD8170E7
Request Chain 497
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=6e62aa03-1100-4557-a9b0-7c8160baab44
Request Chain 498
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=wOuDEpK610jb6dUWwLyeSMPghUHbudcSkunPslhL
Request Chain 499
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=2D90B5A0-E1E6-4867-B4F1-D1A01815D501&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-BUYzQPdE2uXavJhzjh_Ymgd_pOk3j5M-~A&gdpr=0&gdpr_consent=
Request Chain 500
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=f114f8fa-a65c-4aa6-ad4c-32818ddf1088&ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10528852980564319547&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.visitorid%3D%24%7BTA_DEVICE_ID%7D%26ssp%3Dpubmatic%26gdpr_consent%3D%26gdpr%3D0 HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=1a130944-7064-46ff-ad28-4a4d716baf58&ssp=pubmatic&gdpr_consent=&gdpr=0 HTTP 302
  • https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=10528852980564319547&ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_785409&src.visitorId=207540804257005052388&ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10528852980564319547&ssp=pubmatic&gdpr=0&gdpr_consent=
Request Chain 501
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3612964200180168013&gdpr=0&gdpr_consent=
Request Chain 502
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8900026220164566207
Request Chain 503
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3369155634498770692&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 504
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=3612964200180168013
Request Chain 505
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=2D90B5A0-E1E6-4867-B4F1-D1A01815D501&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=43a752b64b3f2261&is_secure=true&networkId=17100&version=1&nuid=2D90B5A0-E1E6-4867-B4F1-D1A01815D501&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAMNsRav5vpMwND4N8xAAAAAAA&expiration=1661807967&nuid=2D90B5A0-E1E6-4867-B4F1-D1A01815D501&is_secure=true&gdpr_consent=&gdpr=0
Request Chain 508
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=L7DU41EK-1I-GX9S HTTP 302
  • https://usersync.gumgum.com/usersync?b=mag&i=L7DU41EK-1I-GX9S
Request Chain 515
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=2D90B5A0-E1E6-4867-B4F1-D1A01815D501 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=1a130944-7064-46ff-ad28-4a4d716baf58%252C&gdpr=0&gdpr_consent=

512 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request lu-pei-pian-tai-ren-ai-bai-bai-zou-chun-xiang-fang-chang-jia.html
www.bg3.co/a/ 		51 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.bg3.co/a/lu-pei-pian-tai-ren-ai-bai-bai-zou-chun-xiang-fang-chang-jia.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
84.17.37.44 Central, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-84-17-37-44.cdn77.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
b681a6ea36b6f48b933abac49e4179b99d27432e077a71f2490ec03bfce50a77

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
max-age=3600
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Sun, 28 Aug 2022 21:19:14 GMT
ETag
"cc0d-voyYEaJuc1P27kLoxdAmaJdU7QE"
Expires
Sun, 28 Aug 2022 22:19:14 GMT
Server
nginx/1.18.0 (Ubuntu)
Transfer-Encoding
chunked
Vary
Accept-Encoding
v0.js
cdn.ampproject.org/ 		276 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lu-pei-pian-tai-ren-ai-bai-bai-zou-chun-xiang-fang-chang-jia.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
5f8d71069d619040e5ea451d199616bf459fb1ebc73e2e5a5ade04b3c0f6d405
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
72591
x-xss-protection
0
server
sffe
date
Sun, 28 Aug 2022 21:19:15 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
private, max-age=3000, stale-while-revalidate=1206600
etag
"d68ac0b6f7bd5a0e"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 28 Aug 2022 21:19:15 GMT
amp-sidebar-0.1.js
cdn.ampproject.org/v0/ 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-sidebar-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lu-pei-pian-tai-ren-ai-bai-bai-zou-chun-xiang-fang-chang-jia.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
5c6e81664d4eceb22dec97dcfdf650d9043fe61c43c6a0bcfb8cb545a3bb6317
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9674
x-xss-protection
0
server
sffe
date
Sun, 28 Aug 2022 21:19:15 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
private, max-age=604800, stale-while-revalidate=604800
etag
"c8d982af404eb30c"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 28 Aug 2022 21:19:15 GMT
amp-auto-ads-0.1.js
cdn.ampproject.org/v0/ 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-auto-ads-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lu-pei-pian-tai-ren-ai-bai-bai-zou-chun-xiang-fang-chang-jia.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
d1555f710e3e03e1b2a96c77e01a8d363d3d2617884e6a42f2dd7211c1b4dc07
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7577
x-xss-protection
0
server
sffe
date
Sun, 28 Aug 2022 21:19:15 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
private, max-age=604800, stale-while-revalidate=604800
etag
"ba4554cc3d824f7e"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 28 Aug 2022 21:19:15 GMT
amp-analytics-0.1.js
cdn.ampproject.org/v0/ 		109 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-analytics-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lu-pei-pian-tai-ren-ai-bai-bai-zou-chun-xiang-fang-chang-jia.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
cbcdb4c75801db2fc6e6686038fd68c3512f262c3e256ef1df50978975a699e5
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32017
x-xss-protection
0
server
sffe
date
Sun, 28 Aug 2022 21:19:15 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
private, max-age=604800, stale-while-revalidate=604800
etag
"c18a359d5e98957d"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 28 Aug 2022 21:19:15 GMT
sdk
cdn.aralego.net/ucfad/sdk/apac-sg/
Redirect Chain
  • https://ads.aralego.com/sdk
  • https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
42 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lu-pei-pian-tai-ren-ai-bai-bai-zou-chun-xiang-fang-chang-jia.html
Protocol
H2
Server
172.67.71.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ae78cfe6ee6192120b022cb3c00d586542309c4b88076fe6f12c0f7ef65f015

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 21:19:15 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43300
last-modified
Mon, 25 Jul 2022 08:38:19 GMT
server
cloudflare
etag
"62de567b-a924"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EpZj7Kq9rQsyGwWi%2B%2FhElGiguwvD7oqpQJpynDd0HDWPkliTK6Yb9iv%2F1XC8dqWREAmto8VMWB5jsLimq%2BBmpCml3rGgeUJfrTK9Rs9SYYT4OzyF4L9bSQbGjcB8k8vF5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
7420158a5ea03774-MEL

Redirect headers

Location
https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
Connection
close
Content-length
0
adRecover.js
delivery.adrecover.com/43519/ 		35 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://delivery.adrecover.com/43519/adRecover.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lu-pei-pian-tai-ren-ai-bai-bai-zou-chun-xiang-fang-chang-jia.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.144 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-144.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
96ee24d7663a687fdc56a25bd030c0f39488914a1a3af94df7fd28cb7e4846d7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AU
date
Sun, 28 Aug 2022 21:19:16 GMT
content-encoding
br
last-modified
Sun, 28 Aug 2022 07:00:18 GMT
server
nginx/1.18.0
vary
Accept-Encoding
x-akamai-device
mobile:false&tablet:false
access-control-allow-origin
*
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=1
x-cf-geodata
AU
content-type
application/javascript
content-length
9527
expires
Sun, 28 Aug 2022 22:19:16 GMT
adpushup.js
cdn.adpushup.com/42753/ 		514 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/adpushup.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lu-pei-pian-tai-ren-ai-bai-bai-zou-chun-xiang-fang-chang-jia.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.161 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-161.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
fbb779a7370a139fb31695b848086c585e83ce2ee4f4633d6a47d8020ed39edd

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AU
date
Sun, 28 Aug 2022 21:19:16 GMT
content-encoding
br
last-modified
Wed, 24 Aug 2022 02:59:53 GMT
server
nginx/1.18.0
vary
Accept-Encoding
x-akamai-device
mobile:false&tablet:false
access-control-allow-origin
*
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=1
x-cf-geodata
AU
content-type
application/javascript
content-length
120977
expires
Sun, 28 Aug 2022 22:19:16 GMT
ucfad-formats.css
cdn.aralego.net/css/dev/ 		975 B
624 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.71.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 21:19:15 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3987
cf-polished
origSize=1191
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 16 Mar 2018 07:19:46 GMT
server
cloudflare
etag
W/"5aab7012-4a7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rMbWeE4N8aP3hOpcUTf6a%2BYSz%2Fhe%2FpzJepSq7ZJJaD3fB0XP%2FJLNAsz9rC2od1P27etlHEFKL8jiyUHOnBO244EPQ1%2Fuf9UMP9urtA%2B%2B%2B5BNrp3CZVryCldSqXXVNn9b9w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
7420158bc8283774-MEL
cf-bgj
minify
idRequest
sync.aralego.com/ 		46 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.120.88.131 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software
/
Resource Hash
8f87f61acb42d66fd796022d01078051089ba84090cdcdef8394099e2749c35f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 28 Aug 2022 21:19:16 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Allow-Credentials
true
Connection
close
Content-Length
46
idRequest
sync.aralego.com/ 		46 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.120.88.131 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software
/
Resource Hash
8f87f61acb42d66fd796022d01078051089ba84090cdcdef8394099e2749c35f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 28 Aug 2022 21:19:16 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Allow-Credentials
true
Connection
close
Content-Length
46
ad_request
ads.aralego.com/ 		508 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Flu-pei-pian-tai-ren-ai-bai-bai-zou-chun-xiang-fang-chang-jia.html&adid=ad-627443DBE4283AB9F7A46EA83243447&w=336&h=280&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.31686507351976045&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
209.58.171.197 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
e813a8d8d41c0dbdc33020ad6ef27d16afd2b590ceeb998e267409c8f666b829

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 28 Aug 2022 21:19:16 GMT
X-Width
336
X-Height
280
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Expose-Headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
X-AdSource
PSA
X-Adtype
html
Connection
close
Access-Control-Allow-Credentials
true
Content-Length
508
X-AdStyle
banner
ad_request
ads.aralego.com/ 		508 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Flu-pei-pian-tai-ren-ai-bai-bai-zou-chun-xiang-fang-chang-jia.html&adid=ad-627443DBE4283AB9F7A46EA83243447&w=336&h=280&ver=UCX_WEB-20200113&pos=1&seq=1&cb=0.5447581129105237&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
209.58.171.197 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
e813a8d8d41c0dbdc33020ad6ef27d16afd2b590ceeb998e267409c8f666b829

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 28 Aug 2022 21:19:16 GMT
X-Width
336
X-Height
280
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Expose-Headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
X-AdSource
PSA
X-Adtype
html
Connection
close
Access-Control-Allow-Credentials
true
Content-Length
508
X-AdStyle
banner
88550fca73ee0fcc16db3891c60149b3.jpg
static.bg3.co/imgs/202107/ 		79 KB
80 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202107/88550fca73ee0fcc16db3891c60149b3.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lu-pei-pian-tai-ren-ai-bai-bai-zou-chun-xiang-fang-chang-jia.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
21c037c88e7067307dd090bcd71acd5e8da13006e7a2af8eaa01654c1cb54de9

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 21:19:16 GMT
cf-cache-status
MISS
last-modified
Thu, 15 Jul 2021 03:28:13 GMT
server
cloudflare
etag
"88550FCA73EE0FCC16DB3891C60149B3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FpsQ5eIuX83uB2NiFB323JAcbJ6nGF66l2dizEKZMWxgyrnNzn8kyMAwM%2BnQZHLEyPkMi959lGSoMrW%2FN5xPdvbToToGHY1B3pzXaSs8tEgmfVFjl5X5KAshMS9nN4k%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
7420158d6aeb17cc-MEL
content-length
81245
expires
Sun, 04 Sep 2022 21:19:16 GMT
6ce488420caada397d41a79dace8bfb4.jpg
static.bg3.co/imgs/202105/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/6ce488420caada397d41a79dace8bfb4.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lu-pei-pian-tai-ren-ai-bai-bai-zou-chun-xiang-fang-chang-jia.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1291438ee9166d9d7254827f8fdae6554411feda8025cf2d2abbed5315c18fdc

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 21:19:16 GMT
cf-cache-status
MISS
last-modified
Fri, 28 May 2021 23:01:59 GMT
server
cloudflare
etag
"6CE488420CAADA397D41A79DACE8BFB4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3q0sLIKVjytcuGLeSa6o0Uk59W%2BQbSOVoBOKJ0tefXNi50qLxryIUmcZZ9nveJ%2B415rL0e4yQ9QLM7KDBWfppyfGwQYwINNx6hRc1HgfuL%2BKjYD7mBTswtYbwzvTK1o%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
7420158d6aec17cc-MEL
content-length
10070
expires
Sun, 04 Sep 2022 21:19:16 GMT
b1081a7bc4ec41462accbdb63ff81da8.jpg
static.bg3.co/imgs/202105/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/b1081a7bc4ec41462accbdb63ff81da8.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lu-pei-pian-tai-ren-ai-bai-bai-zou-chun-xiang-fang-chang-jia.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb7849fb8f270fb2aa552964f91861bb8074315681567af89fdb76b45dd0df3a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 21:19:16 GMT
cf-cache-status
MISS
last-modified
Thu, 27 May 2021 17:16:28 GMT
server
cloudflare
etag
"B1081A7BC4EC41462ACCBDB63FF81DA8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=spZPPgfBFctY%2FNmWZzsKAJT9%2BoBlOW84lo2lWNWYcgBDuDlODVW%2BWhLq26nD%2FRnBfczXaXH5XNP3KfpgKXGkmGdauqT13z5bxjyC%2FLnZP2ebzcC2FvC3Niqf7eNd9bk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
7420158d6aed17cc-MEL
content-length
3878
expires
Sun, 04 Sep 2022 21:19:16 GMT
170b76ccdc679949bcdd356b71d1ab42.jpg
static.bg3.co/imgs/202105/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/170b76ccdc679949bcdd356b71d1ab42.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lu-pei-pian-tai-ren-ai-bai-bai-zou-chun-xiang-fang-chang-jia.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3392a6ecf1271f7cba01119876184bacccc18766eb46b6c96cadf9837a5977e8

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 21:19:16 GMT
cf-cache-status
MISS
last-modified
Tue, 01 Jun 2021 02:59:21 GMT
server
cloudflare
etag
"170B76CCDC679949BCDD356B71D1AB42"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8AYlieMk%2F4d%2BtXP86da0ui0aZVguM6agUr37yNN%2Fz3%2BS6tk8y5nZIEAbruZJ2DMbCMwnUBe1pD8Sz8EQ7VRyj%2BPG5T98JDIBEY1cbCMjkYqTcMZomnbXBEA%2B6z%2FmZFE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
7420158d6aee17cc-MEL
content-length
11941
expires
Sun, 04 Sep 2022 21:19:16 GMT
eb7576c82e04a49c82eba1b04cfd27b0.jpg
static.bg3.co/imgs/202202/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202202/eb7576c82e04a49c82eba1b04cfd27b0.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lu-pei-pian-tai-ren-ai-bai-bai-zou-chun-xiang-fang-chang-jia.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0d4c0f954d12e3f48a2aec627e29b4d077b05442730c783f37a642dfb1849cf

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 21:19:16 GMT
cf-cache-status
MISS
last-modified
Thu, 03 Feb 2022 11:12:18 GMT
server
cloudflare
etag
"EB7576C82E04A49C82EBA1B04CFD27B0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uXyFyR0XWHT8ciYAwC8iQclrj5eEIHFTtBi60%2FgXkCQ7dwGyPzaUgdbYULLtaGg5g15UKU%2Ftmj833f1grU9NLR55X9qVNUD2rfo45c7TGcKy6tOcKexKPg8KHmwJo2w%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
7420158d6af017cc-MEL
content-length
13085
expires
Sun, 04 Sep 2022 21:19:16 GMT
11eafd7d0fc1ff3130301b14855a0849.jpg
static.bg3.co/imgs/202105/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/11eafd7d0fc1ff3130301b14855a0849.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lu-pei-pian-tai-ren-ai-bai-bai-zou-chun-xiang-fang-chang-jia.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
815ff5873860156c9bc36d61bbca9442a9a7fac954f99bbca0815ce137408362

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 21:19:16 GMT
cf-cache-status
MISS
last-modified
Fri, 28 May 2021 19:19:52 GMT
server
cloudflare
etag
"11EAFD7D0FC1FF3130301B14855A0849"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KQ1JxSgQSwEmjQoWW9j2I2vFLPfXMnXgFq3GHqgKMGwnz0E2RJNIaeNEdJzO903qr2lpdZWei0z80dGS%2BW0%2BmbW5C17wiNfGQX2fw39zISBXmV%2FshTvce%2Bm%2FqyD0%2FYg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
7420158d6aef17cc-MEL
content-length
7522
expires
Sun, 04 Sep 2022 21:19:16 GMT
38cdc8f41d15e87fdcddb0306cdab2f4.jpg
static.bg3.co/imgs/202106/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/38cdc8f41d15e87fdcddb0306cdab2f4.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lu-pei-pian-tai-ren-ai-bai-bai-zou-chun-xiang-fang-chang-jia.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9072e23185fc321b7686ab6eef3ec49d6cbc088102bd320050c886a1160688c7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 21:19:16 GMT
cf-cache-status
MISS
last-modified
Sun, 06 Jun 2021 09:28:54 GMT
server
cloudflare
etag
"38CDC8F41D15E87FDCDDB0306CDAB2F4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=95PCpFNxmsjPEI3Br%2BVkpBz2vWMNIeg4urItUo%2BWX9E3vTq6cLTqi%2Fkvo4T3Z9OS1RUDGCUXFq3Hs30DgrZxToPFAzc1ENLJRasJMgKZfN%2FFLtpFEDR07Aj98uR1Izg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
7420158d6aea17cc-MEL
content-length
8085
expires
Sun, 04 Sep 2022 21:19:16 GMT
556781645315c9cd61096d41700b88fd.jpg
static.bg3.co/imgs/202105/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/556781645315c9cd61096d41700b88fd.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lu-pei-pian-tai-ren-ai-bai-bai-zou-chun-xiang-fang-chang-jia.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
61b86c2e52c7823c24186ad10b90e606014e5224f138f5f01a644c89548a188d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 21:19:16 GMT
cf-cache-status
MISS
last-modified
Fri, 28 May 2021 13:41:49 GMT
server
cloudflare
etag
"556781645315C9CD61096D41700B88FD"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BAgreqvKW6Ky0FbIdzZSVoU%2FH3GwuF5OQXDKFUujBoD1YJcYjwlZMVMgdk1qB9KnKeyeMhR7Xq3gnxTyWaOkC%2FwgkDsUnbCuzYuvDgyBUWf9TkY8Rd%2Bfrcwc%2BqEgBaA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
7420158d6ae917cc-MEL
content-length
4048
expires
Sun, 04 Sep 2022 21:19:16 GMT
d3cf4bea5cb6ec21f97ad1183c095591.jpg
static.bg3.co/imgs/202105/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/d3cf4bea5cb6ec21f97ad1183c095591.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lu-pei-pian-tai-ren-ai-bai-bai-zou-chun-xiang-fang-chang-jia.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bfa2161c14f3c7ce96e241c5c94b2aface7d798d74652d1d95dae7f8225dce6f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 21:19:16 GMT
cf-cache-status
MISS
last-modified
Fri, 28 May 2021 23:56:13 GMT
server
cloudflare
etag
"D3CF4BEA5CB6EC21F97AD1183C095591"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=39NBrkMsgeiHPvqAvptM2c66HFa18vONBLK6YVoGkQtIDisli%2B3k96N43Q%2FbAlkVGLdueBp5ZXuWLG%2BE%2FdKxSG%2BH8Ex%2BZvz%2FxfG%2Bw2Nx2f0gf%2FUTYDrUNnUQ5vKLsOo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
7420158e2b9c17cc-MEL
content-length
9893
expires
Sun, 04 Sep 2022 21:19:16 GMT
55495760176b30e1809d6068d185f004.jpg
static.bg3.co/imgs/202105/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/55495760176b30e1809d6068d185f004.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lu-pei-pian-tai-ren-ai-bai-bai-zou-chun-xiang-fang-chang-jia.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
136afffe89161266192c90c57591e40302f28d3f47eee53e83166a7432fb7cff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 21:19:16 GMT
cf-cache-status
MISS
last-modified
Sat, 29 May 2021 01:53:30 GMT
server
cloudflare
etag
"55495760176B30E1809D6068D185F004"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eNbIVQNjPz5%2F2Z3%2BZEP09QVDzozMBLKCGsGK7LBSftO4fkX1KwuHyTl7w0jBkS55xKIP4zjmvvEpSUGb5XYWX%2F%2BNs9AxealoO6N%2Bt6pVcBiKk3mPCW%2FqdjgkoO5DvKE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
7420158e2b9f17cc-MEL
content-length
7637
expires
Sun, 04 Sep 2022 21:19:16 GMT
ae7fd3ff3938d707bbbf3d34efe2c566.jpg
static.bg3.co/imgs/202106/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/ae7fd3ff3938d707bbbf3d34efe2c566.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lu-pei-pian-tai-ren-ai-bai-bai-zou-chun-xiang-fang-chang-jia.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b7b84c4056c9e0bca51d528ac9d64e0fbd34efd7de4b9f003fa6157de9d300e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 21:19:16 GMT
cf-cache-status
MISS
last-modified
Tue, 08 Jun 2021 01:28:10 GMT
server
cloudflare
etag
"AE7FD3FF3938D707BBBF3D34EFE2C566"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e%2FkotJWzmQW%2BkreA1IecszNMyxdYr6P4WixAqT3dW%2BXBiV9IxkMnTSmrYszefJf4YIXCYOd%2Bkj9C3YuIWAIXclguwNXpWhGZxewQ%2B4ca9TDks5eQDBcz%2BECwAJM0iok%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
7420158e2ba117cc-MEL
content-length
6074
expires
Sun, 04 Sep 2022 21:19:16 GMT
f19ebf99ec54f76aafd36cd9d76fa335.jpg
static.bg3.co/imgs/202105/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/f19ebf99ec54f76aafd36cd9d76fa335.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lu-pei-pian-tai-ren-ai-bai-bai-zou-chun-xiang-fang-chang-jia.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d9c576df3f052533a576f70e2dc96d7e2d4c531aa9b0c744debb2905b449978

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 21:19:16 GMT
cf-cache-status
MISS
last-modified
Fri, 28 May 2021 18:56:41 GMT
server
cloudflare
etag
"F19EBF99EC54F76AAFD36CD9D76FA335"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w%2F%2FBtykKQIlAWOvZRkzkvdgkdvB4W8vqaL0T2iZf3Bl2At6mlgD%2F%2FFfWUc%2Fv6CkQjybzCAXL0TDd2tsly4NkTR0je%2BnvsShI99KQX6RMRnqyah9UEbq1jxySUoty0UA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
7420158e2ba417cc-MEL
content-length
6626
expires
Sun, 04 Sep 2022 21:19:16 GMT
80843ebfb1fccb6bb2fdbd04e518fce2.jpg
static.bg3.co/imgs/202105/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/80843ebfb1fccb6bb2fdbd04e518fce2.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lu-pei-pian-tai-ren-ai-bai-bai-zou-chun-xiang-fang-chang-jia.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
457a533b7b4cb3bf5b4351eb231b5604ada74c8c2f571f768c2639b6150b265a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 21:19:16 GMT
cf-cache-status
MISS
last-modified
Fri, 28 May 2021 23:05:48 GMT
server
cloudflare
etag
"80843EBFB1FCCB6BB2FDBD04E518FCE2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lzWxpajFdZlKdIar6jnWalQioXKAR46rb%2BBE0UlVF%2FWw4%2BgaA5copNvZNXoVWOUPnAEFDLLiE%2B6lPycJVHPZMx7MXBi8eNj72k54mMITdFn%2BzLzCrR6UPwYFZXE8pwM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
7420158e2ba617cc-MEL
content-length
9734
expires
Sun, 04 Sep 2022 21:19:16 GMT
b4c9fc86132b7864cbdbb1cfb38bba57.jpg
static.bg3.co/imgs/202106/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/b4c9fc86132b7864cbdbb1cfb38bba57.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lu-pei-pian-tai-ren-ai-bai-bai-zou-chun-xiang-fang-chang-jia.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ddeadaba89d6948bea2ed014428639effa349263d434d0a881d5a11faaa162a1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 21:19:16 GMT
cf-cache-status
MISS
last-modified
Tue, 08 Jun 2021 01:33:16 GMT
server
cloudflare
etag
"B4C9FC86132B7864CBDBB1CFB38BBA57"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FdjJDaJ99lNuuHtp88XdWGb0BCzFbc51mT8riXRTl%2BVviiVrALTaPlR4%2F50b7zgNgDxEwYpwYv%2FLMa4BDeyfxZO0pBrQN%2FKLf6i%2FB0bZjruAAMLU5sro%2BHiiYfo9IHg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
7420158e2ba717cc-MEL
content-length
11720
expires
Sun, 04 Sep 2022 21:19:16 GMT
c7ea48f8b6871bab0aa88585f4d0e175.jpg
static.bg3.co/imgs/202106/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/c7ea48f8b6871bab0aa88585f4d0e175.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lu-pei-pian-tai-ren-ai-bai-bai-zou-chun-xiang-fang-chang-jia.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c49059b3a9527be204f905008679875a336cc6900cc202200c9dbf384a3b93ad

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 21:19:16 GMT
cf-cache-status
MISS
last-modified
Tue, 01 Jun 2021 12:30:13 GMT
server
cloudflare
etag
"C7EA48F8B6871BAB0AA88585F4D0E175"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tOPKXa178pc6RwRmZwB%2BQ8%2FkhFC7yf%2FV%2B0mTGOfXEoWyX7kyxb2Wzcr059OTkftb%2FZkopZMp4bNNW%2FQ46UQfKmyN1SeHGpwCf0nQZ%2FTMcqOfmJteY%2FgfwXNkx6P%2BdmU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
7420158e2ba817cc-MEL
content-length
6995
expires
Sun, 04 Sep 2022 21:19:16 GMT
5d70bbe1e4dc21875d1975716ed6c4da.jpg
static.bg3.co/imgs/202202/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202202/5d70bbe1e4dc21875d1975716ed6c4da.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lu-pei-pian-tai-ren-ai-bai-bai-zou-chun-xiang-fang-chang-jia.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
77c88679ccd0e7ad85e6d08bef7c30d5d29beb85558d7069c7f292218169ee95

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 21:19:16 GMT
cf-cache-status
MISS
last-modified
Sat, 05 Feb 2022 03:23:31 GMT
server
cloudflare
etag
"5D70BBE1E4DC21875D1975716ED6C4DA"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j6PAI01JbFSyGkhUS%2BH%2FUtenXWYjJblxj8hMhI6QkAvS2u4IhvdImmWv5cqW9fmX1iR8IyJxPVYM56dzJu6mNFkE3WK9uFHRAUWKoAqYgr%2Bw%2FBPFuQX1OvpZ4uPdqfc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
7420158e2ba917cc-MEL
content-length
9085
expires
Sun, 04 Sep 2022 21:19:16 GMT
ad046a6b65cf3e3344ed374213b18b53.jpg
static.bg3.co/imgs/202106/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/ad046a6b65cf3e3344ed374213b18b53.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lu-pei-pian-tai-ren-ai-bai-bai-zou-chun-xiang-fang-chang-jia.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5279582c53093402180b85ad5d8f02980c6f6fc41a0c523d446b3c3362898bc4

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 21:19:16 GMT
cf-cache-status
MISS
last-modified
Tue, 08 Jun 2021 00:57:08 GMT
server
cloudflare
etag
"AD046A6B65CF3E3344ED374213B18B53"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VECRPHaulqoDviyupSmUtxmmhlKFlR1tuVSC%2B3m4gLgXfPxvRKhO6e3%2BlJj7Okv9p8RpU082v3cy5jfEqtPcA7dXwMqH6CPivrIkfVRVkV2Qp7MYMOpKYsgZ0ao0pEI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
7420158e2baa17cc-MEL
content-length
9331
expires
Sun, 04 Sep 2022 21:19:16 GMT
5a747b5c604d244bbd6f569b9b665510.jpg
static.bg3.co/imgs/202105/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/5a747b5c604d244bbd6f569b9b665510.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lu-pei-pian-tai-ren-ai-bai-bai-zou-chun-xiang-fang-chang-jia.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ad0664b179d3514a9a01ab6b828140af6fb877def8104fab6027fd3ce49b89d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 21:19:16 GMT
cf-cache-status
MISS
last-modified
Tue, 25 May 2021 08:16:37 GMT
server
cloudflare
etag
"5A747B5C604D244BBD6F569B9B665510"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YgAtaIqUgC7TYDrdqsdpSUxqIo%2Fny%2Bam9fw17Bjcb0MVEjQAQBQoYtwPbdsb336mg0dvnUEnJbhkbJNMpdDyBED8o8iwXR4oKuvLSuOkGZ5g1jW7v4VTiC1frE%2FD6ZA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
7420158e2bab17cc-MEL
content-length
4144
expires
Sun, 04 Sep 2022 21:19:16 GMT
69440064a651bddf154682811a473f7a.jpg
static.bg3.co/imgs/202105/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/69440064a651bddf154682811a473f7a.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lu-pei-pian-tai-ren-ai-bai-bai-zou-chun-xiang-fang-chang-jia.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f483654d82a51341507becf99599d4e93c33f60a35154c1ae4c5a402d4ff02af

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 21:19:16 GMT
cf-cache-status
MISS
last-modified
Mon, 24 May 2021 22:05:28 GMT
server
cloudflare
etag
"69440064A651BDDF154682811A473F7A"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8VSQxZqKCibhr4jj%2FHixpkXXvoVCkfqAhnsfEdHAxHs%2BkyDk3DwVJudJlSHOICvDSlaEzcgQ%2BumHt6V6C7Jg4J7ntbz8CwgLtMoPVnn7BkR3ulgSFVhaISUEpZa6uV4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
7420158e2bac17cc-MEL
content-length
7911
expires
Sun, 04 Sep 2022 21:19:16 GMT
amp-auto-lightbox-0.1.js
cdn.ampproject.org/rtv/012208121708000/v0/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012208121708000/v0/amp-auto-lightbox-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
740ffa5ffc4ed6a504bcc5f6f9fe5bcd3af393bf1a3d621944bac18722075553
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
347469
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2995
x-xss-protection
0
server
sffe
date
Wed, 24 Aug 2022 20:48:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"2d2f0c9c768f6ba9"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 24 Aug 2023 20:48:07 GMT
amp-ad-0.1.js
cdn.ampproject.org/rtv/012208121708000/v0/ 		81 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012208121708000/v0/amp-ad-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
6dd09c80d743e5c5e9bd8ab6ceed8f1a48d40e914681043e0cacd30f584ec1df
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
347469
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23065
x-xss-protection
0
server
sffe
date
Wed, 24 Aug 2022 20:48:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"069ae92740d24a46"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 24 Aug 2023 20:48:07 GMT
ama
pagead2.googlesyndication.com/getconfig/ 		5 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/ama?client=ca-pub-3216231935713038&plah=www.bg3.co&ama_t=amp&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Flu-pei-pian-tai-ren-ai-bai-bai-zou-chun-xiang-fang-chang-jia.html&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
cafe /
Resource Hash
4dc189b45c6485c80edecc3b8b60fdd033b1408ec6e11fa940f4ac977a8d8904
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 28 Aug 2022 21:19:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
589
x-xss-protection
0
amp-loader-0.1.js
cdn.ampproject.org/rtv/012208121708000/v0/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012208121708000/v0/amp-loader-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
a0959a3ef0c2403f6026292415a5ecd2f9eabf8d11ff040609eb8c5d88734810
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
347469
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3841
x-xss-protection
0
server
sffe
date
Wed, 24 Aug 2022 20:48:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"a89096bd4dac0edc"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 24 Aug 2023 20:48:07 GMT
jquery-2.2.2.min.js
code.jquery.com/ 		84 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-2.2.2.min.js
Requested by
Host: delivery.adrecover.com
URL: https://delivery.adrecover.com/43519/adRecover.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
tlb.hwcdn.net
Software
nginx /
Resource Hash
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 21:19:16 GMT
content-encoding
gzip
last-modified
Wed, 16 Feb 2022 10:50:39 GMT
server
nginx
etag
W/"620cd6ff-14e98"
vary
Accept-Encoding
x-hw
1661721556.dop221.la3.t,1661721556.cds218.la3.hn,1661721556.cds210.la3.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
29880
amp-sticky-ad-1.0.js
cdn.ampproject.org/rtv/012208121708000/v0/ 		39 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012208121708000/v0/amp-sticky-ad-1.0.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
73cebcd1f01c0af24cf0b3dfdc4989de4feed5f04fc5d399f6096d5194201400
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
347469
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10236
x-xss-protection
0
server
sffe
date
Wed, 24 Aug 2022 20:48:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"3e723257ea406594"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 24 Aug 2023 20:48:07 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame FB0E 		118 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
cafe /
Resource Hash
0d3c323830d360b2f92810a1dbe5f027c8bb39dbc5780c98bee9c348d1bddf6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 21:19:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40290
x-xss-protection
0
server
cafe
etag
7063077154084368768
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 28 Aug 2022 21:19:16 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 6033 		117 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
cafe /
Resource Hash
36df198b5853cb6a659189147fadeb7e4a8939bce04a509d7cc8c8d77327ff17
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 21:19:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40217
x-xss-protection
0
server
cafe
etag
2503069172447063104
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 28 Aug 2022 21:19:16 GMT
amp-ad-network-adsense-impl-0.1.js
cdn.ampproject.org/rtv/012208121708000/v0/ 		214 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012208121708000/v0/amp-ad-network-adsense-impl-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
0962992388017b566b3a129965a7dcd3da217015293874236154b9d4613f176e
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
137589
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
57837
x-xss-protection
0
server
sffe
date
Sat, 27 Aug 2022 07:06:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"d9de18c3b0ae27e6"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 27 Aug 2023 07:06:07 GMT
cookieSyncIframe.html
cdn.aralego.net/ucfad/cookie/ Frame 5591 		714 B
862 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.71.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

access-control-allow-credentials
true
age
1208
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
74201590ed945ab0-MEL
content-encoding
br
content-type
text/html
date
Sun, 28 Aug 2022 21:19:16 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified
Wed, 09 Feb 2022 05:59:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6JKEakN7CEd7NMVk7E0%2BqBZJeTHq8qwYBE533UrBFjJXgiDExQ2m3WsnpWBbNHmyTfkHiUOevxwSd1WIaK08sw4FJzIo90HsmK8HiAA7J1%2F1ME4N48eky2T9Ol7gJu%2BWjg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
idsync
sync.aralego.com/ 		35 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aralego.com/idsync?gdpr=1&euconsent-v2=${GDPR_CONSENT_607}&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lu-pei-pian-tai-ren-ai-bai-bai-zou-chun-xiang-fang-chang-jia.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.120.88.131 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 28 Aug 2022 21:19:16 GMT
Connection
close
Content-Length
35
Content-Type
image/gif
cookieSyncIframe.html
cdn.aralego.net/ucfad/cookie/ Frame AD05 		714 B
835 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.71.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

access-control-allow-credentials
true
age
1208
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
74201590fdac5ab0-MEL
content-encoding
br
content-type
text/html
date
Sun, 28 Aug 2022 21:19:16 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified
Wed, 09 Feb 2022 05:59:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bd4L%2FzDD26S8UKNdm5pxNglipCvxqtbaeJrswvic%2BYYLIN8%2BBIXSaX%2Fhf1u955vXQYxT%2Bx8c1nR0nhtyx2wqjTcRMGAkCExMpdC%2F0%2F7XHdYcxdkyE%2FQ%2BSu8r143klezDnw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 5591 		83 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f156.1e100.net
Software
sffe /
Resource Hash
7756d206dc3ead613edcff96d9a65e380e24c1dd9c973425762d0628bfc3faaf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 21:19:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28647
x-xss-protection
0
server
sffe
etag
"1317 / 91 of 1000 / last-modified: 1661551853"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 28 Aug 2022 21:19:17 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame AD05 		83 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f156.1e100.net
Software
sffe /
Resource Hash
7756d206dc3ead613edcff96d9a65e380e24c1dd9c973425762d0628bfc3faaf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 21:19:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28647
x-xss-protection
0
server
sffe
etag
"1317 / 987 of 1000 / last-modified: 1661551853"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 28 Aug 2022 21:19:17 GMT
gtag.json
cdn.ampproject.org/rtv/012208121708000/v0/analytics-vendors/ 		2 KB
931 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012208121708000/v0/analytics-vendors/gtag.json
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
a8993772c9eb591474f38d257bebc8c4286703e1af72d04c8c294be5fff7b649
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
273263
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
901
x-xss-protection
0
server
sffe
date
Thu, 25 Aug 2022 17:24:53 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
application/json
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"f8ad7a45fe031326"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 25 Aug 2023 17:24:53 GMT
jquery-3.6.0.min.js
code.jquery.com/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.6.0.min.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
tlb.hwcdn.net
Software
nginx /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 21:19:16 GMT
content-encoding
gzip
last-modified
Wed, 16 Feb 2022 10:50:39 GMT
server
nginx
etag
W/"620cd6ff-15d9d"
vary
Accept-Encoding
x-hw
1661721557.dop221.la3.t,1661721557.cds218.la3.hn,1661721556.cds267.la3.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30875
integrator.json
adservice.google.com/adsid/ 		86 B
572 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.json?domain=www.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
14cfb5058acaf3af2f07088f1582f29941d7a4cc74fd1cea5050cecad862d154
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 28 Aug 2022 21:19:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
access-control-allow-origin
https://www.bg3.co
cache-control
private, no-cache, no-store
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
83
x-xss-protection
0
nameframe.html
d-42268595762681362673.ampproject.net/2208121708000/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://d-42268595762681362673.ampproject.net/2208121708000/nameframe.html
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f94.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
amp
www.googletagmanager.com/gtag/ 		610 B
808 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/amp?__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
8492f3fc13f89700f09e8a96308911979a6289be084af2c497ea54dbd7dd7f5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=utf-8

Response headers

date
Sun, 28 Aug 2022 21:19:17 GMT
content-encoding
br
vary
*
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="amp.json"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
258
x-xss-protection
0
pragma
no-cache
amp-access-control-allow-source-origin
https://www.bg3.co
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
expires
Fri, 01 Jan 1990 00:00:00 GMT
block.jpg
delivery.adrecover.com/ 		631 B
915 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://delivery.adrecover.com/block.jpg?ts=1661721557094
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lu-pei-pian-tai-ren-ai-bai-bai-zou-chun-xiang-fang-chang-jia.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.144 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-144.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AU
date
Sun, 28 Aug 2022 21:19:17 GMT
last-modified
Wed, 23 Jun 2021 06:37:54 GMT
server
nginx/1.18.0
etag
"60d2d6c2-277"
vary
Accept-Encoding
x-akamai-device
mobile:false&tablet:false
access-control-allow-origin
*
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=1
accept-ranges
bytes
content-type
image/jpeg
content-length
631
expires
Sun, 28 Aug 2022 22:19:17 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208180101/ Frame FB0E 		342 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208180101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
cafe /
Resource Hash
068394cc3c525fb851a17d0fd9fb980de631f29b323b0bf02409e34ce3dd24cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 21:19:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
122961
x-xss-protection
0
server
cafe
etag
9204477311143058588
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sun, 28 Aug 2022 21:19:17 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208230101/ Frame 6033 		342 KB
121 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208230101/show_ads_impl_fy2021.js?bust=31069151
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
cafe /
Resource Hash
6908c32c745a63c87a7d98587ee1e002e3e2f108bb21054d36d050fc276c8709
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 21:19:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
123349
x-xss-protection
0
server
cafe
etag
3325601524671051512
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sun, 28 Aug 2022 21:19:17 GMT
pb.42753.1661278076254.v6.js
cdn.adpushup.com/prebid/ 		342 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/prebid/pb.42753.1661278076254.v6.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.161 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-161.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
e144e8b6ee619780391596ee29839469ce3f0914740edf0a6e42e109ab003f21

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AU
date
Sun, 28 Aug 2022 21:19:18 GMT
content-encoding
br
last-modified
Tue, 23 Aug 2022 18:08:10 GMT
server
nginx/1.18.0
etag
W/"6305178a-557f3"
vary
Accept-Encoding
x-akamai-device
mobile:false&tablet:false
access-control-allow-origin
*
cache-control
max-age=31536000
server-timing
cdn-cache; desc=HIT, edge; dur=16
content-type
application/javascript
content-length
93716
expires
Mon, 28 Aug 2023 21:19:18 GMT
log
aplogger.adpushup.com/ 		0
54 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aplogger.adpushup.com/log?event=PAGE_VIEW&data=eyJzaXRlSWQiOjQyNzUzfQ%3D%3D&pxRes=false
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lu-pei-pian-tai-ren-ai-bai-bai-zou-chun-xiang-fang-chang-jia.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.211.156.162 Mumbai, India, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 21:19:17 GMT
server
nginx/1.14.0 (Ubuntu)
b160311f-76e4-4978-906d-c6a2b155879a
https://www.bg3.co/ 		4 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.bg3.co/b160311f-76e4-4978-906d-c6a2b155879a
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lu-pei-pian-tai-ren-ai-bai-bai-zou-chun-xiang-fang-chang-jia.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
41f36457d5ec5bd7d115c29bea53e0d1ff77de7418837ef39e897f3b7d497e8a

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
3743
pubads_impl_2022082202.js
securepubads.g.doubleclick.net/gpt/ Frame 5591 		384 KB
131 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082202.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f156.1e100.net
Software
sffe /
Resource Hash
07572f31a00b1843fc6d9a1eb3155eaf2a46089213d6740f302cf34f83738040
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 17:43:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
272138
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133587
x-xss-protection
0
last-modified
Tue, 23 Aug 2022 21:21:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 25 Aug 2023 17:43:39 GMT
feedback
feedback.adrecover.com/ARWebService/ 		70 B
227 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://feedback.adrecover.com/ARWebService/feedback?ts=1661721557402&adBlockedAA=false&packetId=00000001-5d5d3a2d-e7bc-474a-bca1-7814f40326bf&siteId=43519&pageGroup=POST_ADRECOVER&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Flu-pei-pian-tai-ren-ai-bai-bai-zou-chun-xiang-fang-chang-jia.html
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lu-pei-pian-tai-ren-ai-bai-bai-zou-chun-xiang-fang-chang-jia.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Aug 2022 21:19:17 GMT
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-robots-tag
noindex
content-length
70
expires
0
pubads_impl_2022082202.js
securepubads.g.doubleclick.net/gpt/ Frame AD05 		384 KB
131 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082202.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f156.1e100.net
Software
sffe /
Resource Hash
07572f31a00b1843fc6d9a1eb3155eaf2a46089213d6740f302cf34f83738040
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 17:43:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
272138
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133587
x-xss-protection
0
last-modified
Tue, 23 Aug 2022 21:21:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 25 Aug 2023 17:43:39 GMT
collect
www.google-analytics.com/r/ 		35 B
396 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=a1&ds=AMP&aip&_s=1&dt=%E9%99%B8%E9%85%8D%E7%AF%87%EF%BC%8D%E8%87%BA%E4%BA%BA%E6%84%9B%E6%8B%9C%E6%8B%9C%E8%B5%B0%E6%98%A5%20%E5%83%8F%E6%94%BE%E9%95%B7%E5%81%87%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&sr=1600x1200&cid=amp-7CyGMWah7TnXWr9O9EIxJQ&tid=UA-172083736-2&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Flu-pei-pian-tai-ren-ai-bai-bai-zou-chun-xiang-fang-chang-jia.html&dr=&sd=24&ul=en-us&de=UTF-8&t=pageview&jid=0.537673963484276&gjid=0.5631361132865065&_r=1&a=5149&z=0.12643542598140267&gtm=2pu000
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lu-pei-pian-tai-ren-ai-bai-bai-zou-chun-xiang-fang-chang-jia.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f139.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Aug 2022 21:19:17 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame A6CD 		603 B
627 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=1600x250&w=1600&h=250&ptt=12&adk=2733026255&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-26409948333996239669&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=470780615&nhd=0&adx=0&ady=3009&oid=2&is_amp=5&amp_v=2208121708000&d_imp=1&c=7799005149&ga_cid=amp-7CyGMWah7TnXWr9O9EIxJQ&ga_hid=5149&dt=1661721557095&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Flu-pei-pian-tai-ren-ai-bai-bai-zou-chun-xiang-fang-chang-jia.html&bdt=2295&dtd=370&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012208121708000/v0/amp-ad-0.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 28 Aug 2022 21:19:18 GMT
expires
Sun, 28 Aug 2022 21:19:18 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
cookie.js
partner.googleadservices.com/gampad/ Frame FB0E 		379 B
692 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208180101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
cafe /
Resource Hash
371531d632510a9865c53ffe297c476b1e6a71423f21f913747932c72999a43b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 21:19:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
247
x-xss-protection
0
integrator.js
adservice.google.com.au/adsid/ Frame FB0E 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208180101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 28 Aug 2022 21:19:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame FB0E 		107 B
196 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208180101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 28 Aug 2022 21:19:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
adx.holmesmind.com/adx-file/20220802/ Frame F8D2
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&url=https%3A%2F%2Fw...
  • https://adx.holmesmind.com/adx-file/20220802/wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
673 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://adx.holmesmind.com/adx-file/20220802/wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208180101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-91.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
21902e4026c2f774fbd13f64845d6fd3a823c1ea64ee93e76a9fe06a49a74711

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
686
content-length
673
content-type
text/html
date
Sun, 28 Aug 2022 21:19:18 GMT
etag
"48eae0cda160246f65db69ea3a0e8b6a"
last-modified
Tue, 02 Aug 2022 04:45:52 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 446026fb3dafe55d3602866eda0c744a.cloudfront.net (CloudFront)
x-amz-cf-id
dn0t7KEpWHx4X55Hc84myVASSN-OgWstX4BQvhbWdqQzglsu6mjAHA==
x-amz-cf-pop
SIN2-P1
x-amz-version-id
AXCXhborHznj.8nLhhiA1470QYBmIoZE
x-cache
Hit from cloudfront

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 28 Aug 2022 21:19:18 GMT
location
https://adx.holmesmind.com/adx-file/20220802/wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
cookie.js
partner.googleadservices.com/gampad/ Frame 6033 		379 B
318 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208230101/show_ads_impl_fy2021.js?bust=31069151
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
cafe /
Resource Hash
c0e5c7c417a89afb60e547ba7eb92e0f07894636ba97355ad61d5559e081e7e6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 21:19:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
249
x-xss-protection
0
integrator.js
adservice.google.com.au/adsid/ Frame 6033 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208230101/show_ads_impl_fy2021.js?bust=31069151
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 28 Aug 2022 21:19:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 6033 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208230101/show_ads_impl_fy2021.js?bust=31069151
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 28 Aug 2022 21:19:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
adx.holmesmind.com/adx-file/20220802/ Frame 0D92
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&url=https%3A%2F%2Fw...
  • https://adx.holmesmind.com/adx-file/20220802/wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
673 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://adx.holmesmind.com/adx-file/20220802/wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208230101/show_ads_impl_fy2021.js?bust=31069151
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-91.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
21902e4026c2f774fbd13f64845d6fd3a823c1ea64ee93e76a9fe06a49a74711

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
686
content-length
673
content-type
text/html
date
Sun, 28 Aug 2022 21:19:18 GMT
etag
"48eae0cda160246f65db69ea3a0e8b6a"
last-modified
Tue, 02 Aug 2022 04:45:52 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 446026fb3dafe55d3602866eda0c744a.cloudfront.net (CloudFront)
x-amz-cf-id
q9dCOqmsRGMrOKZ19If4A91qRc5BTXxrE-DYXb0xkiaAJBLjMJnxGg==
x-amz-cf-pop
SIN2-P1
x-amz-version-id
AXCXhborHznj.8nLhhiA1470QYBmIoZE
x-cache
Hit from cloudfront

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 28 Aug 2022 21:19:18 GMT
location
https://adx.holmesmind.com/adx-file/20220802/wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
integrator.js
adservice.google.com.au/adsid/ Frame 5591 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082202.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 28 Aug 2022 21:19:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 5591 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082202.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 28 Aug 2022 21:19:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 5591 		492 B
263 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=528864085794125&correlator=714245954261171&eid=31069190%2C31069102%2C31062931&output=ldjh&gdfp_req=1&vrg=2022082202&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=64515409&sfv=1-0-38&fsapi=false&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1661721558186&lmt=1644386353&dlt=1661721556677&idt=1487&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=e0kwfujup481&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&frm=24&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=2139033985.1661721558&ga_sid=1661721558&ga_hid=1729305489&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082202.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f156.1e100.net
Software
cafe /
Resource Hash
bc37aa2c8d068f29f940e74240cda654beb3bd14be88b70bf0ba891ceab3b76e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 21:19:18 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
233
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cdn.aralego.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
416221ae6b3c2437353cf534d3966fec.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 0E34 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://416221ae6b3c2437353cf534d3966fec.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082202.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 28 Aug 2022 21:19:18 GMT
expires
Mon, 28 Aug 2023 21:19:18 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
integrator.js
adservice.google.com.au/adsid/ Frame AD05 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082202.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 28 Aug 2022 21:19:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame AD05 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082202.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 28 Aug 2022 21:19:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame AD05 		492 B
265 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4101489512092726&correlator=2234885963596874&eid=31069183%2C44770639&output=ldjh&gdfp_req=1&vrg=2022082202&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=64515409&sfv=1-0-38&fsapi=false&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1661721558313&lmt=1644386353&dlt=1661721556689&idt=1604&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=jzgs2accpww6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&frm=24&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=1562683110.1661721558&ga_sid=1661721558&ga_hid=656281475&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082202.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f156.1e100.net
Software
cafe /
Resource Hash
97b2bcaf3eb778e01a8624052fa2b837c14fa872cc10b30eaae9d967f315d2d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 21:19:18 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
234
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cdn.aralego.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
67f98774e159b14d066cf03f174c923b.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame E073 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://67f98774e159b14d066cf03f174c923b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082202.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 28 Aug 2022 21:19:18 GMT
expires
Mon, 28 Aug 2023 21:19:18 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
quantcast.js
cdn.adpushup.com/pbuseridscripts/ 		450 B
618 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.161 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-161.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AU
date
Sun, 28 Aug 2022 21:19:18 GMT
content-encoding
gzip
last-modified
Mon, 28 Jun 2021 04:15:23 GMT
server
nginx/1.18.0
etag
"60d94cdb-1c2"
vary
Accept-Encoding
x-akamai-device
mobile:false&tablet:false
access-control-allow-origin
*
cache-control
max-age=31536000
server-timing
cdn-cache; desc=HIT, edge; dur=1
accept-ranges
bytes
content-type
application/javascript
content-length
317
expires
Mon, 28 Aug 2023 21:19:18 GMT
linkPreview.js
cdn.adpushup.com/42753/ 		72 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/linkPreview.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lu-pei-pian-tai-ren-ai-bai-bai-zou-chun-xiang-fang-chang-jia.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.161 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-161.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
968012b3a49390a10d31c6d36b2aab796ec167a83378b5f9787756ee7cb035c5

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AU
date
Sun, 28 Aug 2022 21:19:18 GMT
content-encoding
br
last-modified
Thu, 14 Jul 2022 19:44:27 GMT
server
nginx/1.18.0
etag
W/"62d0721b-11ed1"
vary
Accept-Encoding
x-akamai-device
mobile:false&tablet:false
access-control-allow-origin
*
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-type
application/javascript
content-length
17440
expires
Sun, 28 Aug 2022 22:19:18 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		83 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f156.1e100.net
Software
sffe /
Resource Hash
7756d206dc3ead613edcff96d9a65e380e24c1dd9c973425762d0628bfc3faaf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 21:19:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28647
x-xss-protection
0
server
sffe
etag
"1317 / 986 of 1000 / last-modified: 1661551853"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 28 Aug 2022 21:19:18 GMT
sync
e3.adpushup.com/AdPushupFeedbackWebService/user/ 		70 B
476 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/user/sync
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lu-pei-pian-tai-ren-ai-bai-bai-zou-chun-xiang-fang-chang-jia.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Aug 2022 21:19:18 GMT
ap-cookie-status
cookies ap_uid and ap_usid are set
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
131 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2NjE3MjE1NTg2NjUsInBhY2tldElkIjoiMDAwMEE3MDEtNTExN2E4MjEtZGIxNS00ZmZlLTkwMWQtZTJkZTJkYTVmODQ5Iiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2x1LXBlaS1waWFuLXRhaS1yZW4tYWktYmFpLWJhaS16b3UtY2h1bi14aWFuZy1mYW5nLWNoYW5nLWppYS5odG1sIiwibW9kZSI6NCwiZXJyb3JDb2RlIjowLCJyZWZlcnJlciI6IiIsInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOm51bGx9
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lu-pei-pian-tai-ren-ai-bai-bai-zou-chun-xiang-fang-chang-jia.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Aug 2022 21:19:18 GMT
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
131 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2NjE3MjE1NTg2NjYsInBhY2tldElkIjoiMDAwMEE3MDEtNTExN2E4MjEtZGIxNS00ZmZlLTkwMWQtZTJkZTJkYTVmODQ5Iiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2x1LXBlaS1waWFuLXRhaS1yZW4tYWktYmFpLWJhaS16b3UtY2h1bi14aWFuZy1mYW5nLWNoYW5nLWppYS5odG1sIiwibW9kZSI6NSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOm51bGx9
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lu-pei-pian-tai-ren-ai-bai-bai-zou-chun-xiang-fang-chang-jia.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Aug 2022 21:19:18 GMT
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
131 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2NjE3MjE1NTg2NjYsInBhY2tldElkIjoiMDAwMEE3MDEtNTExN2E4MjEtZGIxNS00ZmZlLTkwMWQtZTJkZTJkYTVmODQ5Iiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2x1LXBlaS1waWFuLXRhaS1yZW4tYWktYmFpLWJhaS16b3UtY2h1bi14aWFuZy1mYW5nLWNoYW5nLWppYS5odG1sIiwibW9kZSI6MSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6Ijc3YTljMjJmLWFjMDItNDVkZC05NmJjLWIwODk2YThhN2Q1YSIsInNlY3Rpb25OYW1lIjoiQVBfTF9EX0FSVElDTEVfNzI4WDI1MF83N2E5YyIsInN0YXR1cyI6MSwibmV0d29yayI6ImFkcFRhZ3MiLCJuZXR3b3JrQWRVbml0SWQiOiJBRFBfNDI3NTNfNzI4WDI1MF83N2E5YzIyZi1hYzAyLTQ1ZGQtOTZiYy1iMDg5NmE4YTdkNWEiLCJzZXJ2aWNlcyI6WzEsM10sImFkVW5pdFR5cGUiOjF9XX0%3D
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lu-pei-pian-tai-ren-ai-bai-bai-zou-chun-xiang-fang-chang-jia.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Aug 2022 21:19:18 GMT
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
131 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2NjE3MjE1NTg2NzAsInBhY2tldElkIjoiMDAwMEE3MDEtNTExN2E4MjEtZGIxNS00ZmZlLTkwMWQtZTJkZTJkYTVmODQ5Iiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2x1LXBlaS1waWFuLXRhaS1yZW4tYWktYmFpLWJhaS16b3UtY2h1bi14aWFuZy1mYW5nLWNoYW5nLWppYS5odG1sIiwibW9kZSI6MSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6ImQxYzEwYTcyLTI3YjQtNDkzMS04Y2U3LTk5YTE4ZWJiZGJhZSIsInNlY3Rpb25OYW1lIjoiQVBfSV9EX0FSVElDTEVfNzI4WDkwX2QxYzEwIiwic3RhdHVzIjoxLCJuZXR3b3JrIjoiYWRwVGFncyIsIm5ldHdvcmtBZFVuaXRJZCI6IlNUSUNLWV9BRFBfNDI3NTNfNzI4WDkwX2QxYzEwYTcyLTI3YjQtNDkzMS04Y2U3LTk5YTE4ZWJiZGJhZSIsInNlcnZpY2VzIjpbNSwzXSwiYWRVbml0VHlwZSI6M31dfQ%3D%3D
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lu-pei-pian-tai-ren-ai-bai-bai-zou-chun-xiang-fang-chang-jia.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Aug 2022 21:19:18 GMT
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
131 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2NjE3MjE1NTg2NzMsInBhY2tldElkIjoiMDAwMEE3MDEtNTExN2E4MjEtZGIxNS00ZmZlLTkwMWQtZTJkZTJkYTVmODQ5Iiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2x1LXBlaS1waWFuLXRhaS1yZW4tYWktYmFpLWJhaS16b3UtY2h1bi14aWFuZy1mYW5nLWNoYW5nLWppYS5odG1sIiwibW9kZSI6MSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6IjEwNGIyODJhLWJkMTEtNGQ4ZC1hZDY0LTA0OTIwNjNiNmNiYSIsInNlY3Rpb25OYW1lIjoiQVBfSV9EX0FSVElDTEVfMTIwWDYwMF8xMDRiMiIsInN0YXR1cyI6MSwibmV0d29yayI6ImFkcFRhZ3MiLCJuZXR3b3JrQWRVbml0SWQiOiJTVElDS1lfQURQXzQyNzUzXzEyMFg2MDBfMTA0YjI4MmEtYmQxMS00ZDhkLWFkNjQtMDQ5MjA2M2I2Y2JhIiwic2VydmljZXMiOls1LDNdLCJhZFVuaXRUeXBlIjozfV19
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lu-pei-pian-tai-ren-ai-bai-bai-zou-chun-xiang-fang-chang-jia.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Aug 2022 21:19:18 GMT
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 5591 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022082202&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082202.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
cafe /
Resource Hash
584bf0f0deea2e87ea7403a1e90d82cea34d44a0df87c84bf2622afcd90549ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 28 Aug 2022 21:19:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11096
x-xss-protection
0
pubads_impl_2022082202.js
securepubads.g.doubleclick.net/gpt/ 		384 KB
131 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082202.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f156.1e100.net
Software
sffe /
Resource Hash
07572f31a00b1843fc6d9a1eb3155eaf2a46089213d6740f302cf34f83738040
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 17:43:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
272139
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133587
x-xss-protection
0
last-modified
Tue, 23 Aug 2022 21:21:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 25 Aug 2023 17:43:39 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		109 B
118 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.bg3.co
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f156.1e100.net
Software
cafe /
Resource Hash
57ba9c79273602051bd0fa9f6dcd52a3f199dc59f134308efeeaad35424b8311
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 28 Aug 2022 21:19:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
93
x-xss-protection
0
expires
Sun, 28 Aug 2022 21:19:19 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame AD05 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022082202&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082202.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
cafe /
Resource Hash
249a58bca9bdf418fbce36b5483f6958aeba464b74335e29c355dde3e02af60d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 28 Aug 2022 21:19:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11244
x-xss-protection
0
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 0D92 		118 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20220802/wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
cafe /
Resource Hash
0d3c323830d360b2f92810a1dbe5f027c8bb39dbc5780c98bee9c348d1bddf6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 21:19:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40290
x-xss-protection
0
server
cafe
etag
7063077154084368768
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 28 Aug 2022 21:19:18 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame F8D2 		118 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20220802/wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
cafe /
Resource Hash
3e934bee240423c68eaa69829f612e231955b5fc9eba2ed94cbb36137e07f581
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 21:19:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40291
x-xss-protection
0
server
cafe
etag
17010052743208644548
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 28 Aug 2022 21:19:19 GMT
quant.js
secure.quantserve.com/ 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.229.10.211 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8bac9c023fad9d6721b69f7fe5cfbd0da812fd66ec2c428ae4a141cc44f2e4e9

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 21:19:19 GMT
content-encoding
gzip
etag
"TFjIU174W8I7nbu1DVEZpA=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Sun, 04 Sep 2022 21:19:19 GMT
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20220828
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1661278076254.v6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
420aa7c1d96c4bec5287b97f5de519aed454b232b4fa2253cdab4eb5d081dc27
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 28 Aug 2022 21:19:19 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
22683
x-jsd-version
1.0.1446
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19167-FRA, cache-iad-kiad7000067-IAD
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"665-3usGrpCWLpQRkfFNGUltCtZyNm8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5wNZZl0sRWfCk7Tiu0cPKP7WSK5LQSyKcdkLHemSswk%2FDrv6RVFzzHH%2BpNPknjBENXYk2lVmnk3sX6V2H3EGR2s0dJapUutl6pmLIWQxx2t4TQ2pWQB%2F%2FVrvWUVUFIv%2FgcQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
742015a0be923772-MEL
access-control-expose-headers
*
bid-request
a.teads.tv/hb/ 		16 B
360 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1661278076254.v6.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.207.181.47 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-181-47.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 28 Aug 2022 21:19:19 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Sun, 28 Aug 2022 21:19:19 GMT
c
prebid.a-mo.net/a/ 		0
516 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1661278076254.v6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.89.200 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bg3.co
date
Sun, 28 Aug 2022 21:19:19 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
x-envoy-upstream-service-time
2
vary
origin, Accept-Encoding
arj
adpushup-d.openx.net/w/1.0/ 		174 B
382 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Flu-pei-pian-tai-ren-ai-bai-bai-zou-chun-xiang-fang-chang-jia.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=bda43496-9ca2-46f8-aebd-30d7aa69f293%2Ce857355e-0891-4945-88dd-fa7cdb18ea04%2Cba204ea8-74dc-4170-b417-699abae3609c&nocache=1661721558949&pubcid=3061aaa2-11b4-43ab-9fad-cd3db135c173&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&aus=728x250%2C728x90%2C690x90%2C690x250%2C675x90%2C675x250%2C670x90%2C670x250%2C650x90%2C650x250%2C650x150%2C630x90%2C630x250%2C602x100%2C600x90%2C600x250%2C580x90%2C570x90%2C550x150%2C468x60%2C320x50%2C320x100%2C300x50%2C300x100%2C300x75%2C300x250%2C250x250%2C200x200%7C728x90%2C690x90%2C675x90%2C670x90%2C650x90%2C630x90%2C600x90%2C580x90%2C570x90%2C468x60%2C320x50%2C300x50%2C300x75%7C120x600&divids=ADP_42753_728X250_77a9c22f-ac02-45dd-96bc-b0896a8a7d5a%2CSTICKY_ADP_42753_728X90_d1c10a72-27b4-4931-8ce7-99a18ebbdbae%2CSTICKY_ADP_42753_120X600_104b282a-bd11-4d8d-ad64-0492063b6cba&aucs=%2C%2C&auid=545618347%2C545618347%2C545618347
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1661278076254.v6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
b964062fc8555da54b12b17ab64255ce69492054baeeeb8d72a6d8eb77f50780

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 28 Aug 2022 21:19:19 GMT
content-encoding
gzip
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
164
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
avjp
adpushup-d.openx.net/v/1.0/ 		106 B
296 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Flu-pei-pian-tai-ren-ai-bai-bai-zou-chun-xiang-fang-chang-jia.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=81f30046-af14-4206-bbc2-bb3050d4ac05&nocache=1661721558949&pubcid=3061aaa2-11b4-43ab-9fad-cd3db135c173&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A120%2C%22h%22%3A600%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22api%22%3A%5B2%5D%2C%22playbackmethod%22%3A6%2C%22linearity%22%3A1%7D%7D%5D%7D&auid=545618481&vwd=120&vht=600&vos=101&vmimes=video%2Fmp4%2Cvideo%2Fwebm
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1661278076254.v6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 28 Aug 2022 21:19:19 GMT
via
1.1 google
server
OXGW/0.0.0
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
avjp
adpushup-d.openx.net/v/1.0/ 		106 B
296 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Flu-pei-pian-tai-ren-ai-bai-bai-zou-chun-xiang-fang-chang-jia.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=570748b7-463a-4884-9168-9379b74bca83&nocache=1661721558949&pubcid=3061aaa2-11b4-43ab-9fad-cd3db135c173&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22api%22%3A%5B2%5D%2C%22playbackmethod%22%3A6%2C%22linearity%22%3A1%7D%7D%5D%7D&auid=545618481&vwd=728&vht=90&vos=101&vmimes=video%2Fmp4%2Cvideo%2Fwebm
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1661278076254.v6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 28 Aug 2022 21:19:19 GMT
via
1.1 google
server
OXGW/0.0.0
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
avjp
adpushup-d.openx.net/v/1.0/ 		106 B
504 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Flu-pei-pian-tai-ren-ai-bai-bai-zou-chun-xiang-fang-chang-jia.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=ab713aa7-7b91-468c-bcb0-7b59452ed816&nocache=1661721558950&pubcid=3061aaa2-11b4-43ab-9fad-cd3db135c173&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A400%2C%22h%22%3A225%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22api%22%3A%5B2%5D%2C%22playbackmethod%22%3A6%2C%22linearity%22%3A1%7D%7D%5D%7D&auid=545618481&vwd=400&vht=225&vos=101&vmimes=video%2Fmp4%2Cvideo%2Fwebm
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1661278076254.v6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 28 Aug 2022 21:19:19 GMT
via
1.1 google
server
OXGW/0.0.0
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		0
0
prebid
ib.adnxs.com/ut/v3/ 		360 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1661278076254.v6.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.151.120 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
908.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
6830f1891c68ef50ff7256cc940cf152f6f8c48565d2dc56193b3091c6f46151
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 28 Aug 2022 21:19:19 GMT
X-Proxy-Origin
103.209.254.23; 103.209.254.23; 908.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid
20bded04-01d1-4e9f-9ee8-bb6699219adb
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.bg3.co
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
360
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid-request
onetag-sys.com/ 		15 B
407 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1661278076254.v6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.79.234.101 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-51-79-234.net
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
access-control-allow-headers
content-type, origin, referer, user-agent
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://www.bg3.co
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
41
prebid
prebid.media.net/rtb/ 		1 KB
917 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUPEPKI9
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1661278076254.v6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
8fe8f524ceb9fd63bbe6b3c1aa9d05c0c709b0f523a7a288c05e686da549d499

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 28 Aug 2022 21:19:19 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
100
alt-svc
clear
via
1.1 google
cdb
bidder.criteo.com/ 		0
212 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.19.0&cb=94973487588
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1661278076254.v6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.145 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 28 Aug 2022 21:19:19 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
auction
rtb.adxpremium.services/openrtb2/ 		59 B
396 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.adxpremium.services/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1661278076254.v6.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.36.238.155 , France, ASN16276 (OVH, FR),
Reverse DNS
ip155.ip-54-36-238.eu
Software
/
Resource Hash
1c877b4b7e75bf2c8432415bb762ed9bfc73830abf68497eff686fcc9fa44f9f

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 28 Aug 2022 21:19:21 GMT
x-prebid
pbs-go/unknown
vary
Origin
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
59
expires
0
auction
tlx.3lift.com/header/ 		19 B
504 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=6.19.0&referrer=https%3A%2F%2Fwww.bg3.co%2Fa%2Flu-pei-pian-tai-ren-ai-bai-bai-zou-chun-xiang-fang-chang-jia.html&tmax=3000
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1661278076254.v6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.251.219.40 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-251-219-40.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 28 Aug 2022 21:19:19 GMT
accept-ch
user-agent,sec-ch-downlink,sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width,sec-ch-ua-platform,sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua,sec-ch-ua-bitness,sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
adreq
ads.servenobid.com/ 		405 B
552 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=10951
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1661278076254.v6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.151.34 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-151-34.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
91a8ea37de90c116390b167dfc281ce0ed7e8f324ff1fd834bb27aca9db191db

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 28 Aug 2022 21:19:19 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
auction
prebid-server.rubiconproject.com/openrtb2/ 		185 B
406 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1661278076254.v6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.238.123.46 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-238-123-46.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
dc13d656d3dc1ca95c55c42d609c29c8bf6bf2cd439687471542f5f639abf4a2

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 28 Aug 2022 21:19:20 GMT
content-encoding
gzip
x-prebid
pbs-java/1.96.0
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
174
expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		186 B
406 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1661278076254.v6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.238.123.46 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-238-123-46.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
54ef1989cbb78a9ad68eed6ed7c2b4ba93c087812d1d17111513219ec497e8df

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 28 Aug 2022 21:19:20 GMT
content-encoding
gzip
x-prebid
pbs-java/1.96.0
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
175
expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		186 B
406 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1661278076254.v6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.238.123.46 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-238-123-46.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
5caddb72b6758964e28f80f32ee62aeef3256b213580211dcd00db96021ba6eb

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 28 Aug 2022 21:19:21 GMT
content-encoding
gzip
x-prebid
pbs-java/1.96.0
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
175
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		472 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20616&site_id=395958&zone_id=2209398&size_id=15%3B2%3B8&alt_size_ids=2%2C1%2C13%2C14%2C19%2C43%2C44%2C117%3B1%2C43%2C44%3B&rp_schain=1.0,1!adpushup.com,062d9a21f747ddee7c25d4297776e0aa,1,,,&eid_pubcid.org=3061aaa2-11b4-43ab-9fad-cd3db135c173%5E1&rf=https%3A%2F%2Fwww.bg3.co%2Fa%2Flu-pei-pian-tai-ren-ai-bai-bai-zou-chun-xiang-fang-chang-jia.html&tk_flint=pbjs_lite_v6.19.0&x_source.tid=ce957ca1-bda1-42d9-9675-aa114d8ed71b%3Bfc83f8fe-e91d-499e-8d7d-26728dc728df%3B2649f70c-7aa9-41b4-a6b4-45f8bd74d6a0&l_pb_bid_id=67d419a751206b5%3B6833d752f6567e3%3B692db73594f367b&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=3&rand=0.3334501202399984
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1661278076254.v6.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
5c1130fc2214e244090aac5c8702112d7bcc3b55a3f162de33c02b52b6e4ef91

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 28 Aug 2022 21:19:19 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.bg3.co
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
472
Expires
Wed, 17 Sep 1975 21:32:10 GMT
cygnus
htlb.casalemedia.com/ 		37 B
316 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=693656&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%227035edd4571b781%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Flu-pei-pian-tai-ren-ai-bai-bai-zou-chun-xiang-fang-chang-jia.html%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A7%2C%22msi%22%3A7%2C%22mfu%22%3A3%2C%22bu%22%3A3%2C%22iu%22%3A0%2C%22nu%22%3A3%2C%22ou%22%3A3%2C%22allu%22%3A3%2C%22ren%22%3Atrue%2C%22version%22%3A%226.19.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%227746ee98c6e041c%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A320%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22320x50%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22300x50%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A250%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22250x250%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%228004eac8561af27%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A320%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22320x50%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22300x50%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%22816422d31ae1ae6%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A120%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22120x600%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpushup.com%22%2C%22sid%22%3A%22062d9a21f747ddee7c25d4297776e0aa%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%223061aaa2-11b4-43ab-9fad-cd3db135c173%22%7D%5D%7D%5D%7D%7D
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1661278076254.v6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b116cfe12df589b52bd78e7b2213f2bdb575d73be0dcc19738840700f824b41

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 28 Aug 2022 21:19:19 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mAeyrJPYxe07THw2Whmzg2MumwDIfEGboVMVjfb4%2BCdGTZ3Q7qvxDcrwQRd0x0JJ4DLmbM%2Fo0jrJcy3H%2FaOuqwMg1oh4iVF1geQJw%2F%2Fzw0nMp%2FxWw5PZAEqy0VFv%2B2gRnqIRaCnY"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
742015a1084e17cf-MEL
expires
0
cygnus
htlb.casalemedia.com/ 		37 B
639 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=693656&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%227035edd4571b781%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Flu-pei-pian-tai-ren-ai-bai-bai-zou-chun-xiang-fang-chang-jia.html%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A3%2C%22bu%22%3A3%2C%22iu%22%3A0%2C%22nu%22%3A3%2C%22ou%22%3A3%2C%22allu%22%3A3%2C%22ren%22%3Atrue%2C%22version%22%3A%226.19.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%228004eac8561af27%22%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22728x90%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B728%2C90%5D%5D%2C%22api%22%3A%5B2%5D%2C%22linearity%22%3A1%2C%22placement%22%3A4%2C%22w%22%3A728%2C%22h%22%3A90%7D%7D%2C%7B%22id%22%3A%22816422d31ae1ae6%22%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22120x600%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B120%2C600%5D%5D%2C%22api%22%3A%5B2%5D%2C%22linearity%22%3A1%2C%22placement%22%3A4%2C%22w%22%3A120%2C%22h%22%3A600%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpushup.com%22%2C%22sid%22%3A%22062d9a21f747ddee7c25d4297776e0aa%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%223061aaa2-11b4-43ab-9fad-cd3db135c173%22%7D%5D%7D%5D%7D%7D
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1661278076254.v6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b116cfe12df589b52bd78e7b2213f2bdb575d73be0dcc19738840700f824b41

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 28 Aug 2022 21:19:19 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EypnxShj552BTx41cJetkgX7vj3G%2BBmUHYv9oGJxbYAApBHwJ%2BpTogvEZxAvEUkDhQzBkkBwXdT%2F%2BsNKgdB5i3eE35IQauEFve53n4XrGJEFTOek4mCsYjobFLNGcPdV%2BzcB9r9W"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
742015a1085017cf-MEL
expires
0
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208180101/ Frame 0D92 		342 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208180101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
cafe /
Resource Hash
3f3e54649083a54427fb6ec72d1935e15035bbdaa6e30f122bf70131eca494b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 21:19:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
122967
x-xss-protection
0
server
cafe
etag
15330277122573577596
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sun, 28 Aug 2022 21:19:19 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208180101/ Frame F8D2 		342 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208180101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
cafe /
Resource Hash
7d676ba25f25bf00b2c640eb8db188103719675eaf32ec37a36931762a39ac00
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 21:19:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
122960
x-xss-protection
0
server
cafe
etag
7318862798100865146
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sun, 28 Aug 2022 21:19:19 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 5591 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082202.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 21:19:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 28 Aug 2022 21:19:19 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame AD05 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082202.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 21:19:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 28 Aug 2022 21:19:19 GMT
integrator.js
adservice.google.com.au/adsid/ Frame 0D92 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=adx.holmesmind.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208180101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 28 Aug 2022 21:19:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 0D92 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=adx.holmesmind.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208180101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 28 Aug 2022 21:19:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 42AF 		17 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661721559094&bpp=6&bdt=210&idt=292&shv=r20220822&mjsv=m202208180101&ptt=5&saldr=sa&correlator=3192124272842&frm=8&ife=1&pv=2&ga_vid=573015669.1661721559&ga_sid=1661721559&ga_hid=748760412&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31069004%2C31064018&oid=2&pvsid=1139310003802546&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.onhdry252n6&fsb=1&dtd=306
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208180101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
8c3e4212ee9220a27adbeba6bc1ee1af2d56a31526ae4b88ba835b4ef1fece10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
9568
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 28 Aug 2022 21:19:19 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
integrator.js
adservice.google.com.au/adsid/ Frame F8D2 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=adx.holmesmind.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208180101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 28 Aug 2022 21:19:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame F8D2 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=adx.holmesmind.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208180101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 28 Aug 2022 21:19:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 98C7 		17 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661721559119&bpp=12&bdt=229&idt=365&shv=r20220822&mjsv=m202208180101&ptt=5&saldr=sa&correlator=3634509533723&frm=8&ife=1&pv=2&ga_vid=1648317943.1661721559&ga_sid=1661721559&ga_hid=1884503631&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C44760911%2C31069063&oid=2&pvsid=4299496234072682&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.w2twi0i8v5bv&fsb=1&dtd=379
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208180101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
891623026676b69428e5c164ffb30db9031c6f37496b37a94e1b6a9e9718c054
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
9514
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 28 Aug 2022 21:19:19 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
rules-p-54Nt-1NAaEEe0.js
rules.quantcount.com/ 		209 B
680 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-54Nt-1NAaEEe0.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.254.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-254-11.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
aa446b1f105b20f07c49f55c8ea00ef9bc42d7f0c5f747319823f00a480ff7f6

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 21:06:13 GMT
via
1.1 a691085135305af276cea0859fd6b128.cloudfront.net (CloudFront)
age
787
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
209
last-modified
Fri, 26 Aug 2022 18:04:08 GMT
server
AmazonS3
etag
"f6459e80de21135a46e02ad9e79f6802"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-cf-pop
SIN52-C3
accept-ranges
bytes
x-amz-cf-id
MRMiieNHPT0iJNGYIvIruScqnsXF_jh2-MohWf-2yiiUQeM9GcCJOA==
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 43C5 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
21424
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 28 Aug 2022 15:22:16 GMT
expires
Mon, 28 Aug 2023 15:22:16 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 92CE 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.103 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f103.1e100.net
Software
GSE /
Resource Hash
9af8a29c37a486fd0cff8de977b2129449daa74a24408268d8c57fc929ad113d
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-IqjT8kQYFmYMcv4mM29OVw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-IqjT8kQYFmYMcv4mM29OVw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 28 Aug 2022 21:19:20 GMT
expires
Sun, 28 Aug 2022 21:19:20 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 485B 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
21424
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 28 Aug 2022 15:22:16 GMT
expires
Mon, 28 Aug 2023 15:22:16 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame F628 		783 B
740 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.103 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f103.1e100.net
Software
GSE /
Resource Hash
437827253be9aae724d5934271ebd00ef1307e13e5c5487b59a74d0cb098b7ab
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-dURMCYNI1_volIN7xdnULw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-dURMCYNI1_volIN7xdnULw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 28 Aug 2022 21:19:20 GMT
expires
Sun, 28 Aug 2022 21:19:20 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
pixel
pxl.qccerttest.com/ 		35 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pxl.qccerttest.com/pixel?r=1178328450;fpan=1;fpa=P0-1516213821-1661721560036;pbc=3061aaa2-11b4-43ab-9fad-cd3db135c173;ns=0;ce=1;qjs=1;qv=223cf405-20220825122038;ref=;cm=;gdpr=0;d=bg3.co;dst=0;et=1661721560035;tzo=0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Flu-pei-pian-tai-ren-ai-bai-bai-zou-chun-xiang-fang-chang-jia.html;ogl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lu-pei-pian-tai-ren-ai-bai-bai-zou-chun-xiang-fang-chang-jia.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-86.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 17:11:41 GMT
via
1.1 6fa99bf0c83c1cecd58937934e9d3c12.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
14860
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000
content-length
35
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 04 Aug 2022 16:01:04 GMT
server
AmazonS3
x-frame-options
SAMEORIGIN
etag
"55d25e9dc950d5db4d53a3b195c046c6"
vary
Accept-Encoding, Origin
content-type
image/gif
x-amz-cf-pop
SIN2-P1
accept-ranges
bytes
x-amz-cf-id
xhQkdQfDv49TFxTz3V_l84q9UNIO7MtoKnLp_cmfocWsEqhQHJtbGw==
pixel;r=1081677240;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Flu-pei-pian-tai-ren-ai-bai-bai-zou-chun-xiang-fang-chang-jia.html;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6...
pixel.quantserve.com/ 		35 B
372 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=1081677240;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Flu-pei-pian-tai-ren-ai-bai-bai-zou-chun-xiang-fang-chang-jia.html;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=0;fpa=P0-1516213821-1661721560036;pbc=3061aaa2-11b4-43ab-9fad-cd3db135c173;ns=0;ce=1;qjs=1;qv=223cf405-20220825122038;cm=;gdpr=0;ref=;d=bg3.co;dst=0;et=1661721560038;tzo=0;ogl=;ses=c879f47d-1480-4112-8ca2-b90b7faeb600
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lu-pei-pian-tai-ren-ai-bai-bai-zou-chun-xiang-fang-chang-jia.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.229.10.211 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Aug 2022 21:19:20 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 42AF 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Almzm1I918KuSq_sp4CeonPnKQSWQTw3P0WQPDQzVWrm-fkhcESrth1dKtGO0HwYyF0bP5vAG01GpGxY0rrZiicJkjjoH1qbH2yOCAyJpy3-nWHNI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661721559094&bpp=6&bdt=210&idt=292&shv=r20220822&mjsv=m202208180101&ptt=5&saldr=sa&correlator=3192124272842&frm=8&ife=1&pv=2&ga_vid=573015669.1661721559&ga_sid=1661721559&ga_hid=748760412&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31069004%2C31064018&oid=2&pvsid=1139310003802546&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.onhdry252n6&fsb=1&dtd=306
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Aug 2022 21:19:20 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame A8D4 		624 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=COGTmNcDEIqkx94DGLP9vdABMAE&v=APEucNUmVVpl5Bzv81m67ejg-wv7xEzygvG678SfnVsy4a27na7-LQerFIGXjP-JWjKx_-NEvoxJLwtKgBtvJBRUNP9P4DOOWQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661721559094&bpp=6&bdt=210&idt=292&shv=r20220822&mjsv=m202208180101&ptt=5&saldr=sa&correlator=3192124272842&frm=8&ife=1&pv=2&ga_vid=573015669.1661721559&ga_sid=1661721559&ga_hid=748760412&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31069004%2C31064018&oid=2&pvsid=1139310003802546&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.onhdry252n6&fsb=1&dtd=306
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661721559094&bpp=6&bdt=210&idt=292&shv=r20220822&mjsv=m202208180101&ptt=5&saldr=sa&correlator=3192124272842&frm=8&ife=1&pv=2&ga_vid=573015669.1661721559&ga_sid=1661721559&ga_hid=748760412&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31069004%2C31064018&oid=2&pvsid=1139310003802546&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.onhdry252n6&fsb=1&dtd=306
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
276
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 28 Aug 2022 21:19:20 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 42AF 		66 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D0nSlvYfY7qk9JL_uENrFX8sgVAx__vvK-HoH4hAOQMBmPNq7N61OTfb92QVMiTHejyvcSUm8rbP1Prmz9DpOQvYPRaw&cry=1&dbm_d=AKAmf-BrmKPBgdBzFOUxFqrB9wsIxC7do0MiIGtv5DeNw4rhyY02z26-LJgQSId3ID3NVyigFUkf7CACZd9uNQrPo1LPbQhUwy_cEn6GKO_Z5czvsuDIbO_VGON-ss5KkKPnoo9TI4-BMnu3hTWNqHP67h9bDmfKLUoABrr4M052HPTXldto7spdz3v7r9yiTCyD9gTdpO8VQGzrMUcAoZ2uhB6K_APZ8TA3ddsfQOoZnZAKWJj91n8YNG2-PlSnIXtLWDPWCxWO14jvejOtZPJ_-UiJl1yzVJ6hX62RCVN1TWT36EeNul58rHmOF74VDF1oYDCcvPkzCHt9AFawE2WeCSqDPJ4ebwylYjJ_HI9VKNMp-spW6VMi6v0Y9HFeRacDDsPW8PCp6S2JRcqJd8S8g95LGo-L6ZauEdxRONwczwn9sxllVmzDWAOL9WKI6POEKSjlew3v91Lam3TPbs-JFSEEuBprDkrErIwV0uhY8t7K2Zu8SpljTeLeK-G2uOLIIfMPS1NaPdua6rhHtSVQ7xixSBpxrugtOOiNB5GZSiQeBVyjFQMjvFdcNOVI9Hsc43P0jyHLhREwL_Ln9OGZryJfpvYdxMatHJViCVxY2G-xhBg1v4wBQp4jW5bs4n1RnAwa4O_kN5lEolnQAPHDGNwCSQbBsmOWhhlHD2H1pcXX7Myo6GyolISWMBHMHIM5sOTb_64esG7AFMDjm3nlHgekEo1nfz-7nYbi4f0CPNB3nFCMYNDwyMa9OGJxPz2poPfFVqdhZKxzPXPhKmk7VAeeB9g4i_JFs9O2gctN6hI31gV48rVZ_EIUrgaV7AKy3NPIb8_fKIO11hIauB2mHeylzDEIeRWOEM7yVFjZgzy80xSYhcE5P47Wmfwdq-P9C4_uSPm_EDemFo956m0T9bZ_1lMK5OGFGmfFkBDC_sebxKRde7n5WdJ5RVIxCGXGhJzUsywssdUHijgeYb5WntnPAV0irUWiSt-1ZYs-uES1axo9P417mJSZJyAKVB3avPt50AomyAR9bpD3U_K_03DHfU4HMcOoJ12OqhJ3b018F27AoZmQSsY2LHHkKEAlELmzjIPTKtpVjjcV3aGNsQoKiMNUJd9Ggz4ExDHVwxXyhtXV2QlSh8NpAp8sApzK5TLz7_aVk7fxaUXmO-y8S7ixUHAOALX8KbkkNC8_jcLbnOTj_o_dV1hcmn_6EgQAXZB9gi-ymihkfMszoyVKcw7ZWPb7F4Ee03-tN2z14A1K2OaVE6B0_jAcat8sQ_PVs5SQXVNnd7uAjp2AfmqvmhUwSP3vLbd_TTeIr_20Q0R2mSAoHGo4wNvh1DIxIdtyY01b51WCjRm-a602MHg8DQTyAEHiE5GNhog8a7K4eP3QyoxL2oN7lj2mQlpvRVy-fE4m7X30X_1WYWsO38cSf86p_BK9Al1-eiR9eksvrKlaTYRt-ozIuXYSVdy8r78ZWpWx89us1blLTaaWzXrKgwqEuZqO1PRI-Yes_tnc9V2m_YSKWIrG9OzJMVaT2zPQVX0TAftGCDETe4wYV6QMqSDXovACJ9hHtn-iynE0aBn7_j0j7RYj_EwxlB9KxJHPnmHj_FBcYd7U0ZOPE1itJGQU-amJ4UUmmpngAtSLZkd59l1zEiNhIhDjj4LNiqnEBwPHK9c1Om_knR4Vy5Yhve4UtPmpWUW1JmFeX07jv-IUgXFC4dCcIB5AwtcmjlXlIkgz0j1qzvu1UyeKAPJYJdvSYWlQA-CzCiNycc48rlYflL2cf2rdMua2Cv9z6SiC3upOf8dZ4o6MzcsAKskr6a-fsP0lD23JiAl_csqOQq9fYOyXTSnlXmKiSuzZR_9gRZ6V9DGJ68LoejRNzI6EAa2qugD255xxHr8pPfSfl6Twx0aTxRYxuSvXgvWogBYWYTT4nqYR87YsG6lu--7elaOvz2biwtnj4ioTfkeMgdI1J2oSh6eCKiHxjPpxPCNON-avBJoZ532LpuVn24Af-J3B9tb8s-0BQY5YK9DCblongNimqcxVKK5ucfds90gk5wvZ1Uanys2oMsGL5g0wna--zl9lTLiMutKY6gKzzVt2rd1OymLjjyKE_Wf6zkUNbqaN1eSxOMk78tVFDrvRf5yuVs7wlaI89NEWjSZRsgRCrZoIisKU02b3PgBTzhTvR0xv2iPMxPxheDsDiOjyqjACnyLYZ5hFBl599AdAYJVB1QTG_fEjzVYIhrgsboaTlO9Ucp1wrFhryHtR67MzdqBrLgNJEh2Xli429Eyqq6cnh_vkF7IaUmRp-5ZPJw8a6cpPrScc9LQGNj7nRZ72nWRrOlfUSroxkz1dOhqliYBoQ4SdbbuH7dEk1bIGshmcjq-g10UjJ6pcTk_YmgXe-aOSmlYAfyns36KN9Mx_5UV7AhjkU48Kfd060t940wpqVgqSF5c3vUxiQog8wYOdWb3x8ZTtkK3ea-OpUCGGeKCElmrqx4_HY5dDYRQ4p08ydcfh43fa2Pjd93i4IZSn9DlQ8HzO6QrpYZzF9YVYIIEQPc42BoJh9lyYGa2LGxO7pIvDhOkXbIE2Fswe0zGYCeO4B1ZTIrKWMuEDM3rpJTbSe-dWBzjMmWUVuIXFTxClDxsHha1RL17xCCEVbPJiJfVR8j41XbxZ7Hb8Skf0V_FV5aGbhrjNKwDIjeKIiZbi5EZq5wK0QZxdmQ2JXYI-MAeUKnykqWzj_EyAdckZMNtVCG01MKFANRnx6tp1U3SDm8qsAPGynbRJVAcKtZW_D4PLoMUJnXRAK7_ywU6EiTIzgM44xJe6asOyFYXcZIWPvlt5rrJfipQElPCNvdfvQ9tk3YJm9xhA9PannzhN_BdePaOLaYttPIOWkMwXxZZbH5rUjUCnllFQyGaJJs4CFzXtXVLz800oUloBbkqkSRsIVufdQ9IFJpH_GWDAEwisLB0hPWE1G7-tkdLMAdyL5088gfuTDHx8wipMLTgxtiahddwTL-0Ols7y02q82_qGfBam6qJg-1beSlszU9HHixdHjoieL0Kq7cRQ396QmwSTL5NOwhXpkV_jYqDE_vGjnAYj7ui6NtEnxgkDtErH45cw4RlNiMpwDg-U2c8AoxaMdnMzZpRvn1a1ZeA5RsGNHXgC1bL7-NmGDPTXU0NvKF2FIk9e2g&cid=CAASEuRoI5BYTYP_3-VE9M_gWe5GGA&rfl=3%2Chttps%253A%252F%252Fwww.bg3.co%242%2C%2Chttps%253A%252F%252Fadx.holmesmind.com%252F%240
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661721559094&bpp=6&bdt=210&idt=292&shv=r20220822&mjsv=m202208180101&ptt=5&saldr=sa&correlator=3192124272842&frm=8&ife=1&pv=2&ga_vid=573015669.1661721559&ga_sid=1661721559&ga_hid=748760412&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31069004%2C31064018&oid=2&pvsid=1139310003802546&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.onhdry252n6&fsb=1&dtd=306
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
a5b4a374a869f6f1eb6ebc94f5c7990f061908367fd6ba886e49e4ca2b5bbc43
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661721559094&bpp=6&bdt=210&idt=292&shv=r20220822&mjsv=m202208180101&ptt=5&saldr=sa&correlator=3192124272842&frm=8&ife=1&pv=2&ga_vid=573015669.1661721559&ga_sid=1661721559&ga_hid=748760412&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31069004%2C31064018&oid=2&pvsid=1139310003802546&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.onhdry252n6&fsb=1&dtd=306
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Aug 2022 21:19:20 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32737
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 98C7 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Adaw0WVC8Sohvm3EQsjoglsUJa1NbLR-Jl-fc3AqR6NhiV_eygfTsN7UReofK6C-j5Z2bRAGHNFMDdK0TbQsL_JneQynjdP57LjeMgAerDFXBtWN4
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661721559119&bpp=12&bdt=229&idt=365&shv=r20220822&mjsv=m202208180101&ptt=5&saldr=sa&correlator=3634509533723&frm=8&ife=1&pv=2&ga_vid=1648317943.1661721559&ga_sid=1661721559&ga_hid=1884503631&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C44760911%2C31069063&oid=2&pvsid=4299496234072682&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.w2twi0i8v5bv&fsb=1&dtd=379
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Aug 2022 21:19:20 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/ Frame 42AF 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661721559094&bpp=6&bdt=210&idt=292&shv=r20220822&mjsv=m202208180101&ptt=5&saldr=sa&correlator=3192124272842&frm=8&ife=1&pv=2&ga_vid=573015669.1661721559&ga_sid=1661721559&ga_hid=748760412&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31069004%2C31064018&oid=2&pvsid=1139310003802546&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.onhdry252n6&fsb=1&dtd=306
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 17:56:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
12187
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 11 Sep 2022 17:56:13 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/ Frame 42AF 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661721559094&bpp=6&bdt=210&idt=292&shv=r20220822&mjsv=m202208180101&ptt=5&saldr=sa&correlator=3192124272842&frm=8&ife=1&pv=2&ga_vid=573015669.1661721559&ga_sid=1661721559&ga_hid=748760412&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31069004%2C31064018&oid=2&pvsid=1139310003802546&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.onhdry252n6&fsb=1&dtd=306
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
cafe /
Resource Hash
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 17:18:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
14461
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7599
x-xss-protection
0
server
cafe
etag
9215437806027971270
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 11 Sep 2022 17:18:19 GMT
l
www.google.com/ads/measurement/ Frame 42AF 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRAmn8bKavFTbpFY58IcFOLT47dXUDxXwJ97zlPoAZUnfFznJOEgozT0vogPgSV6i51Z1zytIjt7QVFyRj8s7n9UUb9gQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661721559094&bpp=6&bdt=210&idt=292&shv=r20220822&mjsv=m202208180101&ptt=5&saldr=sa&correlator=3192124272842&frm=8&ife=1&pv=2&ga_vid=573015669.1661721559&ga_sid=1661721559&ga_hid=748760412&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31069004%2C31064018&oid=2&pvsid=1139310003802546&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.onhdry252n6&fsb=1&dtd=306
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.103 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f103.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
pixel
googleads.g.doubleclick.net/xbbe/ Frame 9AC1 		640 B
316 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=COGTmNcDEIqkx94DGLP9vdABMAE&v=APEucNWUIXaHD2CDmWPxG9jJFxFFZHx3qk5j4MhA8uUW4f0nJPYdlKLvrT2Ki5-Lvjz0f_2fv7zfhX7aDovHVRXsZ3CJRu1aAg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661721559119&bpp=12&bdt=229&idt=365&shv=r20220822&mjsv=m202208180101&ptt=5&saldr=sa&correlator=3634509533723&frm=8&ife=1&pv=2&ga_vid=1648317943.1661721559&ga_sid=1661721559&ga_hid=1884503631&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C44760911%2C31069063&oid=2&pvsid=4299496234072682&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.w2twi0i8v5bv&fsb=1&dtd=379
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661721559119&bpp=12&bdt=229&idt=365&shv=r20220822&mjsv=m202208180101&ptt=5&saldr=sa&correlator=3634509533723&frm=8&ife=1&pv=2&ga_vid=1648317943.1661721559&ga_sid=1661721559&ga_hid=1884503631&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C44760911%2C31069063&oid=2&pvsid=4299496234072682&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.w2twi0i8v5bv&fsb=1&dtd=379
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
295
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 28 Aug 2022 21:19:20 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 42AF 		140 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661721559094&bpp=6&bdt=210&idt=292&shv=r20220822&mjsv=m202208180101&ptt=5&saldr=sa&correlator=3192124272842&frm=8&ife=1&pv=2&ga_vid=573015669.1661721559&ga_sid=1661721559&ga_hid=748760412&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31069004%2C31064018&oid=2&pvsid=1139310003802546&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.onhdry252n6&fsb=1&dtd=306
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
sffe /
Resource Hash
40b5f6acfe971488e28b4570d0b485406d6a56cbdf45e86f0df9b1f040eb6d0d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 21:19:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44079
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1661341966742178"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 28 Aug 2022 21:19:20 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 98C7 		66 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B80Bq9J9armd6KHu-hoq43-EkBDtt89_BzLGmPZNiRO8TJx4eq3T-WOYo4S3DVZ5zyNV9IxEL0FJqyAjuscsYK_mk0Bg&cry=1&dbm_d=AKAmf-AbgwV3lFAOyxz1BUig3EbhwJlKf7_RZkFoh9BhITEpF6o3IsucUlGprlo_DJMMUeu0PIofM8SNsTbqlbycjvuvguLfCyqzHQrlpjVQYmG0xXct2zB9usooIjvSB-23gsEaaKJpbTHBNvLC96_PQON7ZkZ_i6jn2G2oDrZLGZvPTi8IG70R8nAHeEPVR7s9f8-ESpAeaLCYtqhrtdMguQuAxtirlBnCripUHexZW-NI92w8yyRa5mi1GdEIgQD9EB6pB_S5qz3GxWvt0pLrRCPZJ33id4B3uIezfG1uTsMCxSCduOU2VkH-6G8lvZUhagDYyV2JEsCMJbPCKIXFObEt5CLC1HSs5KKis1s3HP1Ry3SCegRGXn3ouDcH4_gvp5bKDFlluKUciwEfV9wg7SUMMfUXHI2of8lghFJa3x2aJdXfCVYaYWSJSFLQHp2e7X2RqhhrAtpX2Jdz38LhTOMkfkgdC54KsdD5yHvXyMr6d7mKfHs7bOe_ddSG8WMFlbO2zTcTnpfpW-CarvbnFa3vFzxUgrCIOJVfF9Ezja57lpwgH1DAyIdyxV3lV3ZLteBCuAPEv74Cc9KusZbkJzpgpQOHOLpeBVrFcPB1RwdJCrkKHJOGGrVGNaOcThTDnOVTP4vmLK5wnTBv54vfcb0rsLZjmBx1TfsdjtIaEhtMAf1AUn56si_oXLUq4GRFW4AJjTgC-EJ8HL-e334a-fF6ye1RYgGNjJt3V36_6N7FB4vuzvEubBy0WK2cTQAqel2XjR0wf2aRBvQiFF5YY6Vv_DLPAqTx6lK7fvYPfxAJ8K4A2colJqAFd01fq1trlEBklUIqlng8zyB5rnGrewKH6gjta6XTzCjMv6ohr566S5jP2HkpCwJBX_L76WoejhmbMkOkg7oflBHJ2pBXOe_u_ThbxLX1u4LFV9vPMJu_dz0H_FgHGyitHfLQ8078u7pO9vAC7fMruuaX2nYfdOmflj6cJZW87EX6WZ7uTVcjFwcr3C8GAxkzu0t6ppm2_c8_ZhGhHYM54oWelTePiUCl9Z6yRvO39te4G58ehWSa0bUPtCtHV9b_dpKxPZ5kgKWEt8zupe1_e_HCoHuBY53FEZuJ7QH0WJI5D0IGz2vbMSq1dyaLe7dkstrs5uTQe30nJ40Fi2shYlaLD9Q6CFErdHZQFHXpi-6XGFZcX2Jl__-vFUngjrc6eqUEYMVdQqh0XvJJZOEjk47fZHNPPHpuGJi4kbRs5hKPYeVm1i7LO3e-qP1WUjjf9DX2h7cRjPEhb5_61C2hZOq2ORbt54Mwi14C4qwom8rW3YS_QaN4TnETE44H5o1E1XNbGnm2KZ5z1TpnKhtJL9NwL5_i8PeYskzjT5xQaCStbE_Bi8Ve-YtgYK6svp9-4SRfx7NjmG58wUTKi2jKFM9VhrGSSyBryrDKHdg9VublvyumBEFyHzh8EYRtH3BofaXQIAP08uE6relw7qYTscHREYqjX7uZ4i8zDZE7L-zvpngTCc2ZIC91pY71gGl6P5TwhAL_5mu8sij-4-o8-1k1DAesFeJhIxG_-pVbU_17T1oM0Kmsvx9Gpwtll0IKivbYiDmwpdix1S6wke7nz6-KQT9jUbAMkL59qGCtImzioAB_c09UnFVbiOIPBqXHF7p0NjND0dz_MA1BxVLplTy-im1PPM4gXf1uGZJ24PNga-oKX7SD4KnGO97M3ozLbJ3A_jCIkxrU40b8yfgsC1olfp0_n20rWbQKDt6M4emyhYhe1DbAGw0yx_dtofnJXMsdPMGdRXLARB5CFHDSjXX-cF4O1p8iCff-eoM2AuhmdF_Oo3T5WrLbnwDBdVmhxKphu-Kb8ynz_pgAte3WKNI-0HgAlWEZArltxFaitGlYAoWCpz0XXwl2c62xgHRoe_xoCTFIv0DavzUEtL4mDiSR26I0ruWLyItEwONAFbkMxhfS8ufyrrT9GUnGk71vA8yGvQhFTAKQqNwUKRl-mYbLt7H9knL5Q9jRlxW7NlkUKMIrtMTYbrLSEkw91hkmnD-42Kc6axIxKTf9HobNIBW91zqtUYSuhOk6Rwe-XY3tyLYsYG22hHf_lXKGUUcYLpsMvnn7JAv_md3Y0LoasVsC8lCI3jqI3KAlIKdbsCj7rRwFfIVGyt4AiEukRB53ABJ-gdK-g7sxTp030whMJ0kxqw97zHEl5mqHXNXufvcah0bWUrDgD5mHRATS-InSQ937dZIgCEZw1SLvKM_bbfzV3oIdPwn42Le7UgkteuwAfh1BirS9yUUsdnJwYyP0wXDwTMPQ_VDhkEqSV3YhOTZs3ZAe-k8sG7cgo6hT09L7KRbwkxkwPKAMQz675B68FFNn54E4vbv4IZacIegNuU10dt_MKmexlKGDYWRqAgdUvbxkLEsrgxlb2oHRRo-tfpVKnVsSADrlb5oIejGqMRwJzl3ew-LUblTCIsBjadwJCcBhnTqI35xTUwC2h0OIcaLv7-I23iJ2R-H6eEVMITxqalfx0rY-cqg3e0NNmgookXtXpl4516JHBv8csQqyxlHKewymunYtKSwmLI81Bg1ZF2NXQw8jueeGXvg530tfbyFdyuaid-nRj_PjsffN9RHoLNFLWQkmM_eCtk25rEcVu4H8CkoMaoj-IStXzaPQsuGZUncdo4BVNPGPDlIEwfNRTNc86QGSWJ0_5FyRm7ZnDev3FOfPpYJxN6gwrPvWcC0kdK7mzFfAwGycOIHaZOd0NiumvbPHQWJg1sU3JZuDOJrxy22NCjU-KNJirJ9mPLDsJ5BQxpmx4zDCGkyZgTmsXCFx8rf7CKdEMC0dyM4JjNeLQ16YJ__6J-o_oS3uV5bMAAfO-mPWv_65Q26zn5gUnFU9XJwOQN46Iu4Q9YIvPxN25kIaVZZvq6bMPp7m8hn8DhkfOIPQQYlAxwxEdWGGiMlMn_fY4yhL2maZfBxhEaE_Au7Mz3ubsOFTKHpFBzJRETdz7cnBxO3vLcTw_JZZdC-DlMr-FTx-PEQpNanlBs7ur7lqTVP4dkkBoGD_Ye-np_g1xEgZ4DP53FpOb57jusbOiIzMiew49kpByD0r4Xp7SWlLfvpHhHiE9CpPEYCT7ZCiPK5sZjL2OYOUiev0_ide4MY2IcOybapAFsFlcFwVlWwQo8tmkw&cid=CAASEuRoD-Vxj5Q2gK7HUSJhNn3mKw&rfl=3%2Chttps%253A%252F%252Fwww.bg3.co%242%2C%2Chttps%253A%252F%252Fadx.holmesmind.com%252F%240
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661721559119&bpp=12&bdt=229&idt=365&shv=r20220822&mjsv=m202208180101&ptt=5&saldr=sa&correlator=3634509533723&frm=8&ife=1&pv=2&ga_vid=1648317943.1661721559&ga_sid=1661721559&ga_hid=1884503631&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C44760911%2C31069063&oid=2&pvsid=4299496234072682&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.w2twi0i8v5bv&fsb=1&dtd=379
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
0a6653a907abc53275d34c1e2cbb235f289aed2f40d2d8cf7e5339ae00336f70
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661721559119&bpp=12&bdt=229&idt=365&shv=r20220822&mjsv=m202208180101&ptt=5&saldr=sa&correlator=3634509533723&frm=8&ife=1&pv=2&ga_vid=1648317943.1661721559&ga_sid=1661721559&ga_hid=1884503631&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C44760911%2C31069063&oid=2&pvsid=4299496234072682&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.w2twi0i8v5bv&fsb=1&dtd=379
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Aug 2022 21:19:20 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32579
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/ Frame 98C7 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661721559119&bpp=12&bdt=229&idt=365&shv=r20220822&mjsv=m202208180101&ptt=5&saldr=sa&correlator=3634509533723&frm=8&ife=1&pv=2&ga_vid=1648317943.1661721559&ga_sid=1661721559&ga_hid=1884503631&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C44760911%2C31069063&oid=2&pvsid=4299496234072682&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.w2twi0i8v5bv&fsb=1&dtd=379
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 17:56:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
12187
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 11 Sep 2022 17:56:13 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/ Frame 98C7 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661721559119&bpp=12&bdt=229&idt=365&shv=r20220822&mjsv=m202208180101&ptt=5&saldr=sa&correlator=3634509533723&frm=8&ife=1&pv=2&ga_vid=1648317943.1661721559&ga_sid=1661721559&ga_hid=1884503631&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C44760911%2C31069063&oid=2&pvsid=4299496234072682&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.w2twi0i8v5bv&fsb=1&dtd=379
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
cafe /
Resource Hash
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 17:18:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
14461
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7599
x-xss-protection
0
server
cafe
etag
9215437806027971270
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 11 Sep 2022 17:18:19 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 98C7 		140 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661721559119&bpp=12&bdt=229&idt=365&shv=r20220822&mjsv=m202208180101&ptt=5&saldr=sa&correlator=3634509533723&frm=8&ife=1&pv=2&ga_vid=1648317943.1661721559&ga_sid=1661721559&ga_hid=1884503631&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C44760911%2C31069063&oid=2&pvsid=4299496234072682&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.w2twi0i8v5bv&fsb=1&dtd=379
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
sffe /
Resource Hash
40b5f6acfe971488e28b4570d0b485406d6a56cbdf45e86f0df9b1f040eb6d0d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 21:19:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44079
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1661341966742178"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 28 Aug 2022 21:19:20 GMT
log
aplogger.adpushup.com/ 		0
53 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://aplogger.adpushup.com/log?event=glimpse_pageView&data=eyJzZXNzaW9uSWQiOiIxNzU1NjFfMTY2MTcyMTU2MDExOCIsInVzZXJJZCI6IjY2NjgyNF8xNjYxNzIxNTYwMTE4Iiwic2l0ZUlkIjo0Mjc1MywicGxhdGZvcm0iOiJERVNLVE9QIiwicGFnZUlkIjoiNTg1ODM5XzE2NjE3MjE1NjAxMTgiLCJwYWdlUGF0aCI6IiUyRmElMkZsdS1wZWktcGlhbi10YWktcmVuLWFpLWJhaS1iYWktem91LWNodW4teGlhbmctZmFuZy1jaGFuZy1qaWEuaHRtbCIsImhvc3RuYW1lIjoid3d3LmJnMy5jbyIsInVybCI6Imh0dHBzJTNBJTJGJTJGd3d3LmJnMy5jbyUyRmElMkZsdS1wZWktcGlhbi10YWktcmVuLWFpLWJhaS1iYWktem91LWNodW4teGlhbmctZmFuZy1jaGFuZy1qaWEuaHRtbCIsInBoYXNlIjowLCJ1c2VyVHlwZSI6Ik5FVyIsInByZXZpZXdWYXJpYXRpb24iOiJkZXNjcmlwdGlvblBhZ2UiLCJleHBlcmltZW50UGFnZSI6dHJ1ZSwidGltZXN0YW1wIjoxNjYxNzIxNTYwMTE5fQ==
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.211.156.162 Mumbai, India, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 21:19:20 GMT
server
nginx/1.14.0 (Ubuntu)
L2EvbHUtcGVpLXBpYW4tdGFpLXJlbi1haS1iYWktYmFpLXpvdS1jaHVuLXhpYW5nLWZhbmctY2hhbmctamlhLmh0bWw=.json
cdn.adpushup.com/42753/ 		555 B
818 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/L2EvbHUtcGVpLXBpYW4tdGFpLXJlbi1haS1iYWktYmFpLXpvdS1jaHVuLXhpYW5nLWZhbmctY2hhbmctamlhLmh0bWw=.json
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.161 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-161.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AU
date
Sun, 28 Aug 2022 21:19:21 GMT
server
nginx/1.18.0
vary
Accept-Encoding
x-akamai-device
mobile:false&tablet:false
access-control-allow-origin
*
cache-control
max-age=3600
server-timing
cdn-cache; desc=MISS, edge; dur=12, origin; dur=890
content-type
text/html
content-length
555
expires
Sun, 28 Aug 2022 22:19:21 GMT
rum
dsum-sec.casalemedia.com/ Frame A8D4
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGHmZZCV-wEnZ1H6waHHmL8&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGHmZZCV-wEnZ1H6waHHmL8&google_cver=1&C=1
43 B
904 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGHmZZCV-wEnZ1H6waHHmL8&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGTmNcDEIqkx94DGLP9vdABMAE&v=APEucNUmVVpl5Bzv81m67ejg-wv7xEzygvG678SfnVsy4a27na7-LQerFIGXjP-JWjKx_-NEvoxJLwtKgBtvJBRUNP9P4DOOWQ
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
742015adc8325a7f-MEL
pragma
no-cache
date
Sun, 28 Aug 2022 21:19:21 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x20upp6M2DvosT5gLwkPYcoMNtrWTed4UNh9bPqa0h0q0tVuS8cRuMdyNGTdDnzaRQqm4eh5ITgt65GaPcPSkGpE5BZlrT96mCLBo%2F%2FU53R%2FNzna3Ddnvp2sUWLf6x9KSzN25b1lF6N8QQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sun, 28 Aug 2022 21:19:21 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p8%2F6bRvp0UMXEVwTLgaxIYXyAf0pAN0DfYGaeXp4itj68jnJWcqSJmtNFas8FqdlD30h0pfjQWIsGPCvwwqzil9WO33DITXjJAz7BvEgGLxtS2yv9whMfnx8IuozLVdZCYSK27uxtjwmkg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
/rum?cm_dsp_id=45&external_user_id=CAESEGHmZZCV-wEnZ1H6waHHmL8&google_cver=1&C=1
cache-control
no-cache
cf-ray
742015ac5ac65a8b-MEL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
rum
dsum-sec.casalemedia.com/ Frame A8D4
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Ywvb2PA2IabfVgpZrBwbvAAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGHmZZCV-wEnZ1H6waHHmL8&google_cver=1
43 B
909 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGHmZZCV-wEnZ1H6waHHmL8&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGTmNcDEIqkx94DGLP9vdABMAE&v=APEucNUmVVpl5Bzv81m67ejg-wv7xEzygvG678SfnVsy4a27na7-LQerFIGXjP-JWjKx_-NEvoxJLwtKgBtvJBRUNP9P4DOOWQ
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
742015b12c8e5a7f-MEL
pragma
no-cache
date
Sun, 28 Aug 2022 21:19:21 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4BRDVtIilFvcdQMSQ5q%2BPz%2BG1kA%2FwArOJcvMzL6sUqSH2wsvg5s%2Fvlqhmr8cEHbYaNXI2ngLnPASa9xoK0IG%2FAiTMck87Mwa4t9kRe6nS5m7SewT9yc3h%2FVIbw0ODBSKhQyXsnsE4sgl1w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sun, 28 Aug 2022 21:19:21 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGHmZZCV-wEnZ1H6waHHmL8&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame A8D4
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEBVUmf2TA2OJF6klorr_E1E&google_cver=1
43 B
1018 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEBVUmf2TA2OJF6klorr_E1E&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGTmNcDEIqkx94DGLP9vdABMAE&v=APEucNUmVVpl5Bzv81m67ejg-wv7xEzygvG678SfnVsy4a27na7-LQerFIGXjP-JWjKx_-NEvoxJLwtKgBtvJBRUNP9P4DOOWQ
Protocol
HTTP/1.1
Server
104.254.151.120 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
908.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 28 Aug 2022 21:19:21 GMT
X-Proxy-Origin
103.209.254.23; 103.209.254.23; 908.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid
ecee9282-4fca-4e05-a4ab-8609b0ade35e
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 28 Aug 2022 21:19:20 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEBVUmf2TA2OJF6klorr_E1E&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame A8D4
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzYxMjk2NDIwMDE4MDE2ODAxMw%3D%3D
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzYxMjk2NDIwMDE4MDE2ODAxMw%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGTmNcDEIqkx94DGLP9vdABMAE&v=APEucNUmVVpl5Bzv81m67ejg-wv7xEzygvG678SfnVsy4a27na7-LQerFIGXjP-JWjKx_-NEvoxJLwtKgBtvJBRUNP9P4DOOWQ
Protocol
H2
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Aug 2022 21:19:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 28 Aug 2022 21:19:20 GMT
X-Proxy-Origin
103.209.254.23; 103.209.254.23; 908.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid
0e693a2e-6ef3-4716-b26e-17e7b9da3e98
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzYxMjk2NDIwMDE4MDE2ODAxMw%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 9AC1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEP16w3iIWrYD9fImq9j_zb0&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEP16w3iIWrYD9fImq9j_zb0&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGTmNcDEIqkx94DGLP9vdABMAE&v=APEucNWUIXaHD2CDmWPxG9jJFxFFZHx3qk5j4MhA8uUW4f0nJPYdlKLvrT2Ki5-Lvjz0f_2fv7zfhX7aDovHVRXsZ3CJRu1aAg
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Aug 2022 21:19:21 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 28 Aug 2022 21:19:20 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEP16w3iIWrYD9fImq9j_zb0&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 9AC1
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=Y2ZhMjQ2MzEtNzE0NC0yMmY4LWQwOWItNWY2YzFmZjAzY2Vl
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=Y2ZhMjQ2MzEtNzE0NC0yMmY4LWQwOWItNWY2YzFmZjAzY2Vl
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGTmNcDEIqkx94DGLP9vdABMAE&v=APEucNWUIXaHD2CDmWPxG9jJFxFFZHx3qk5j4MhA8uUW4f0nJPYdlKLvrT2Ki5-Lvjz0f_2fv7zfhX7aDovHVRXsZ3CJRu1aAg
Protocol
H2
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Aug 2022 21:19:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 28 Aug 2022 21:19:20 GMT
content-encoding
gzip
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=Y2ZhMjQ2MzEtNzE0NC0yMmY4LWQwOWItNWY2YzFmZjAzY2Vl
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
um
sync.teads.tv/ Frame 9AC1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEPOoAzzWZEVD2IFRBZYo9_s&google_cver=1
23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEPOoAzzWZEVD2IFRBZYo9_s&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGTmNcDEIqkx94DGLP9vdABMAE&v=APEucNWUIXaHD2CDmWPxG9jJFxFFZHx3qk5j4MhA8uUW4f0nJPYdlKLvrT2Ki5-Lvjz0f_2fv7zfhX7aDovHVRXsZ3CJRu1aAg
Protocol
H2
Server
23.213.141.184 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-141-184.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.8 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Aug 2022 21:19:21 GMT
cache-control
max-age=0, no-cache, no-store
expires
Sun, 28 Aug 2022 21:19:21 GMT
server
akka-http/10.2.8
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sun, 28 Aug 2022 21:19:20 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync.teads.tv/um?eid=3&uid=CAESEPOoAzzWZEVD2IFRBZYo9_s&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 9AC1
Redirect Chain
  • https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=YmU1YjlkMWUtM2RhMC00Mjk3LTgyY2ItNDI2MDFiZjVkOGU1
170 B
189 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=YmU1YjlkMWUtM2RhMC00Mjk3LTgyY2ItNDI2MDFiZjVkOGU1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGTmNcDEIqkx94DGLP9vdABMAE&v=APEucNWUIXaHD2CDmWPxG9jJFxFFZHx3qk5j4MhA8uUW4f0nJPYdlKLvrT2Ki5-Lvjz0f_2fv7zfhX7aDovHVRXsZ3CJRu1aAg
Protocol
H3
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Aug 2022 21:19:21 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 28 Aug 2022 21:19:20 GMT
server
akka-http/10.2.8
content-type
text/html; charset=UTF-8
location
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=YmU1YjlkMWUtM2RhMC00Mjk3LTgyY2ItNDI2MDFiZjVkOGU1
cache-control
max-age=0, no-cache, no-store
content-length
189
expires
Sun, 28 Aug 2022 21:19:20 GMT
oORtDv9EbGDZJqtoCU6ZUa1h2CU5mRmZpTeRJMx0_5U.js
pagead2.googlesyndication.com/bg/ Frame 43C5 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/oORtDv9EbGDZJqtoCU6ZUa1h2CU5mRmZpTeRJMx0_5U.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
sffe /
Resource Hash
a0e46d0eff446c60d926ab68094e9951ad61d82539991999a5379124cc74ff95
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 19:05:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
440059
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14118
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 08:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 23 Aug 2023 19:05:01 GMT
oORtDv9EbGDZJqtoCU6ZUa1h2CU5mRmZpTeRJMx0_5U.js
pagead2.googlesyndication.com/bg/ Frame 485B 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/oORtDv9EbGDZJqtoCU6ZUa1h2CU5mRmZpTeRJMx0_5U.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
sffe /
Resource Hash
a0e46d0eff446c60d926ab68094e9951ad61d82539991999a5379124cc74ff95
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 19:05:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
440059
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14118
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 08:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 23 Aug 2023 19:05:01 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 92CE 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022082202&jk=528864085794125&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lu-pei-pian-tai-ren-ai-bai-bai-zou-chun-xiang-fang-chang-jia.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame F628 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022082202&jk=4101489512092726&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lu-pei-pian-tai-ren-ai-bai-bai-zou-chun-xiang-fang-chang-jia.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220822/r20110914/ Frame 42AF 		30 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220822/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D0nSlvYfY7qk9JL_uENrFX8sgVAx__vvK-HoH4hAOQMBmPNq7N61OTfb92QVMiTHejyvcSUm8rbP1Prmz9DpOQvYPRaw&cry=1&dbm_d=AKAmf-BrmKPBgdBzFOUxFqrB9wsIxC7do0MiIGtv5DeNw4rhyY02z26-LJgQSId3ID3NVyigFUkf7CACZd9uNQrPo1LPbQhUwy_cEn6GKO_Z5czvsuDIbO_VGON-ss5KkKPnoo9TI4-BMnu3hTWNqHP67h9bDmfKLUoABrr4M052HPTXldto7spdz3v7r9yiTCyD9gTdpO8VQGzrMUcAoZ2uhB6K_APZ8TA3ddsfQOoZnZAKWJj91n8YNG2-PlSnIXtLWDPWCxWO14jvejOtZPJ_-UiJl1yzVJ6hX62RCVN1TWT36EeNul58rHmOF74VDF1oYDCcvPkzCHt9AFawE2WeCSqDPJ4ebwylYjJ_HI9VKNMp-spW6VMi6v0Y9HFeRacDDsPW8PCp6S2JRcqJd8S8g95LGo-L6ZauEdxRONwczwn9sxllVmzDWAOL9WKI6POEKSjlew3v91Lam3TPbs-JFSEEuBprDkrErIwV0uhY8t7K2Zu8SpljTeLeK-G2uOLIIfMPS1NaPdua6rhHtSVQ7xixSBpxrugtOOiNB5GZSiQeBVyjFQMjvFdcNOVI9Hsc43P0jyHLhREwL_Ln9OGZryJfpvYdxMatHJViCVxY2G-xhBg1v4wBQp4jW5bs4n1RnAwa4O_kN5lEolnQAPHDGNwCSQbBsmOWhhlHD2H1pcXX7Myo6GyolISWMBHMHIM5sOTb_64esG7AFMDjm3nlHgekEo1nfz-7nYbi4f0CPNB3nFCMYNDwyMa9OGJxPz2poPfFVqdhZKxzPXPhKmk7VAeeB9g4i_JFs9O2gctN6hI31gV48rVZ_EIUrgaV7AKy3NPIb8_fKIO11hIauB2mHeylzDEIeRWOEM7yVFjZgzy80xSYhcE5P47Wmfwdq-P9C4_uSPm_EDemFo956m0T9bZ_1lMK5OGFGmfFkBDC_sebxKRde7n5WdJ5RVIxCGXGhJzUsywssdUHijgeYb5WntnPAV0irUWiSt-1ZYs-uES1axo9P417mJSZJyAKVB3avPt50AomyAR9bpD3U_K_03DHfU4HMcOoJ12OqhJ3b018F27AoZmQSsY2LHHkKEAlELmzjIPTKtpVjjcV3aGNsQoKiMNUJd9Ggz4ExDHVwxXyhtXV2QlSh8NpAp8sApzK5TLz7_aVk7fxaUXmO-y8S7ixUHAOALX8KbkkNC8_jcLbnOTj_o_dV1hcmn_6EgQAXZB9gi-ymihkfMszoyVKcw7ZWPb7F4Ee03-tN2z14A1K2OaVE6B0_jAcat8sQ_PVs5SQXVNnd7uAjp2AfmqvmhUwSP3vLbd_TTeIr_20Q0R2mSAoHGo4wNvh1DIxIdtyY01b51WCjRm-a602MHg8DQTyAEHiE5GNhog8a7K4eP3QyoxL2oN7lj2mQlpvRVy-fE4m7X30X_1WYWsO38cSf86p_BK9Al1-eiR9eksvrKlaTYRt-ozIuXYSVdy8r78ZWpWx89us1blLTaaWzXrKgwqEuZqO1PRI-Yes_tnc9V2m_YSKWIrG9OzJMVaT2zPQVX0TAftGCDETe4wYV6QMqSDXovACJ9hHtn-iynE0aBn7_j0j7RYj_EwxlB9KxJHPnmHj_FBcYd7U0ZOPE1itJGQU-amJ4UUmmpngAtSLZkd59l1zEiNhIhDjj4LNiqnEBwPHK9c1Om_knR4Vy5Yhve4UtPmpWUW1JmFeX07jv-IUgXFC4dCcIB5AwtcmjlXlIkgz0j1qzvu1UyeKAPJYJdvSYWlQA-CzCiNycc48rlYflL2cf2rdMua2Cv9z6SiC3upOf8dZ4o6MzcsAKskr6a-fsP0lD23JiAl_csqOQq9fYOyXTSnlXmKiSuzZR_9gRZ6V9DGJ68LoejRNzI6EAa2qugD255xxHr8pPfSfl6Twx0aTxRYxuSvXgvWogBYWYTT4nqYR87YsG6lu--7elaOvz2biwtnj4ioTfkeMgdI1J2oSh6eCKiHxjPpxPCNON-avBJoZ532LpuVn24Af-J3B9tb8s-0BQY5YK9DCblongNimqcxVKK5ucfds90gk5wvZ1Uanys2oMsGL5g0wna--zl9lTLiMutKY6gKzzVt2rd1OymLjjyKE_Wf6zkUNbqaN1eSxOMk78tVFDrvRf5yuVs7wlaI89NEWjSZRsgRCrZoIisKU02b3PgBTzhTvR0xv2iPMxPxheDsDiOjyqjACnyLYZ5hFBl599AdAYJVB1QTG_fEjzVYIhrgsboaTlO9Ucp1wrFhryHtR67MzdqBrLgNJEh2Xli429Eyqq6cnh_vkF7IaUmRp-5ZPJw8a6cpPrScc9LQGNj7nRZ72nWRrOlfUSroxkz1dOhqliYBoQ4SdbbuH7dEk1bIGshmcjq-g10UjJ6pcTk_YmgXe-aOSmlYAfyns36KN9Mx_5UV7AhjkU48Kfd060t940wpqVgqSF5c3vUxiQog8wYOdWb3x8ZTtkK3ea-OpUCGGeKCElmrqx4_HY5dDYRQ4p08ydcfh43fa2Pjd93i4IZSn9DlQ8HzO6QrpYZzF9YVYIIEQPc42BoJh9lyYGa2LGxO7pIvDhOkXbIE2Fswe0zGYCeO4B1ZTIrKWMuEDM3rpJTbSe-dWBzjMmWUVuIXFTxClDxsHha1RL17xCCEVbPJiJfVR8j41XbxZ7Hb8Skf0V_FV5aGbhrjNKwDIjeKIiZbi5EZq5wK0QZxdmQ2JXYI-MAeUKnykqWzj_EyAdckZMNtVCG01MKFANRnx6tp1U3SDm8qsAPGynbRJVAcKtZW_D4PLoMUJnXRAK7_ywU6EiTIzgM44xJe6asOyFYXcZIWPvlt5rrJfipQElPCNvdfvQ9tk3YJm9xhA9PannzhN_BdePaOLaYttPIOWkMwXxZZbH5rUjUCnllFQyGaJJs4CFzXtXVLz800oUloBbkqkSRsIVufdQ9IFJpH_GWDAEwisLB0hPWE1G7-tkdLMAdyL5088gfuTDHx8wipMLTgxtiahddwTL-0Ols7y02q82_qGfBam6qJg-1beSlszU9HHixdHjoieL0Kq7cRQ396QmwSTL5NOwhXpkV_jYqDE_vGjnAYj7ui6NtEnxgkDtErH45cw4RlNiMpwDg-U2c8AoxaMdnMzZpRvn1a1ZeA5RsGNHXgC1bL7-NmGDPTXU0NvKF2FIk9e2g&cid=CAASEuRoI5BYTYP_3-VE9M_gWe5GGA&rfl=3%2Chttps%253A%252F%252Fwww.bg3.co%242%2C%2Chttps%253A%252F%252Fadx.holmesmind.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
cafe /
Resource Hash
c0d0b5ecf5aa2cd5475929aefcb44d67c5d5cc8cbcdb3991e45f0944f0344619
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 20:37:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2485
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11819
x-xss-protection
0
server
cafe
etag
10563440404697844360
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 11 Sep 2022 20:37:55 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220822/r20110914/elements/html/ Frame 42AF 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220822/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D0nSlvYfY7qk9JL_uENrFX8sgVAx__vvK-HoH4hAOQMBmPNq7N61OTfb92QVMiTHejyvcSUm8rbP1Prmz9DpOQvYPRaw&cry=1&dbm_d=AKAmf-BrmKPBgdBzFOUxFqrB9wsIxC7do0MiIGtv5DeNw4rhyY02z26-LJgQSId3ID3NVyigFUkf7CACZd9uNQrPo1LPbQhUwy_cEn6GKO_Z5czvsuDIbO_VGON-ss5KkKPnoo9TI4-BMnu3hTWNqHP67h9bDmfKLUoABrr4M052HPTXldto7spdz3v7r9yiTCyD9gTdpO8VQGzrMUcAoZ2uhB6K_APZ8TA3ddsfQOoZnZAKWJj91n8YNG2-PlSnIXtLWDPWCxWO14jvejOtZPJ_-UiJl1yzVJ6hX62RCVN1TWT36EeNul58rHmOF74VDF1oYDCcvPkzCHt9AFawE2WeCSqDPJ4ebwylYjJ_HI9VKNMp-spW6VMi6v0Y9HFeRacDDsPW8PCp6S2JRcqJd8S8g95LGo-L6ZauEdxRONwczwn9sxllVmzDWAOL9WKI6POEKSjlew3v91Lam3TPbs-JFSEEuBprDkrErIwV0uhY8t7K2Zu8SpljTeLeK-G2uOLIIfMPS1NaPdua6rhHtSVQ7xixSBpxrugtOOiNB5GZSiQeBVyjFQMjvFdcNOVI9Hsc43P0jyHLhREwL_Ln9OGZryJfpvYdxMatHJViCVxY2G-xhBg1v4wBQp4jW5bs4n1RnAwa4O_kN5lEolnQAPHDGNwCSQbBsmOWhhlHD2H1pcXX7Myo6GyolISWMBHMHIM5sOTb_64esG7AFMDjm3nlHgekEo1nfz-7nYbi4f0CPNB3nFCMYNDwyMa9OGJxPz2poPfFVqdhZKxzPXPhKmk7VAeeB9g4i_JFs9O2gctN6hI31gV48rVZ_EIUrgaV7AKy3NPIb8_fKIO11hIauB2mHeylzDEIeRWOEM7yVFjZgzy80xSYhcE5P47Wmfwdq-P9C4_uSPm_EDemFo956m0T9bZ_1lMK5OGFGmfFkBDC_sebxKRde7n5WdJ5RVIxCGXGhJzUsywssdUHijgeYb5WntnPAV0irUWiSt-1ZYs-uES1axo9P417mJSZJyAKVB3avPt50AomyAR9bpD3U_K_03DHfU4HMcOoJ12OqhJ3b018F27AoZmQSsY2LHHkKEAlELmzjIPTKtpVjjcV3aGNsQoKiMNUJd9Ggz4ExDHVwxXyhtXV2QlSh8NpAp8sApzK5TLz7_aVk7fxaUXmO-y8S7ixUHAOALX8KbkkNC8_jcLbnOTj_o_dV1hcmn_6EgQAXZB9gi-ymihkfMszoyVKcw7ZWPb7F4Ee03-tN2z14A1K2OaVE6B0_jAcat8sQ_PVs5SQXVNnd7uAjp2AfmqvmhUwSP3vLbd_TTeIr_20Q0R2mSAoHGo4wNvh1DIxIdtyY01b51WCjRm-a602MHg8DQTyAEHiE5GNhog8a7K4eP3QyoxL2oN7lj2mQlpvRVy-fE4m7X30X_1WYWsO38cSf86p_BK9Al1-eiR9eksvrKlaTYRt-ozIuXYSVdy8r78ZWpWx89us1blLTaaWzXrKgwqEuZqO1PRI-Yes_tnc9V2m_YSKWIrG9OzJMVaT2zPQVX0TAftGCDETe4wYV6QMqSDXovACJ9hHtn-iynE0aBn7_j0j7RYj_EwxlB9KxJHPnmHj_FBcYd7U0ZOPE1itJGQU-amJ4UUmmpngAtSLZkd59l1zEiNhIhDjj4LNiqnEBwPHK9c1Om_knR4Vy5Yhve4UtPmpWUW1JmFeX07jv-IUgXFC4dCcIB5AwtcmjlXlIkgz0j1qzvu1UyeKAPJYJdvSYWlQA-CzCiNycc48rlYflL2cf2rdMua2Cv9z6SiC3upOf8dZ4o6MzcsAKskr6a-fsP0lD23JiAl_csqOQq9fYOyXTSnlXmKiSuzZR_9gRZ6V9DGJ68LoejRNzI6EAa2qugD255xxHr8pPfSfl6Twx0aTxRYxuSvXgvWogBYWYTT4nqYR87YsG6lu--7elaOvz2biwtnj4ioTfkeMgdI1J2oSh6eCKiHxjPpxPCNON-avBJoZ532LpuVn24Af-J3B9tb8s-0BQY5YK9DCblongNimqcxVKK5ucfds90gk5wvZ1Uanys2oMsGL5g0wna--zl9lTLiMutKY6gKzzVt2rd1OymLjjyKE_Wf6zkUNbqaN1eSxOMk78tVFDrvRf5yuVs7wlaI89NEWjSZRsgRCrZoIisKU02b3PgBTzhTvR0xv2iPMxPxheDsDiOjyqjACnyLYZ5hFBl599AdAYJVB1QTG_fEjzVYIhrgsboaTlO9Ucp1wrFhryHtR67MzdqBrLgNJEh2Xli429Eyqq6cnh_vkF7IaUmRp-5ZPJw8a6cpPrScc9LQGNj7nRZ72nWRrOlfUSroxkz1dOhqliYBoQ4SdbbuH7dEk1bIGshmcjq-g10UjJ6pcTk_YmgXe-aOSmlYAfyns36KN9Mx_5UV7AhjkU48Kfd060t940wpqVgqSF5c3vUxiQog8wYOdWb3x8ZTtkK3ea-OpUCGGeKCElmrqx4_HY5dDYRQ4p08ydcfh43fa2Pjd93i4IZSn9DlQ8HzO6QrpYZzF9YVYIIEQPc42BoJh9lyYGa2LGxO7pIvDhOkXbIE2Fswe0zGYCeO4B1ZTIrKWMuEDM3rpJTbSe-dWBzjMmWUVuIXFTxClDxsHha1RL17xCCEVbPJiJfVR8j41XbxZ7Hb8Skf0V_FV5aGbhrjNKwDIjeKIiZbi5EZq5wK0QZxdmQ2JXYI-MAeUKnykqWzj_EyAdckZMNtVCG01MKFANRnx6tp1U3SDm8qsAPGynbRJVAcKtZW_D4PLoMUJnXRAK7_ywU6EiTIzgM44xJe6asOyFYXcZIWPvlt5rrJfipQElPCNvdfvQ9tk3YJm9xhA9PannzhN_BdePaOLaYttPIOWkMwXxZZbH5rUjUCnllFQyGaJJs4CFzXtXVLz800oUloBbkqkSRsIVufdQ9IFJpH_GWDAEwisLB0hPWE1G7-tkdLMAdyL5088gfuTDHx8wipMLTgxtiahddwTL-0Ols7y02q82_qGfBam6qJg-1beSlszU9HHixdHjoieL0Kq7cRQ396QmwSTL5NOwhXpkV_jYqDE_vGjnAYj7ui6NtEnxgkDtErH45cw4RlNiMpwDg-U2c8AoxaMdnMzZpRvn1a1ZeA5RsGNHXgC1bL7-NmGDPTXU0NvKF2FIk9e2g&cid=CAASEuRoI5BYTYP_3-VE9M_gWe5GGA&rfl=3%2Chttps%253A%252F%252Fwww.bg3.co%242%2C%2Chttps%253A%252F%252Fadx.holmesmind.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
cafe /
Resource Hash
c9499ea51a2956fd2c1600591ae117fe9ad81065d625b1b2c593c7720e5b228f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 20:01:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4666
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3181
x-xss-protection
0
server
cafe
etag
18418590997839133011
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 11 Sep 2022 20:01:34 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 42AF 		0
64 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsusdSYOPo0eOEAIPM1blHdfrOQJ-z7lsajjA4rs0xmQjLM9g3r1lWD_gDk-_FJVu-g9nMp1zLXKaa32TPzguYyYZn38a7H5REaA4b_GZCOLa6IaHkX27ZOIWtZhfwXt71usySgQQEnidbIb7Byx5v_fSYfTyM9V7eYae07JC5eBoi05bp2s78CUFXUXmyT8jMT3NO_w9ub3dDGRu1fMRpKdZ6O4z27hsDEEs3ZzwGPMwkjfhug0cGTTMtuUd5J9VZyERSscsLrK5dWINf5q7pOYEHb3KY7Pff-JShShSegxIkOO1tbP77XL4JQLsJiTxlMf22oE9pZu-AO1-B8ZWHjVMTvxdfpq6ssHMqM9vvb06dTMbLi5LSACGq0hnW8d2PP0KCosh2yRKAWoE_6_pNb4fP3VliVLXMwDGSyTWlMKBeRoyJhpQivyFoo7dr6ha3uKhWp4Z0RttwNGwB776yijoJ4bBTBkIi3lsNH5Vj8SDTZ5f9t6H1wSgcZxA8gp7Xf00nYJ4WamvQxMsrLrQxPTAamwMBqlvP0TfH8ZYbVwroh77mcB78Rtn_RHL0pmdPE2ohQrH8njreQ4bli3fkId68GRwIGLuv9SnIj6zlLl7icpVoiHaHxbY63TIK6bAIPcJmhW2CjqFvgVueg5YdEDnU9adsB4Xy7AXiKRmeLmByJB6TF1aGh_xdj8huF5OkWu4koOsazddX-grRDg_piHF-2JNceYXbcdPUnRwTuZT04d10mMLrYPd0ZsRWJfriCM1Kxt3hBABAZNiB2DBQqm6jTKMVrWRntxvcNump97KRFlBwRq6V3VCfo37uo947TzbCpO5VIYSHp0LRShA5V_km7XugfZzpjOxGLQguqyN7qHvujivg-KlampYQEDJyUdkQA47hUoieMdx9gmOKVoJSxY4S5Tx9lHaW_tSWyQtfZJHpj_VYadTWtT3QheAMyCvbcwxdrZEdJBzaB04UVcn0E7UiH-jTWL1AwMBBDqbrEhBIrPHoPikN_q9qmuRVxWOkiWEoeNirZXNVTitdS13HBv607HLv6KYeseDiBcEGFsUpEnQz0Idz9VdtyezXv6x5XzcDZNEtdJHUS9XaFUZ1YnawebrOmUqDb66007RgPh-WgWDtmSm154kIutneTZX4PFf_hcZEkIalAwkHecgOP0uiOGcrDrjgcq6veNCqN9G6-VUM2BPDKoUZqwSE9M0kyE67tbpyU3d0kcR-aHRGSdYbqCPPZsaNUS9K7gESPn6fdFR0a3aEdxDXwhGDRxCQ&sai=AMfl-YTE-ivk4bmARShgOvUGMyU4rdg3NDWTRViuph2uGCxN9yVk6LssKU9g1ESBCoRa2krex_bqE6QeN2UG4ZzzCQJNLJ7TzHkyyN9qZYBX3dZ6CKUzvcPh5Yygj2b6I4rnCvCj_8EnmpEfTPIFMxsLmRg8Uh_HFA&sig=Cg0ArKJSzCqDdEoa9_ktEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20220822.80324&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D0nSlvYfY7qk9JL_uENrFX8sgVAx__vvK-HoH4hAOQMBmPNq7N61OTfb92QVMiTHejyvcSUm8rbP1Prmz9DpOQvYPRaw&cry=1&dbm_d=AKAmf-BrmKPBgdBzFOUxFqrB9wsIxC7do0MiIGtv5DeNw4rhyY02z26-LJgQSId3ID3NVyigFUkf7CACZd9uNQrPo1LPbQhUwy_cEn6GKO_Z5czvsuDIbO_VGON-ss5KkKPnoo9TI4-BMnu3hTWNqHP67h9bDmfKLUoABrr4M052HPTXldto7spdz3v7r9yiTCyD9gTdpO8VQGzrMUcAoZ2uhB6K_APZ8TA3ddsfQOoZnZAKWJj91n8YNG2-PlSnIXtLWDPWCxWO14jvejOtZPJ_-UiJl1yzVJ6hX62RCVN1TWT36EeNul58rHmOF74VDF1oYDCcvPkzCHt9AFawE2WeCSqDPJ4ebwylYjJ_HI9VKNMp-spW6VMi6v0Y9HFeRacDDsPW8PCp6S2JRcqJd8S8g95LGo-L6ZauEdxRONwczwn9sxllVmzDWAOL9WKI6POEKSjlew3v91Lam3TPbs-JFSEEuBprDkrErIwV0uhY8t7K2Zu8SpljTeLeK-G2uOLIIfMPS1NaPdua6rhHtSVQ7xixSBpxrugtOOiNB5GZSiQeBVyjFQMjvFdcNOVI9Hsc43P0jyHLhREwL_Ln9OGZryJfpvYdxMatHJViCVxY2G-xhBg1v4wBQp4jW5bs4n1RnAwa4O_kN5lEolnQAPHDGNwCSQbBsmOWhhlHD2H1pcXX7Myo6GyolISWMBHMHIM5sOTb_64esG7AFMDjm3nlHgekEo1nfz-7nYbi4f0CPNB3nFCMYNDwyMa9OGJxPz2poPfFVqdhZKxzPXPhKmk7VAeeB9g4i_JFs9O2gctN6hI31gV48rVZ_EIUrgaV7AKy3NPIb8_fKIO11hIauB2mHeylzDEIeRWOEM7yVFjZgzy80xSYhcE5P47Wmfwdq-P9C4_uSPm_EDemFo956m0T9bZ_1lMK5OGFGmfFkBDC_sebxKRde7n5WdJ5RVIxCGXGhJzUsywssdUHijgeYb5WntnPAV0irUWiSt-1ZYs-uES1axo9P417mJSZJyAKVB3avPt50AomyAR9bpD3U_K_03DHfU4HMcOoJ12OqhJ3b018F27AoZmQSsY2LHHkKEAlELmzjIPTKtpVjjcV3aGNsQoKiMNUJd9Ggz4ExDHVwxXyhtXV2QlSh8NpAp8sApzK5TLz7_aVk7fxaUXmO-y8S7ixUHAOALX8KbkkNC8_jcLbnOTj_o_dV1hcmn_6EgQAXZB9gi-ymihkfMszoyVKcw7ZWPb7F4Ee03-tN2z14A1K2OaVE6B0_jAcat8sQ_PVs5SQXVNnd7uAjp2AfmqvmhUwSP3vLbd_TTeIr_20Q0R2mSAoHGo4wNvh1DIxIdtyY01b51WCjRm-a602MHg8DQTyAEHiE5GNhog8a7K4eP3QyoxL2oN7lj2mQlpvRVy-fE4m7X30X_1WYWsO38cSf86p_BK9Al1-eiR9eksvrKlaTYRt-ozIuXYSVdy8r78ZWpWx89us1blLTaaWzXrKgwqEuZqO1PRI-Yes_tnc9V2m_YSKWIrG9OzJMVaT2zPQVX0TAftGCDETe4wYV6QMqSDXovACJ9hHtn-iynE0aBn7_j0j7RYj_EwxlB9KxJHPnmHj_FBcYd7U0ZOPE1itJGQU-amJ4UUmmpngAtSLZkd59l1zEiNhIhDjj4LNiqnEBwPHK9c1Om_knR4Vy5Yhve4UtPmpWUW1JmFeX07jv-IUgXFC4dCcIB5AwtcmjlXlIkgz0j1qzvu1UyeKAPJYJdvSYWlQA-CzCiNycc48rlYflL2cf2rdMua2Cv9z6SiC3upOf8dZ4o6MzcsAKskr6a-fsP0lD23JiAl_csqOQq9fYOyXTSnlXmKiSuzZR_9gRZ6V9DGJ68LoejRNzI6EAa2qugD255xxHr8pPfSfl6Twx0aTxRYxuSvXgvWogBYWYTT4nqYR87YsG6lu--7elaOvz2biwtnj4ioTfkeMgdI1J2oSh6eCKiHxjPpxPCNON-avBJoZ532LpuVn24Af-J3B9tb8s-0BQY5YK9DCblongNimqcxVKK5ucfds90gk5wvZ1Uanys2oMsGL5g0wna--zl9lTLiMutKY6gKzzVt2rd1OymLjjyKE_Wf6zkUNbqaN1eSxOMk78tVFDrvRf5yuVs7wlaI89NEWjSZRsgRCrZoIisKU02b3PgBTzhTvR0xv2iPMxPxheDsDiOjyqjACnyLYZ5hFBl599AdAYJVB1QTG_fEjzVYIhrgsboaTlO9Ucp1wrFhryHtR67MzdqBrLgNJEh2Xli429Eyqq6cnh_vkF7IaUmRp-5ZPJw8a6cpPrScc9LQGNj7nRZ72nWRrOlfUSroxkz1dOhqliYBoQ4SdbbuH7dEk1bIGshmcjq-g10UjJ6pcTk_YmgXe-aOSmlYAfyns36KN9Mx_5UV7AhjkU48Kfd060t940wpqVgqSF5c3vUxiQog8wYOdWb3x8ZTtkK3ea-OpUCGGeKCElmrqx4_HY5dDYRQ4p08ydcfh43fa2Pjd93i4IZSn9DlQ8HzO6QrpYZzF9YVYIIEQPc42BoJh9lyYGa2LGxO7pIvDhOkXbIE2Fswe0zGYCeO4B1ZTIrKWMuEDM3rpJTbSe-dWBzjMmWUVuIXFTxClDxsHha1RL17xCCEVbPJiJfVR8j41XbxZ7Hb8Skf0V_FV5aGbhrjNKwDIjeKIiZbi5EZq5wK0QZxdmQ2JXYI-MAeUKnykqWzj_EyAdckZMNtVCG01MKFANRnx6tp1U3SDm8qsAPGynbRJVAcKtZW_D4PLoMUJnXRAK7_ywU6EiTIzgM44xJe6asOyFYXcZIWPvlt5rrJfipQElPCNvdfvQ9tk3YJm9xhA9PannzhN_BdePaOLaYttPIOWkMwXxZZbH5rUjUCnllFQyGaJJs4CFzXtXVLz800oUloBbkqkSRsIVufdQ9IFJpH_GWDAEwisLB0hPWE1G7-tkdLMAdyL5088gfuTDHx8wipMLTgxtiahddwTL-0Ols7y02q82_qGfBam6qJg-1beSlszU9HHixdHjoieL0Kq7cRQ396QmwSTL5NOwhXpkV_jYqDE_vGjnAYj7ui6NtEnxgkDtErH45cw4RlNiMpwDg-U2c8AoxaMdnMzZpRvn1a1ZeA5RsGNHXgC1bL7-NmGDPTXU0NvKF2FIk9e2g&cid=CAASEuRoI5BYTYP_3-VE9M_gWe5GGA&rfl=3%2Chttps%253A%252F%252Fwww.bg3.co%242%2C%2Chttps%253A%252F%252Fadx.holmesmind.com%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Sun, 28 Aug 2022 21:19:20 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
dvtp_src.js
cdn.doubleverify.com/ Frame 42AF 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvtp_src.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D0nSlvYfY7qk9JL_uENrFX8sgVAx__vvK-HoH4hAOQMBmPNq7N61OTfb92QVMiTHejyvcSUm8rbP1Prmz9DpOQvYPRaw&cry=1&dbm_d=AKAmf-BrmKPBgdBzFOUxFqrB9wsIxC7do0MiIGtv5DeNw4rhyY02z26-LJgQSId3ID3NVyigFUkf7CACZd9uNQrPo1LPbQhUwy_cEn6GKO_Z5czvsuDIbO_VGON-ss5KkKPnoo9TI4-BMnu3hTWNqHP67h9bDmfKLUoABrr4M052HPTXldto7spdz3v7r9yiTCyD9gTdpO8VQGzrMUcAoZ2uhB6K_APZ8TA3ddsfQOoZnZAKWJj91n8YNG2-PlSnIXtLWDPWCxWO14jvejOtZPJ_-UiJl1yzVJ6hX62RCVN1TWT36EeNul58rHmOF74VDF1oYDCcvPkzCHt9AFawE2WeCSqDPJ4ebwylYjJ_HI9VKNMp-spW6VMi6v0Y9HFeRacDDsPW8PCp6S2JRcqJd8S8g95LGo-L6ZauEdxRONwczwn9sxllVmzDWAOL9WKI6POEKSjlew3v91Lam3TPbs-JFSEEuBprDkrErIwV0uhY8t7K2Zu8SpljTeLeK-G2uOLIIfMPS1NaPdua6rhHtSVQ7xixSBpxrugtOOiNB5GZSiQeBVyjFQMjvFdcNOVI9Hsc43P0jyHLhREwL_Ln9OGZryJfpvYdxMatHJViCVxY2G-xhBg1v4wBQp4jW5bs4n1RnAwa4O_kN5lEolnQAPHDGNwCSQbBsmOWhhlHD2H1pcXX7Myo6GyolISWMBHMHIM5sOTb_64esG7AFMDjm3nlHgekEo1nfz-7nYbi4f0CPNB3nFCMYNDwyMa9OGJxPz2poPfFVqdhZKxzPXPhKmk7VAeeB9g4i_JFs9O2gctN6hI31gV48rVZ_EIUrgaV7AKy3NPIb8_fKIO11hIauB2mHeylzDEIeRWOEM7yVFjZgzy80xSYhcE5P47Wmfwdq-P9C4_uSPm_EDemFo956m0T9bZ_1lMK5OGFGmfFkBDC_sebxKRde7n5WdJ5RVIxCGXGhJzUsywssdUHijgeYb5WntnPAV0irUWiSt-1ZYs-uES1axo9P417mJSZJyAKVB3avPt50AomyAR9bpD3U_K_03DHfU4HMcOoJ12OqhJ3b018F27AoZmQSsY2LHHkKEAlELmzjIPTKtpVjjcV3aGNsQoKiMNUJd9Ggz4ExDHVwxXyhtXV2QlSh8NpAp8sApzK5TLz7_aVk7fxaUXmO-y8S7ixUHAOALX8KbkkNC8_jcLbnOTj_o_dV1hcmn_6EgQAXZB9gi-ymihkfMszoyVKcw7ZWPb7F4Ee03-tN2z14A1K2OaVE6B0_jAcat8sQ_PVs5SQXVNnd7uAjp2AfmqvmhUwSP3vLbd_TTeIr_20Q0R2mSAoHGo4wNvh1DIxIdtyY01b51WCjRm-a602MHg8DQTyAEHiE5GNhog8a7K4eP3QyoxL2oN7lj2mQlpvRVy-fE4m7X30X_1WYWsO38cSf86p_BK9Al1-eiR9eksvrKlaTYRt-ozIuXYSVdy8r78ZWpWx89us1blLTaaWzXrKgwqEuZqO1PRI-Yes_tnc9V2m_YSKWIrG9OzJMVaT2zPQVX0TAftGCDETe4wYV6QMqSDXovACJ9hHtn-iynE0aBn7_j0j7RYj_EwxlB9KxJHPnmHj_FBcYd7U0ZOPE1itJGQU-amJ4UUmmpngAtSLZkd59l1zEiNhIhDjj4LNiqnEBwPHK9c1Om_knR4Vy5Yhve4UtPmpWUW1JmFeX07jv-IUgXFC4dCcIB5AwtcmjlXlIkgz0j1qzvu1UyeKAPJYJdvSYWlQA-CzCiNycc48rlYflL2cf2rdMua2Cv9z6SiC3upOf8dZ4o6MzcsAKskr6a-fsP0lD23JiAl_csqOQq9fYOyXTSnlXmKiSuzZR_9gRZ6V9DGJ68LoejRNzI6EAa2qugD255xxHr8pPfSfl6Twx0aTxRYxuSvXgvWogBYWYTT4nqYR87YsG6lu--7elaOvz2biwtnj4ioTfkeMgdI1J2oSh6eCKiHxjPpxPCNON-avBJoZ532LpuVn24Af-J3B9tb8s-0BQY5YK9DCblongNimqcxVKK5ucfds90gk5wvZ1Uanys2oMsGL5g0wna--zl9lTLiMutKY6gKzzVt2rd1OymLjjyKE_Wf6zkUNbqaN1eSxOMk78tVFDrvRf5yuVs7wlaI89NEWjSZRsgRCrZoIisKU02b3PgBTzhTvR0xv2iPMxPxheDsDiOjyqjACnyLYZ5hFBl599AdAYJVB1QTG_fEjzVYIhrgsboaTlO9Ucp1wrFhryHtR67MzdqBrLgNJEh2Xli429Eyqq6cnh_vkF7IaUmRp-5ZPJw8a6cpPrScc9LQGNj7nRZ72nWRrOlfUSroxkz1dOhqliYBoQ4SdbbuH7dEk1bIGshmcjq-g10UjJ6pcTk_YmgXe-aOSmlYAfyns36KN9Mx_5UV7AhjkU48Kfd060t940wpqVgqSF5c3vUxiQog8wYOdWb3x8ZTtkK3ea-OpUCGGeKCElmrqx4_HY5dDYRQ4p08ydcfh43fa2Pjd93i4IZSn9DlQ8HzO6QrpYZzF9YVYIIEQPc42BoJh9lyYGa2LGxO7pIvDhOkXbIE2Fswe0zGYCeO4B1ZTIrKWMuEDM3rpJTbSe-dWBzjMmWUVuIXFTxClDxsHha1RL17xCCEVbPJiJfVR8j41XbxZ7Hb8Skf0V_FV5aGbhrjNKwDIjeKIiZbi5EZq5wK0QZxdmQ2JXYI-MAeUKnykqWzj_EyAdckZMNtVCG01MKFANRnx6tp1U3SDm8qsAPGynbRJVAcKtZW_D4PLoMUJnXRAK7_ywU6EiTIzgM44xJe6asOyFYXcZIWPvlt5rrJfipQElPCNvdfvQ9tk3YJm9xhA9PannzhN_BdePaOLaYttPIOWkMwXxZZbH5rUjUCnllFQyGaJJs4CFzXtXVLz800oUloBbkqkSRsIVufdQ9IFJpH_GWDAEwisLB0hPWE1G7-tkdLMAdyL5088gfuTDHx8wipMLTgxtiahddwTL-0Ols7y02q82_qGfBam6qJg-1beSlszU9HHixdHjoieL0Kq7cRQ396QmwSTL5NOwhXpkV_jYqDE_vGjnAYj7ui6NtEnxgkDtErH45cw4RlNiMpwDg-U2c8AoxaMdnMzZpRvn1a1ZeA5RsGNHXgC1bL7-NmGDPTXU0NvKF2FIk9e2g&cid=CAASEuRoI5BYTYP_3-VE9M_gWe5GGA&rfl=3%2Chttps%253A%252F%252Fwww.bg3.co%242%2C%2Chttps%253A%252F%252Fadx.holmesmind.com%252F%240
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.213.140.75 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-140-75.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 /
Resource Hash
86f990ecc6f910b3c0fad186ee3b59f1a62760a1d2602a23cc687dc25fe5c4bd

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 28 Aug 2022 21:19:20 GMT
Content-Encoding
gzip
Last-Modified
Thu, 25 Aug 2022 09:18:53 GMT
Server
Microsoft-IIS/10.0
ETag
"80fcb2b163b8d81:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3314
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 42AF 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D0nSlvYfY7qk9JL_uENrFX8sgVAx__vvK-HoH4hAOQMBmPNq7N61OTfb92QVMiTHejyvcSUm8rbP1Prmz9DpOQvYPRaw&cry=1&dbm_d=AKAmf-BrmKPBgdBzFOUxFqrB9wsIxC7do0MiIGtv5DeNw4rhyY02z26-LJgQSId3ID3NVyigFUkf7CACZd9uNQrPo1LPbQhUwy_cEn6GKO_Z5czvsuDIbO_VGON-ss5KkKPnoo9TI4-BMnu3hTWNqHP67h9bDmfKLUoABrr4M052HPTXldto7spdz3v7r9yiTCyD9gTdpO8VQGzrMUcAoZ2uhB6K_APZ8TA3ddsfQOoZnZAKWJj91n8YNG2-PlSnIXtLWDPWCxWO14jvejOtZPJ_-UiJl1yzVJ6hX62RCVN1TWT36EeNul58rHmOF74VDF1oYDCcvPkzCHt9AFawE2WeCSqDPJ4ebwylYjJ_HI9VKNMp-spW6VMi6v0Y9HFeRacDDsPW8PCp6S2JRcqJd8S8g95LGo-L6ZauEdxRONwczwn9sxllVmzDWAOL9WKI6POEKSjlew3v91Lam3TPbs-JFSEEuBprDkrErIwV0uhY8t7K2Zu8SpljTeLeK-G2uOLIIfMPS1NaPdua6rhHtSVQ7xixSBpxrugtOOiNB5GZSiQeBVyjFQMjvFdcNOVI9Hsc43P0jyHLhREwL_Ln9OGZryJfpvYdxMatHJViCVxY2G-xhBg1v4wBQp4jW5bs4n1RnAwa4O_kN5lEolnQAPHDGNwCSQbBsmOWhhlHD2H1pcXX7Myo6GyolISWMBHMHIM5sOTb_64esG7AFMDjm3nlHgekEo1nfz-7nYbi4f0CPNB3nFCMYNDwyMa9OGJxPz2poPfFVqdhZKxzPXPhKmk7VAeeB9g4i_JFs9O2gctN6hI31gV48rVZ_EIUrgaV7AKy3NPIb8_fKIO11hIauB2mHeylzDEIeRWOEM7yVFjZgzy80xSYhcE5P47Wmfwdq-P9C4_uSPm_EDemFo956m0T9bZ_1lMK5OGFGmfFkBDC_sebxKRde7n5WdJ5RVIxCGXGhJzUsywssdUHijgeYb5WntnPAV0irUWiSt-1ZYs-uES1axo9P417mJSZJyAKVB3avPt50AomyAR9bpD3U_K_03DHfU4HMcOoJ12OqhJ3b018F27AoZmQSsY2LHHkKEAlELmzjIPTKtpVjjcV3aGNsQoKiMNUJd9Ggz4ExDHVwxXyhtXV2QlSh8NpAp8sApzK5TLz7_aVk7fxaUXmO-y8S7ixUHAOALX8KbkkNC8_jcLbnOTj_o_dV1hcmn_6EgQAXZB9gi-ymihkfMszoyVKcw7ZWPb7F4Ee03-tN2z14A1K2OaVE6B0_jAcat8sQ_PVs5SQXVNnd7uAjp2AfmqvmhUwSP3vLbd_TTeIr_20Q0R2mSAoHGo4wNvh1DIxIdtyY01b51WCjRm-a602MHg8DQTyAEHiE5GNhog8a7K4eP3QyoxL2oN7lj2mQlpvRVy-fE4m7X30X_1WYWsO38cSf86p_BK9Al1-eiR9eksvrKlaTYRt-ozIuXYSVdy8r78ZWpWx89us1blLTaaWzXrKgwqEuZqO1PRI-Yes_tnc9V2m_YSKWIrG9OzJMVaT2zPQVX0TAftGCDETe4wYV6QMqSDXovACJ9hHtn-iynE0aBn7_j0j7RYj_EwxlB9KxJHPnmHj_FBcYd7U0ZOPE1itJGQU-amJ4UUmmpngAtSLZkd59l1zEiNhIhDjj4LNiqnEBwPHK9c1Om_knR4Vy5Yhve4UtPmpWUW1JmFeX07jv-IUgXFC4dCcIB5AwtcmjlXlIkgz0j1qzvu1UyeKAPJYJdvSYWlQA-CzCiNycc48rlYflL2cf2rdMua2Cv9z6SiC3upOf8dZ4o6MzcsAKskr6a-fsP0lD23JiAl_csqOQq9fYOyXTSnlXmKiSuzZR_9gRZ6V9DGJ68LoejRNzI6EAa2qugD255xxHr8pPfSfl6Twx0aTxRYxuSvXgvWogBYWYTT4nqYR87YsG6lu--7elaOvz2biwtnj4ioTfkeMgdI1J2oSh6eCKiHxjPpxPCNON-avBJoZ532LpuVn24Af-J3B9tb8s-0BQY5YK9DCblongNimqcxVKK5ucfds90gk5wvZ1Uanys2oMsGL5g0wna--zl9lTLiMutKY6gKzzVt2rd1OymLjjyKE_Wf6zkUNbqaN1eSxOMk78tVFDrvRf5yuVs7wlaI89NEWjSZRsgRCrZoIisKU02b3PgBTzhTvR0xv2iPMxPxheDsDiOjyqjACnyLYZ5hFBl599AdAYJVB1QTG_fEjzVYIhrgsboaTlO9Ucp1wrFhryHtR67MzdqBrLgNJEh2Xli429Eyqq6cnh_vkF7IaUmRp-5ZPJw8a6cpPrScc9LQGNj7nRZ72nWRrOlfUSroxkz1dOhqliYBoQ4SdbbuH7dEk1bIGshmcjq-g10UjJ6pcTk_YmgXe-aOSmlYAfyns36KN9Mx_5UV7AhjkU48Kfd060t940wpqVgqSF5c3vUxiQog8wYOdWb3x8ZTtkK3ea-OpUCGGeKCElmrqx4_HY5dDYRQ4p08ydcfh43fa2Pjd93i4IZSn9DlQ8HzO6QrpYZzF9YVYIIEQPc42BoJh9lyYGa2LGxO7pIvDhOkXbIE2Fswe0zGYCeO4B1ZTIrKWMuEDM3rpJTbSe-dWBzjMmWUVuIXFTxClDxsHha1RL17xCCEVbPJiJfVR8j41XbxZ7Hb8Skf0V_FV5aGbhrjNKwDIjeKIiZbi5EZq5wK0QZxdmQ2JXYI-MAeUKnykqWzj_EyAdckZMNtVCG01MKFANRnx6tp1U3SDm8qsAPGynbRJVAcKtZW_D4PLoMUJnXRAK7_ywU6EiTIzgM44xJe6asOyFYXcZIWPvlt5rrJfipQElPCNvdfvQ9tk3YJm9xhA9PannzhN_BdePaOLaYttPIOWkMwXxZZbH5rUjUCnllFQyGaJJs4CFzXtXVLz800oUloBbkqkSRsIVufdQ9IFJpH_GWDAEwisLB0hPWE1G7-tkdLMAdyL5088gfuTDHx8wipMLTgxtiahddwTL-0Ols7y02q82_qGfBam6qJg-1beSlszU9HHixdHjoieL0Kq7cRQ396QmwSTL5NOwhXpkV_jYqDE_vGjnAYj7ui6NtEnxgkDtErH45cw4RlNiMpwDg-U2c8AoxaMdnMzZpRvn1a1ZeA5RsGNHXgC1bL7-NmGDPTXU0NvKF2FIk9e2g&cid=CAASEuRoI5BYTYP_3-VE9M_gWe5GGA&rfl=3%2Chttps%253A%252F%252Fwww.bg3.co%242%2C%2Chttps%253A%252F%252Fadx.holmesmind.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 20:09:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
263389
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 25 Aug 2023 20:09:31 GMT
11885153762611253657
s0.2mdn.net/simgad/ Frame 42AF 		55 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/11885153762611253657
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661721559094&bpp=6&bdt=210&idt=292&shv=r20220822&mjsv=m202208180101&ptt=5&saldr=sa&correlator=3192124272842&frm=8&ife=1&pv=2&ga_vid=573015669.1661721559&ga_sid=1661721559&ga_hid=748760412&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31069004%2C31064018&oid=2&pvsid=1139310003802546&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.onhdry252n6&fsb=1&dtd=306
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f149.1e100.net
Software
sffe /
Resource Hash
4f55b782e0d266e744eaeabd954db9e0221284265c264097206f7bcef361c1e6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 21:34:01 GMT
x-content-type-options
nosniff
age
603919
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
56771
x-xss-protection
0
last-modified
Mon, 01 Aug 2022 05:01:30 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 21 Aug 2023 21:34:01 GMT
11885153762611253657
s0.2mdn.net/simgad/ Frame 98C7 		55 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/11885153762611253657
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B80Bq9J9armd6KHu-hoq43-EkBDtt89_BzLGmPZNiRO8TJx4eq3T-WOYo4S3DVZ5zyNV9IxEL0FJqyAjuscsYK_mk0Bg&cry=1&dbm_d=AKAmf-AbgwV3lFAOyxz1BUig3EbhwJlKf7_RZkFoh9BhITEpF6o3IsucUlGprlo_DJMMUeu0PIofM8SNsTbqlbycjvuvguLfCyqzHQrlpjVQYmG0xXct2zB9usooIjvSB-23gsEaaKJpbTHBNvLC96_PQON7ZkZ_i6jn2G2oDrZLGZvPTi8IG70R8nAHeEPVR7s9f8-ESpAeaLCYtqhrtdMguQuAxtirlBnCripUHexZW-NI92w8yyRa5mi1GdEIgQD9EB6pB_S5qz3GxWvt0pLrRCPZJ33id4B3uIezfG1uTsMCxSCduOU2VkH-6G8lvZUhagDYyV2JEsCMJbPCKIXFObEt5CLC1HSs5KKis1s3HP1Ry3SCegRGXn3ouDcH4_gvp5bKDFlluKUciwEfV9wg7SUMMfUXHI2of8lghFJa3x2aJdXfCVYaYWSJSFLQHp2e7X2RqhhrAtpX2Jdz38LhTOMkfkgdC54KsdD5yHvXyMr6d7mKfHs7bOe_ddSG8WMFlbO2zTcTnpfpW-CarvbnFa3vFzxUgrCIOJVfF9Ezja57lpwgH1DAyIdyxV3lV3ZLteBCuAPEv74Cc9KusZbkJzpgpQOHOLpeBVrFcPB1RwdJCrkKHJOGGrVGNaOcThTDnOVTP4vmLK5wnTBv54vfcb0rsLZjmBx1TfsdjtIaEhtMAf1AUn56si_oXLUq4GRFW4AJjTgC-EJ8HL-e334a-fF6ye1RYgGNjJt3V36_6N7FB4vuzvEubBy0WK2cTQAqel2XjR0wf2aRBvQiFF5YY6Vv_DLPAqTx6lK7fvYPfxAJ8K4A2colJqAFd01fq1trlEBklUIqlng8zyB5rnGrewKH6gjta6XTzCjMv6ohr566S5jP2HkpCwJBX_L76WoejhmbMkOkg7oflBHJ2pBXOe_u_ThbxLX1u4LFV9vPMJu_dz0H_FgHGyitHfLQ8078u7pO9vAC7fMruuaX2nYfdOmflj6cJZW87EX6WZ7uTVcjFwcr3C8GAxkzu0t6ppm2_c8_ZhGhHYM54oWelTePiUCl9Z6yRvO39te4G58ehWSa0bUPtCtHV9b_dpKxPZ5kgKWEt8zupe1_e_HCoHuBY53FEZuJ7QH0WJI5D0IGz2vbMSq1dyaLe7dkstrs5uTQe30nJ40Fi2shYlaLD9Q6CFErdHZQFHXpi-6XGFZcX2Jl__-vFUngjrc6eqUEYMVdQqh0XvJJZOEjk47fZHNPPHpuGJi4kbRs5hKPYeVm1i7LO3e-qP1WUjjf9DX2h7cRjPEhb5_61C2hZOq2ORbt54Mwi14C4qwom8rW3YS_QaN4TnETE44H5o1E1XNbGnm2KZ5z1TpnKhtJL9NwL5_i8PeYskzjT5xQaCStbE_Bi8Ve-YtgYK6svp9-4SRfx7NjmG58wUTKi2jKFM9VhrGSSyBryrDKHdg9VublvyumBEFyHzh8EYRtH3BofaXQIAP08uE6relw7qYTscHREYqjX7uZ4i8zDZE7L-zvpngTCc2ZIC91pY71gGl6P5TwhAL_5mu8sij-4-o8-1k1DAesFeJhIxG_-pVbU_17T1oM0Kmsvx9Gpwtll0IKivbYiDmwpdix1S6wke7nz6-KQT9jUbAMkL59qGCtImzioAB_c09UnFVbiOIPBqXHF7p0NjND0dz_MA1BxVLplTy-im1PPM4gXf1uGZJ24PNga-oKX7SD4KnGO97M3ozLbJ3A_jCIkxrU40b8yfgsC1olfp0_n20rWbQKDt6M4emyhYhe1DbAGw0yx_dtofnJXMsdPMGdRXLARB5CFHDSjXX-cF4O1p8iCff-eoM2AuhmdF_Oo3T5WrLbnwDBdVmhxKphu-Kb8ynz_pgAte3WKNI-0HgAlWEZArltxFaitGlYAoWCpz0XXwl2c62xgHRoe_xoCTFIv0DavzUEtL4mDiSR26I0ruWLyItEwONAFbkMxhfS8ufyrrT9GUnGk71vA8yGvQhFTAKQqNwUKRl-mYbLt7H9knL5Q9jRlxW7NlkUKMIrtMTYbrLSEkw91hkmnD-42Kc6axIxKTf9HobNIBW91zqtUYSuhOk6Rwe-XY3tyLYsYG22hHf_lXKGUUcYLpsMvnn7JAv_md3Y0LoasVsC8lCI3jqI3KAlIKdbsCj7rRwFfIVGyt4AiEukRB53ABJ-gdK-g7sxTp030whMJ0kxqw97zHEl5mqHXNXufvcah0bWUrDgD5mHRATS-InSQ937dZIgCEZw1SLvKM_bbfzV3oIdPwn42Le7UgkteuwAfh1BirS9yUUsdnJwYyP0wXDwTMPQ_VDhkEqSV3YhOTZs3ZAe-k8sG7cgo6hT09L7KRbwkxkwPKAMQz675B68FFNn54E4vbv4IZacIegNuU10dt_MKmexlKGDYWRqAgdUvbxkLEsrgxlb2oHRRo-tfpVKnVsSADrlb5oIejGqMRwJzl3ew-LUblTCIsBjadwJCcBhnTqI35xTUwC2h0OIcaLv7-I23iJ2R-H6eEVMITxqalfx0rY-cqg3e0NNmgookXtXpl4516JHBv8csQqyxlHKewymunYtKSwmLI81Bg1ZF2NXQw8jueeGXvg530tfbyFdyuaid-nRj_PjsffN9RHoLNFLWQkmM_eCtk25rEcVu4H8CkoMaoj-IStXzaPQsuGZUncdo4BVNPGPDlIEwfNRTNc86QGSWJ0_5FyRm7ZnDev3FOfPpYJxN6gwrPvWcC0kdK7mzFfAwGycOIHaZOd0NiumvbPHQWJg1sU3JZuDOJrxy22NCjU-KNJirJ9mPLDsJ5BQxpmx4zDCGkyZgTmsXCFx8rf7CKdEMC0dyM4JjNeLQ16YJ__6J-o_oS3uV5bMAAfO-mPWv_65Q26zn5gUnFU9XJwOQN46Iu4Q9YIvPxN25kIaVZZvq6bMPp7m8hn8DhkfOIPQQYlAxwxEdWGGiMlMn_fY4yhL2maZfBxhEaE_Au7Mz3ubsOFTKHpFBzJRETdz7cnBxO3vLcTw_JZZdC-DlMr-FTx-PEQpNanlBs7ur7lqTVP4dkkBoGD_Ye-np_g1xEgZ4DP53FpOb57jusbOiIzMiew49kpByD0r4Xp7SWlLfvpHhHiE9CpPEYCT7ZCiPK5sZjL2OYOUiev0_ide4MY2IcOybapAFsFlcFwVlWwQo8tmkw&cid=CAASEuRoD-Vxj5Q2gK7HUSJhNn3mKw&rfl=3%2Chttps%253A%252F%252Fwww.bg3.co%242%2C%2Chttps%253A%252F%252Fadx.holmesmind.com%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f149.1e100.net
Software
sffe /
Resource Hash
4f55b782e0d266e744eaeabd954db9e0221284265c264097206f7bcef361c1e6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 21:34:01 GMT
x-content-type-options
nosniff
age
603919
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
56771
x-xss-protection
0
last-modified
Mon, 01 Aug 2022 05:01:30 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 21 Aug 2023 21:34:01 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220822/r20110914/ Frame 98C7 		30 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220822/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B80Bq9J9armd6KHu-hoq43-EkBDtt89_BzLGmPZNiRO8TJx4eq3T-WOYo4S3DVZ5zyNV9IxEL0FJqyAjuscsYK_mk0Bg&cry=1&dbm_d=AKAmf-AbgwV3lFAOyxz1BUig3EbhwJlKf7_RZkFoh9BhITEpF6o3IsucUlGprlo_DJMMUeu0PIofM8SNsTbqlbycjvuvguLfCyqzHQrlpjVQYmG0xXct2zB9usooIjvSB-23gsEaaKJpbTHBNvLC96_PQON7ZkZ_i6jn2G2oDrZLGZvPTi8IG70R8nAHeEPVR7s9f8-ESpAeaLCYtqhrtdMguQuAxtirlBnCripUHexZW-NI92w8yyRa5mi1GdEIgQD9EB6pB_S5qz3GxWvt0pLrRCPZJ33id4B3uIezfG1uTsMCxSCduOU2VkH-6G8lvZUhagDYyV2JEsCMJbPCKIXFObEt5CLC1HSs5KKis1s3HP1Ry3SCegRGXn3ouDcH4_gvp5bKDFlluKUciwEfV9wg7SUMMfUXHI2of8lghFJa3x2aJdXfCVYaYWSJSFLQHp2e7X2RqhhrAtpX2Jdz38LhTOMkfkgdC54KsdD5yHvXyMr6d7mKfHs7bOe_ddSG8WMFlbO2zTcTnpfpW-CarvbnFa3vFzxUgrCIOJVfF9Ezja57lpwgH1DAyIdyxV3lV3ZLteBCuAPEv74Cc9KusZbkJzpgpQOHOLpeBVrFcPB1RwdJCrkKHJOGGrVGNaOcThTDnOVTP4vmLK5wnTBv54vfcb0rsLZjmBx1TfsdjtIaEhtMAf1AUn56si_oXLUq4GRFW4AJjTgC-EJ8HL-e334a-fF6ye1RYgGNjJt3V36_6N7FB4vuzvEubBy0WK2cTQAqel2XjR0wf2aRBvQiFF5YY6Vv_DLPAqTx6lK7fvYPfxAJ8K4A2colJqAFd01fq1trlEBklUIqlng8zyB5rnGrewKH6gjta6XTzCjMv6ohr566S5jP2HkpCwJBX_L76WoejhmbMkOkg7oflBHJ2pBXOe_u_ThbxLX1u4LFV9vPMJu_dz0H_FgHGyitHfLQ8078u7pO9vAC7fMruuaX2nYfdOmflj6cJZW87EX6WZ7uTVcjFwcr3C8GAxkzu0t6ppm2_c8_ZhGhHYM54oWelTePiUCl9Z6yRvO39te4G58ehWSa0bUPtCtHV9b_dpKxPZ5kgKWEt8zupe1_e_HCoHuBY53FEZuJ7QH0WJI5D0IGz2vbMSq1dyaLe7dkstrs5uTQe30nJ40Fi2shYlaLD9Q6CFErdHZQFHXpi-6XGFZcX2Jl__-vFUngjrc6eqUEYMVdQqh0XvJJZOEjk47fZHNPPHpuGJi4kbRs5hKPYeVm1i7LO3e-qP1WUjjf9DX2h7cRjPEhb5_61C2hZOq2ORbt54Mwi14C4qwom8rW3YS_QaN4TnETE44H5o1E1XNbGnm2KZ5z1TpnKhtJL9NwL5_i8PeYskzjT5xQaCStbE_Bi8Ve-YtgYK6svp9-4SRfx7NjmG58wUTKi2jKFM9VhrGSSyBryrDKHdg9VublvyumBEFyHzh8EYRtH3BofaXQIAP08uE6relw7qYTscHREYqjX7uZ4i8zDZE7L-zvpngTCc2ZIC91pY71gGl6P5TwhAL_5mu8sij-4-o8-1k1DAesFeJhIxG_-pVbU_17T1oM0Kmsvx9Gpwtll0IKivbYiDmwpdix1S6wke7nz6-KQT9jUbAMkL59qGCtImzioAB_c09UnFVbiOIPBqXHF7p0NjND0dz_MA1BxVLplTy-im1PPM4gXf1uGZJ24PNga-oKX7SD4KnGO97M3ozLbJ3A_jCIkxrU40b8yfgsC1olfp0_n20rWbQKDt6M4emyhYhe1DbAGw0yx_dtofnJXMsdPMGdRXLARB5CFHDSjXX-cF4O1p8iCff-eoM2AuhmdF_Oo3T5WrLbnwDBdVmhxKphu-Kb8ynz_pgAte3WKNI-0HgAlWEZArltxFaitGlYAoWCpz0XXwl2c62xgHRoe_xoCTFIv0DavzUEtL4mDiSR26I0ruWLyItEwONAFbkMxhfS8ufyrrT9GUnGk71vA8yGvQhFTAKQqNwUKRl-mYbLt7H9knL5Q9jRlxW7NlkUKMIrtMTYbrLSEkw91hkmnD-42Kc6axIxKTf9HobNIBW91zqtUYSuhOk6Rwe-XY3tyLYsYG22hHf_lXKGUUcYLpsMvnn7JAv_md3Y0LoasVsC8lCI3jqI3KAlIKdbsCj7rRwFfIVGyt4AiEukRB53ABJ-gdK-g7sxTp030whMJ0kxqw97zHEl5mqHXNXufvcah0bWUrDgD5mHRATS-InSQ937dZIgCEZw1SLvKM_bbfzV3oIdPwn42Le7UgkteuwAfh1BirS9yUUsdnJwYyP0wXDwTMPQ_VDhkEqSV3YhOTZs3ZAe-k8sG7cgo6hT09L7KRbwkxkwPKAMQz675B68FFNn54E4vbv4IZacIegNuU10dt_MKmexlKGDYWRqAgdUvbxkLEsrgxlb2oHRRo-tfpVKnVsSADrlb5oIejGqMRwJzl3ew-LUblTCIsBjadwJCcBhnTqI35xTUwC2h0OIcaLv7-I23iJ2R-H6eEVMITxqalfx0rY-cqg3e0NNmgookXtXpl4516JHBv8csQqyxlHKewymunYtKSwmLI81Bg1ZF2NXQw8jueeGXvg530tfbyFdyuaid-nRj_PjsffN9RHoLNFLWQkmM_eCtk25rEcVu4H8CkoMaoj-IStXzaPQsuGZUncdo4BVNPGPDlIEwfNRTNc86QGSWJ0_5FyRm7ZnDev3FOfPpYJxN6gwrPvWcC0kdK7mzFfAwGycOIHaZOd0NiumvbPHQWJg1sU3JZuDOJrxy22NCjU-KNJirJ9mPLDsJ5BQxpmx4zDCGkyZgTmsXCFx8rf7CKdEMC0dyM4JjNeLQ16YJ__6J-o_oS3uV5bMAAfO-mPWv_65Q26zn5gUnFU9XJwOQN46Iu4Q9YIvPxN25kIaVZZvq6bMPp7m8hn8DhkfOIPQQYlAxwxEdWGGiMlMn_fY4yhL2maZfBxhEaE_Au7Mz3ubsOFTKHpFBzJRETdz7cnBxO3vLcTw_JZZdC-DlMr-FTx-PEQpNanlBs7ur7lqTVP4dkkBoGD_Ye-np_g1xEgZ4DP53FpOb57jusbOiIzMiew49kpByD0r4Xp7SWlLfvpHhHiE9CpPEYCT7ZCiPK5sZjL2OYOUiev0_ide4MY2IcOybapAFsFlcFwVlWwQo8tmkw&cid=CAASEuRoD-Vxj5Q2gK7HUSJhNn3mKw&rfl=3%2Chttps%253A%252F%252Fwww.bg3.co%242%2C%2Chttps%253A%252F%252Fadx.holmesmind.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
cafe /
Resource Hash
c0d0b5ecf5aa2cd5475929aefcb44d67c5d5cc8cbcdb3991e45f0944f0344619
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 20:37:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2485
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11819
x-xss-protection
0
server
cafe
etag
10563440404697844360
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 11 Sep 2022 20:37:55 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220822/r20110914/elements/html/ Frame 98C7 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220822/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B80Bq9J9armd6KHu-hoq43-EkBDtt89_BzLGmPZNiRO8TJx4eq3T-WOYo4S3DVZ5zyNV9IxEL0FJqyAjuscsYK_mk0Bg&cry=1&dbm_d=AKAmf-AbgwV3lFAOyxz1BUig3EbhwJlKf7_RZkFoh9BhITEpF6o3IsucUlGprlo_DJMMUeu0PIofM8SNsTbqlbycjvuvguLfCyqzHQrlpjVQYmG0xXct2zB9usooIjvSB-23gsEaaKJpbTHBNvLC96_PQON7ZkZ_i6jn2G2oDrZLGZvPTi8IG70R8nAHeEPVR7s9f8-ESpAeaLCYtqhrtdMguQuAxtirlBnCripUHexZW-NI92w8yyRa5mi1GdEIgQD9EB6pB_S5qz3GxWvt0pLrRCPZJ33id4B3uIezfG1uTsMCxSCduOU2VkH-6G8lvZUhagDYyV2JEsCMJbPCKIXFObEt5CLC1HSs5KKis1s3HP1Ry3SCegRGXn3ouDcH4_gvp5bKDFlluKUciwEfV9wg7SUMMfUXHI2of8lghFJa3x2aJdXfCVYaYWSJSFLQHp2e7X2RqhhrAtpX2Jdz38LhTOMkfkgdC54KsdD5yHvXyMr6d7mKfHs7bOe_ddSG8WMFlbO2zTcTnpfpW-CarvbnFa3vFzxUgrCIOJVfF9Ezja57lpwgH1DAyIdyxV3lV3ZLteBCuAPEv74Cc9KusZbkJzpgpQOHOLpeBVrFcPB1RwdJCrkKHJOGGrVGNaOcThTDnOVTP4vmLK5wnTBv54vfcb0rsLZjmBx1TfsdjtIaEhtMAf1AUn56si_oXLUq4GRFW4AJjTgC-EJ8HL-e334a-fF6ye1RYgGNjJt3V36_6N7FB4vuzvEubBy0WK2cTQAqel2XjR0wf2aRBvQiFF5YY6Vv_DLPAqTx6lK7fvYPfxAJ8K4A2colJqAFd01fq1trlEBklUIqlng8zyB5rnGrewKH6gjta6XTzCjMv6ohr566S5jP2HkpCwJBX_L76WoejhmbMkOkg7oflBHJ2pBXOe_u_ThbxLX1u4LFV9vPMJu_dz0H_FgHGyitHfLQ8078u7pO9vAC7fMruuaX2nYfdOmflj6cJZW87EX6WZ7uTVcjFwcr3C8GAxkzu0t6ppm2_c8_ZhGhHYM54oWelTePiUCl9Z6yRvO39te4G58ehWSa0bUPtCtHV9b_dpKxPZ5kgKWEt8zupe1_e_HCoHuBY53FEZuJ7QH0WJI5D0IGz2vbMSq1dyaLe7dkstrs5uTQe30nJ40Fi2shYlaLD9Q6CFErdHZQFHXpi-6XGFZcX2Jl__-vFUngjrc6eqUEYMVdQqh0XvJJZOEjk47fZHNPPHpuGJi4kbRs5hKPYeVm1i7LO3e-qP1WUjjf9DX2h7cRjPEhb5_61C2hZOq2ORbt54Mwi14C4qwom8rW3YS_QaN4TnETE44H5o1E1XNbGnm2KZ5z1TpnKhtJL9NwL5_i8PeYskzjT5xQaCStbE_Bi8Ve-YtgYK6svp9-4SRfx7NjmG58wUTKi2jKFM9VhrGSSyBryrDKHdg9VublvyumBEFyHzh8EYRtH3BofaXQIAP08uE6relw7qYTscHREYqjX7uZ4i8zDZE7L-zvpngTCc2ZIC91pY71gGl6P5TwhAL_5mu8sij-4-o8-1k1DAesFeJhIxG_-pVbU_17T1oM0Kmsvx9Gpwtll0IKivbYiDmwpdix1S6wke7nz6-KQT9jUbAMkL59qGCtImzioAB_c09UnFVbiOIPBqXHF7p0NjND0dz_MA1BxVLplTy-im1PPM4gXf1uGZJ24PNga-oKX7SD4KnGO97M3ozLbJ3A_jCIkxrU40b8yfgsC1olfp0_n20rWbQKDt6M4emyhYhe1DbAGw0yx_dtofnJXMsdPMGdRXLARB5CFHDSjXX-cF4O1p8iCff-eoM2AuhmdF_Oo3T5WrLbnwDBdVmhxKphu-Kb8ynz_pgAte3WKNI-0HgAlWEZArltxFaitGlYAoWCpz0XXwl2c62xgHRoe_xoCTFIv0DavzUEtL4mDiSR26I0ruWLyItEwONAFbkMxhfS8ufyrrT9GUnGk71vA8yGvQhFTAKQqNwUKRl-mYbLt7H9knL5Q9jRlxW7NlkUKMIrtMTYbrLSEkw91hkmnD-42Kc6axIxKTf9HobNIBW91zqtUYSuhOk6Rwe-XY3tyLYsYG22hHf_lXKGUUcYLpsMvnn7JAv_md3Y0LoasVsC8lCI3jqI3KAlIKdbsCj7rRwFfIVGyt4AiEukRB53ABJ-gdK-g7sxTp030whMJ0kxqw97zHEl5mqHXNXufvcah0bWUrDgD5mHRATS-InSQ937dZIgCEZw1SLvKM_bbfzV3oIdPwn42Le7UgkteuwAfh1BirS9yUUsdnJwYyP0wXDwTMPQ_VDhkEqSV3YhOTZs3ZAe-k8sG7cgo6hT09L7KRbwkxkwPKAMQz675B68FFNn54E4vbv4IZacIegNuU10dt_MKmexlKGDYWRqAgdUvbxkLEsrgxlb2oHRRo-tfpVKnVsSADrlb5oIejGqMRwJzl3ew-LUblTCIsBjadwJCcBhnTqI35xTUwC2h0OIcaLv7-I23iJ2R-H6eEVMITxqalfx0rY-cqg3e0NNmgookXtXpl4516JHBv8csQqyxlHKewymunYtKSwmLI81Bg1ZF2NXQw8jueeGXvg530tfbyFdyuaid-nRj_PjsffN9RHoLNFLWQkmM_eCtk25rEcVu4H8CkoMaoj-IStXzaPQsuGZUncdo4BVNPGPDlIEwfNRTNc86QGSWJ0_5FyRm7ZnDev3FOfPpYJxN6gwrPvWcC0kdK7mzFfAwGycOIHaZOd0NiumvbPHQWJg1sU3JZuDOJrxy22NCjU-KNJirJ9mPLDsJ5BQxpmx4zDCGkyZgTmsXCFx8rf7CKdEMC0dyM4JjNeLQ16YJ__6J-o_oS3uV5bMAAfO-mPWv_65Q26zn5gUnFU9XJwOQN46Iu4Q9YIvPxN25kIaVZZvq6bMPp7m8hn8DhkfOIPQQYlAxwxEdWGGiMlMn_fY4yhL2maZfBxhEaE_Au7Mz3ubsOFTKHpFBzJRETdz7cnBxO3vLcTw_JZZdC-DlMr-FTx-PEQpNanlBs7ur7lqTVP4dkkBoGD_Ye-np_g1xEgZ4DP53FpOb57jusbOiIzMiew49kpByD0r4Xp7SWlLfvpHhHiE9CpPEYCT7ZCiPK5sZjL2OYOUiev0_ide4MY2IcOybapAFsFlcFwVlWwQo8tmkw&cid=CAASEuRoD-Vxj5Q2gK7HUSJhNn3mKw&rfl=3%2Chttps%253A%252F%252Fwww.bg3.co%242%2C%2Chttps%253A%252F%252Fadx.holmesmind.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
cafe /
Resource Hash
c9499ea51a2956fd2c1600591ae117fe9ad81065d625b1b2c593c7720e5b228f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 20:01:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4666
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3181
x-xss-protection
0
server
cafe
etag
18418590997839133011
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 11 Sep 2022 20:01:34 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 98C7 		0
622 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuKHj1xA1T-HsoMeNMwObJHeNaXLLFMQd8FdwBSX9ny2s_6Aejbp7_2-XSr5AD1EU7MXnzBl3AoGG8LrnPylDhqeU5Fw3a02x4IwuGskJXp0BI8ymwYl5n75YirHfNpI90QeqkV08DkItaFuqPMYopxROgZ3mU5kdTia80C7rGNVBfkuoB1dEcOsjcjCyD4OZVtLQ0uNbsZvjVbTwfwhbckK20Gbb8KimPWuydIBzkFpfspIrwJspna3JKYONqQEji8IQOri-jOn6uculKwN6Xz10uOQ7tPAN1v4Oly1x6rqurzBn38Sk9g2sOjNbLkmcxDQCHjbnZ47K1uQMUhnZnsLkedTMVoz27TQ0Si5utzr1iL3-7ZtGxXe4KsIXeAnBSlgw-fJjWty1bDot8a5jB5rsPIfFkz0R6anP0pYiCwyS_c7byxpakANdhaYQe5MPTkaSdlFZTAUK0pWgN0xOh_deu9lpJC8bcs9GftMMqCmmj6YWtR7bwFZ-XpTA9M3BaxAnqj-_P8-xAt1YyuENh2dQmq6N2rUsiTahPkSqTh8vy8CDMk_NUV-IK9xgPxzhK7OUGdqqnUL9qgJZwJiM72H8chSrXUs5AskiO9DfnSPdXXoK4DBYhv0vMcybYnn4KzRW4AgeSpVQwKPr3RIGFO2u_sRHC5rLDthUk3AGvihNPmAYyOycsjO4a3lpog6eogphy64xXj93ZmwB4CacffivrTfnbia22Vl6076NCyFNktioEPcbIFjRi1OevvN2YgUkZyXeIoxLz6SDNlfhnyPhFYPTZrhe-39PRGkaGzrNHihSQtXpiBsDkmtghj4-tZgu0Q4nxD0U4e9iBvPbTWOKK5keMdLuM0xIaSF-kU3vbGoxx7bCIdb0MKzVfw9_as9ymjQucwEkNnj3iWBA6JBnu-Ddoz15VmslMycaVj3P1T1bnltPh9tCORMmyw3HxZzTsoygwzo6nGB9h4ZV3cuLZs7h9cVhQ7wC8F2RdSO40X45hCwnXU2rhjCwyWjm8zDPw0erOFDUFrLa6_C5-4M3ctxItP4Z4MbEvFhqpSegQgPMwkURB6q5CFCyGhp3iiUNkOWAf7T8BnyteJJ1nU6m1xCUleFJlK946XNHpLtm0IuXvoDULULBzGmh0vNe18C0fPjliPhB8gacmpKnDwFkviNLc4sgTbVRro-PcMSDBwJeCa4ZCvx0UjRQpoCvpQv5tmU3DoJA7HGubs6uT97ZBneyGTcRt3HSPxszAQ3iEitZWRi8p78cehhshXkKBr&sai=AMfl-YSYhT9ay0yOmS6G34JtxCT820hPhSOoatbg7wZWan1l4egA4u-YxWAyGrmjozFfhevbO6KgsB4x5UKRsr-_vizL_jffGOVfqMbBky-_K-9Sm61RQgLrrxg7m4vEwBPLiNArWsR9zebvyssKJkTiTGqgGTtHzg&sig=Cg0ArKJSzGYgGe2tclqzEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20220822.74484&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B80Bq9J9armd6KHu-hoq43-EkBDtt89_BzLGmPZNiRO8TJx4eq3T-WOYo4S3DVZ5zyNV9IxEL0FJqyAjuscsYK_mk0Bg&cry=1&dbm_d=AKAmf-AbgwV3lFAOyxz1BUig3EbhwJlKf7_RZkFoh9BhITEpF6o3IsucUlGprlo_DJMMUeu0PIofM8SNsTbqlbycjvuvguLfCyqzHQrlpjVQYmG0xXct2zB9usooIjvSB-23gsEaaKJpbTHBNvLC96_PQON7ZkZ_i6jn2G2oDrZLGZvPTi8IG70R8nAHeEPVR7s9f8-ESpAeaLCYtqhrtdMguQuAxtirlBnCripUHexZW-NI92w8yyRa5mi1GdEIgQD9EB6pB_S5qz3GxWvt0pLrRCPZJ33id4B3uIezfG1uTsMCxSCduOU2VkH-6G8lvZUhagDYyV2JEsCMJbPCKIXFObEt5CLC1HSs5KKis1s3HP1Ry3SCegRGXn3ouDcH4_gvp5bKDFlluKUciwEfV9wg7SUMMfUXHI2of8lghFJa3x2aJdXfCVYaYWSJSFLQHp2e7X2RqhhrAtpX2Jdz38LhTOMkfkgdC54KsdD5yHvXyMr6d7mKfHs7bOe_ddSG8WMFlbO2zTcTnpfpW-CarvbnFa3vFzxUgrCIOJVfF9Ezja57lpwgH1DAyIdyxV3lV3ZLteBCuAPEv74Cc9KusZbkJzpgpQOHOLpeBVrFcPB1RwdJCrkKHJOGGrVGNaOcThTDnOVTP4vmLK5wnTBv54vfcb0rsLZjmBx1TfsdjtIaEhtMAf1AUn56si_oXLUq4GRFW4AJjTgC-EJ8HL-e334a-fF6ye1RYgGNjJt3V36_6N7FB4vuzvEubBy0WK2cTQAqel2XjR0wf2aRBvQiFF5YY6Vv_DLPAqTx6lK7fvYPfxAJ8K4A2colJqAFd01fq1trlEBklUIqlng8zyB5rnGrewKH6gjta6XTzCjMv6ohr566S5jP2HkpCwJBX_L76WoejhmbMkOkg7oflBHJ2pBXOe_u_ThbxLX1u4LFV9vPMJu_dz0H_FgHGyitHfLQ8078u7pO9vAC7fMruuaX2nYfdOmflj6cJZW87EX6WZ7uTVcjFwcr3C8GAxkzu0t6ppm2_c8_ZhGhHYM54oWelTePiUCl9Z6yRvO39te4G58ehWSa0bUPtCtHV9b_dpKxPZ5kgKWEt8zupe1_e_HCoHuBY53FEZuJ7QH0WJI5D0IGz2vbMSq1dyaLe7dkstrs5uTQe30nJ40Fi2shYlaLD9Q6CFErdHZQFHXpi-6XGFZcX2Jl__-vFUngjrc6eqUEYMVdQqh0XvJJZOEjk47fZHNPPHpuGJi4kbRs5hKPYeVm1i7LO3e-qP1WUjjf9DX2h7cRjPEhb5_61C2hZOq2ORbt54Mwi14C4qwom8rW3YS_QaN4TnETE44H5o1E1XNbGnm2KZ5z1TpnKhtJL9NwL5_i8PeYskzjT5xQaCStbE_Bi8Ve-YtgYK6svp9-4SRfx7NjmG58wUTKi2jKFM9VhrGSSyBryrDKHdg9VublvyumBEFyHzh8EYRtH3BofaXQIAP08uE6relw7qYTscHREYqjX7uZ4i8zDZE7L-zvpngTCc2ZIC91pY71gGl6P5TwhAL_5mu8sij-4-o8-1k1DAesFeJhIxG_-pVbU_17T1oM0Kmsvx9Gpwtll0IKivbYiDmwpdix1S6wke7nz6-KQT9jUbAMkL59qGCtImzioAB_c09UnFVbiOIPBqXHF7p0NjND0dz_MA1BxVLplTy-im1PPM4gXf1uGZJ24PNga-oKX7SD4KnGO97M3ozLbJ3A_jCIkxrU40b8yfgsC1olfp0_n20rWbQKDt6M4emyhYhe1DbAGw0yx_dtofnJXMsdPMGdRXLARB5CFHDSjXX-cF4O1p8iCff-eoM2AuhmdF_Oo3T5WrLbnwDBdVmhxKphu-Kb8ynz_pgAte3WKNI-0HgAlWEZArltxFaitGlYAoWCpz0XXwl2c62xgHRoe_xoCTFIv0DavzUEtL4mDiSR26I0ruWLyItEwONAFbkMxhfS8ufyrrT9GUnGk71vA8yGvQhFTAKQqNwUKRl-mYbLt7H9knL5Q9jRlxW7NlkUKMIrtMTYbrLSEkw91hkmnD-42Kc6axIxKTf9HobNIBW91zqtUYSuhOk6Rwe-XY3tyLYsYG22hHf_lXKGUUcYLpsMvnn7JAv_md3Y0LoasVsC8lCI3jqI3KAlIKdbsCj7rRwFfIVGyt4AiEukRB53ABJ-gdK-g7sxTp030whMJ0kxqw97zHEl5mqHXNXufvcah0bWUrDgD5mHRATS-InSQ937dZIgCEZw1SLvKM_bbfzV3oIdPwn42Le7UgkteuwAfh1BirS9yUUsdnJwYyP0wXDwTMPQ_VDhkEqSV3YhOTZs3ZAe-k8sG7cgo6hT09L7KRbwkxkwPKAMQz675B68FFNn54E4vbv4IZacIegNuU10dt_MKmexlKGDYWRqAgdUvbxkLEsrgxlb2oHRRo-tfpVKnVsSADrlb5oIejGqMRwJzl3ew-LUblTCIsBjadwJCcBhnTqI35xTUwC2h0OIcaLv7-I23iJ2R-H6eEVMITxqalfx0rY-cqg3e0NNmgookXtXpl4516JHBv8csQqyxlHKewymunYtKSwmLI81Bg1ZF2NXQw8jueeGXvg530tfbyFdyuaid-nRj_PjsffN9RHoLNFLWQkmM_eCtk25rEcVu4H8CkoMaoj-IStXzaPQsuGZUncdo4BVNPGPDlIEwfNRTNc86QGSWJ0_5FyRm7ZnDev3FOfPpYJxN6gwrPvWcC0kdK7mzFfAwGycOIHaZOd0NiumvbPHQWJg1sU3JZuDOJrxy22NCjU-KNJirJ9mPLDsJ5BQxpmx4zDCGkyZgTmsXCFx8rf7CKdEMC0dyM4JjNeLQ16YJ__6J-o_oS3uV5bMAAfO-mPWv_65Q26zn5gUnFU9XJwOQN46Iu4Q9YIvPxN25kIaVZZvq6bMPp7m8hn8DhkfOIPQQYlAxwxEdWGGiMlMn_fY4yhL2maZfBxhEaE_Au7Mz3ubsOFTKHpFBzJRETdz7cnBxO3vLcTw_JZZdC-DlMr-FTx-PEQpNanlBs7ur7lqTVP4dkkBoGD_Ye-np_g1xEgZ4DP53FpOb57jusbOiIzMiew49kpByD0r4Xp7SWlLfvpHhHiE9CpPEYCT7ZCiPK5sZjL2OYOUiev0_ide4MY2IcOybapAFsFlcFwVlWwQo8tmkw&cid=CAASEuRoD-Vxj5Q2gK7HUSJhNn3mKw&rfl=3%2Chttps%253A%252F%252Fwww.bg3.co%242%2C%2Chttps%253A%252F%252Fadx.holmesmind.com%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Sun, 28 Aug 2022 21:19:20 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
dvtp_src.js
cdn.doubleverify.com/ Frame 98C7 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvtp_src.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B80Bq9J9armd6KHu-hoq43-EkBDtt89_BzLGmPZNiRO8TJx4eq3T-WOYo4S3DVZ5zyNV9IxEL0FJqyAjuscsYK_mk0Bg&cry=1&dbm_d=AKAmf-AbgwV3lFAOyxz1BUig3EbhwJlKf7_RZkFoh9BhITEpF6o3IsucUlGprlo_DJMMUeu0PIofM8SNsTbqlbycjvuvguLfCyqzHQrlpjVQYmG0xXct2zB9usooIjvSB-23gsEaaKJpbTHBNvLC96_PQON7ZkZ_i6jn2G2oDrZLGZvPTi8IG70R8nAHeEPVR7s9f8-ESpAeaLCYtqhrtdMguQuAxtirlBnCripUHexZW-NI92w8yyRa5mi1GdEIgQD9EB6pB_S5qz3GxWvt0pLrRCPZJ33id4B3uIezfG1uTsMCxSCduOU2VkH-6G8lvZUhagDYyV2JEsCMJbPCKIXFObEt5CLC1HSs5KKis1s3HP1Ry3SCegRGXn3ouDcH4_gvp5bKDFlluKUciwEfV9wg7SUMMfUXHI2of8lghFJa3x2aJdXfCVYaYWSJSFLQHp2e7X2RqhhrAtpX2Jdz38LhTOMkfkgdC54KsdD5yHvXyMr6d7mKfHs7bOe_ddSG8WMFlbO2zTcTnpfpW-CarvbnFa3vFzxUgrCIOJVfF9Ezja57lpwgH1DAyIdyxV3lV3ZLteBCuAPEv74Cc9KusZbkJzpgpQOHOLpeBVrFcPB1RwdJCrkKHJOGGrVGNaOcThTDnOVTP4vmLK5wnTBv54vfcb0rsLZjmBx1TfsdjtIaEhtMAf1AUn56si_oXLUq4GRFW4AJjTgC-EJ8HL-e334a-fF6ye1RYgGNjJt3V36_6N7FB4vuzvEubBy0WK2cTQAqel2XjR0wf2aRBvQiFF5YY6Vv_DLPAqTx6lK7fvYPfxAJ8K4A2colJqAFd01fq1trlEBklUIqlng8zyB5rnGrewKH6gjta6XTzCjMv6ohr566S5jP2HkpCwJBX_L76WoejhmbMkOkg7oflBHJ2pBXOe_u_ThbxLX1u4LFV9vPMJu_dz0H_FgHGyitHfLQ8078u7pO9vAC7fMruuaX2nYfdOmflj6cJZW87EX6WZ7uTVcjFwcr3C8GAxkzu0t6ppm2_c8_ZhGhHYM54oWelTePiUCl9Z6yRvO39te4G58ehWSa0bUPtCtHV9b_dpKxPZ5kgKWEt8zupe1_e_HCoHuBY53FEZuJ7QH0WJI5D0IGz2vbMSq1dyaLe7dkstrs5uTQe30nJ40Fi2shYlaLD9Q6CFErdHZQFHXpi-6XGFZcX2Jl__-vFUngjrc6eqUEYMVdQqh0XvJJZOEjk47fZHNPPHpuGJi4kbRs5hKPYeVm1i7LO3e-qP1WUjjf9DX2h7cRjPEhb5_61C2hZOq2ORbt54Mwi14C4qwom8rW3YS_QaN4TnETE44H5o1E1XNbGnm2KZ5z1TpnKhtJL9NwL5_i8PeYskzjT5xQaCStbE_Bi8Ve-YtgYK6svp9-4SRfx7NjmG58wUTKi2jKFM9VhrGSSyBryrDKHdg9VublvyumBEFyHzh8EYRtH3BofaXQIAP08uE6relw7qYTscHREYqjX7uZ4i8zDZE7L-zvpngTCc2ZIC91pY71gGl6P5TwhAL_5mu8sij-4-o8-1k1DAesFeJhIxG_-pVbU_17T1oM0Kmsvx9Gpwtll0IKivbYiDmwpdix1S6wke7nz6-KQT9jUbAMkL59qGCtImzioAB_c09UnFVbiOIPBqXHF7p0NjND0dz_MA1BxVLplTy-im1PPM4gXf1uGZJ24PNga-oKX7SD4KnGO97M3ozLbJ3A_jCIkxrU40b8yfgsC1olfp0_n20rWbQKDt6M4emyhYhe1DbAGw0yx_dtofnJXMsdPMGdRXLARB5CFHDSjXX-cF4O1p8iCff-eoM2AuhmdF_Oo3T5WrLbnwDBdVmhxKphu-Kb8ynz_pgAte3WKNI-0HgAlWEZArltxFaitGlYAoWCpz0XXwl2c62xgHRoe_xoCTFIv0DavzUEtL4mDiSR26I0ruWLyItEwONAFbkMxhfS8ufyrrT9GUnGk71vA8yGvQhFTAKQqNwUKRl-mYbLt7H9knL5Q9jRlxW7NlkUKMIrtMTYbrLSEkw91hkmnD-42Kc6axIxKTf9HobNIBW91zqtUYSuhOk6Rwe-XY3tyLYsYG22hHf_lXKGUUcYLpsMvnn7JAv_md3Y0LoasVsC8lCI3jqI3KAlIKdbsCj7rRwFfIVGyt4AiEukRB53ABJ-gdK-g7sxTp030whMJ0kxqw97zHEl5mqHXNXufvcah0bWUrDgD5mHRATS-InSQ937dZIgCEZw1SLvKM_bbfzV3oIdPwn42Le7UgkteuwAfh1BirS9yUUsdnJwYyP0wXDwTMPQ_VDhkEqSV3YhOTZs3ZAe-k8sG7cgo6hT09L7KRbwkxkwPKAMQz675B68FFNn54E4vbv4IZacIegNuU10dt_MKmexlKGDYWRqAgdUvbxkLEsrgxlb2oHRRo-tfpVKnVsSADrlb5oIejGqMRwJzl3ew-LUblTCIsBjadwJCcBhnTqI35xTUwC2h0OIcaLv7-I23iJ2R-H6eEVMITxqalfx0rY-cqg3e0NNmgookXtXpl4516JHBv8csQqyxlHKewymunYtKSwmLI81Bg1ZF2NXQw8jueeGXvg530tfbyFdyuaid-nRj_PjsffN9RHoLNFLWQkmM_eCtk25rEcVu4H8CkoMaoj-IStXzaPQsuGZUncdo4BVNPGPDlIEwfNRTNc86QGSWJ0_5FyRm7ZnDev3FOfPpYJxN6gwrPvWcC0kdK7mzFfAwGycOIHaZOd0NiumvbPHQWJg1sU3JZuDOJrxy22NCjU-KNJirJ9mPLDsJ5BQxpmx4zDCGkyZgTmsXCFx8rf7CKdEMC0dyM4JjNeLQ16YJ__6J-o_oS3uV5bMAAfO-mPWv_65Q26zn5gUnFU9XJwOQN46Iu4Q9YIvPxN25kIaVZZvq6bMPp7m8hn8DhkfOIPQQYlAxwxEdWGGiMlMn_fY4yhL2maZfBxhEaE_Au7Mz3ubsOFTKHpFBzJRETdz7cnBxO3vLcTw_JZZdC-DlMr-FTx-PEQpNanlBs7ur7lqTVP4dkkBoGD_Ye-np_g1xEgZ4DP53FpOb57jusbOiIzMiew49kpByD0r4Xp7SWlLfvpHhHiE9CpPEYCT7ZCiPK5sZjL2OYOUiev0_ide4MY2IcOybapAFsFlcFwVlWwQo8tmkw&cid=CAASEuRoD-Vxj5Q2gK7HUSJhNn3mKw&rfl=3%2Chttps%253A%252F%252Fwww.bg3.co%242%2C%2Chttps%253A%252F%252Fadx.holmesmind.com%252F%240
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.213.140.75 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-140-75.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 /
Resource Hash
86f990ecc6f910b3c0fad186ee3b59f1a62760a1d2602a23cc687dc25fe5c4bd

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 28 Aug 2022 21:19:20 GMT
Content-Encoding
gzip
Last-Modified
Thu, 25 Aug 2022 09:18:53 GMT
Server
Microsoft-IIS/10.0
ETag
"80fcb2b163b8d81:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3314
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 98C7 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B80Bq9J9armd6KHu-hoq43-EkBDtt89_BzLGmPZNiRO8TJx4eq3T-WOYo4S3DVZ5zyNV9IxEL0FJqyAjuscsYK_mk0Bg&cry=1&dbm_d=AKAmf-AbgwV3lFAOyxz1BUig3EbhwJlKf7_RZkFoh9BhITEpF6o3IsucUlGprlo_DJMMUeu0PIofM8SNsTbqlbycjvuvguLfCyqzHQrlpjVQYmG0xXct2zB9usooIjvSB-23gsEaaKJpbTHBNvLC96_PQON7ZkZ_i6jn2G2oDrZLGZvPTi8IG70R8nAHeEPVR7s9f8-ESpAeaLCYtqhrtdMguQuAxtirlBnCripUHexZW-NI92w8yyRa5mi1GdEIgQD9EB6pB_S5qz3GxWvt0pLrRCPZJ33id4B3uIezfG1uTsMCxSCduOU2VkH-6G8lvZUhagDYyV2JEsCMJbPCKIXFObEt5CLC1HSs5KKis1s3HP1Ry3SCegRGXn3ouDcH4_gvp5bKDFlluKUciwEfV9wg7SUMMfUXHI2of8lghFJa3x2aJdXfCVYaYWSJSFLQHp2e7X2RqhhrAtpX2Jdz38LhTOMkfkgdC54KsdD5yHvXyMr6d7mKfHs7bOe_ddSG8WMFlbO2zTcTnpfpW-CarvbnFa3vFzxUgrCIOJVfF9Ezja57lpwgH1DAyIdyxV3lV3ZLteBCuAPEv74Cc9KusZbkJzpgpQOHOLpeBVrFcPB1RwdJCrkKHJOGGrVGNaOcThTDnOVTP4vmLK5wnTBv54vfcb0rsLZjmBx1TfsdjtIaEhtMAf1AUn56si_oXLUq4GRFW4AJjTgC-EJ8HL-e334a-fF6ye1RYgGNjJt3V36_6N7FB4vuzvEubBy0WK2cTQAqel2XjR0wf2aRBvQiFF5YY6Vv_DLPAqTx6lK7fvYPfxAJ8K4A2colJqAFd01fq1trlEBklUIqlng8zyB5rnGrewKH6gjta6XTzCjMv6ohr566S5jP2HkpCwJBX_L76WoejhmbMkOkg7oflBHJ2pBXOe_u_ThbxLX1u4LFV9vPMJu_dz0H_FgHGyitHfLQ8078u7pO9vAC7fMruuaX2nYfdOmflj6cJZW87EX6WZ7uTVcjFwcr3C8GAxkzu0t6ppm2_c8_ZhGhHYM54oWelTePiUCl9Z6yRvO39te4G58ehWSa0bUPtCtHV9b_dpKxPZ5kgKWEt8zupe1_e_HCoHuBY53FEZuJ7QH0WJI5D0IGz2vbMSq1dyaLe7dkstrs5uTQe30nJ40Fi2shYlaLD9Q6CFErdHZQFHXpi-6XGFZcX2Jl__-vFUngjrc6eqUEYMVdQqh0XvJJZOEjk47fZHNPPHpuGJi4kbRs5hKPYeVm1i7LO3e-qP1WUjjf9DX2h7cRjPEhb5_61C2hZOq2ORbt54Mwi14C4qwom8rW3YS_QaN4TnETE44H5o1E1XNbGnm2KZ5z1TpnKhtJL9NwL5_i8PeYskzjT5xQaCStbE_Bi8Ve-YtgYK6svp9-4SRfx7NjmG58wUTKi2jKFM9VhrGSSyBryrDKHdg9VublvyumBEFyHzh8EYRtH3BofaXQIAP08uE6relw7qYTscHREYqjX7uZ4i8zDZE7L-zvpngTCc2ZIC91pY71gGl6P5TwhAL_5mu8sij-4-o8-1k1DAesFeJhIxG_-pVbU_17T1oM0Kmsvx9Gpwtll0IKivbYiDmwpdix1S6wke7nz6-KQT9jUbAMkL59qGCtImzioAB_c09UnFVbiOIPBqXHF7p0NjND0dz_MA1BxVLplTy-im1PPM4gXf1uGZJ24PNga-oKX7SD4KnGO97M3ozLbJ3A_jCIkxrU40b8yfgsC1olfp0_n20rWbQKDt6M4emyhYhe1DbAGw0yx_dtofnJXMsdPMGdRXLARB5CFHDSjXX-cF4O1p8iCff-eoM2AuhmdF_Oo3T5WrLbnwDBdVmhxKphu-Kb8ynz_pgAte3WKNI-0HgAlWEZArltxFaitGlYAoWCpz0XXwl2c62xgHRoe_xoCTFIv0DavzUEtL4mDiSR26I0ruWLyItEwONAFbkMxhfS8ufyrrT9GUnGk71vA8yGvQhFTAKQqNwUKRl-mYbLt7H9knL5Q9jRlxW7NlkUKMIrtMTYbrLSEkw91hkmnD-42Kc6axIxKTf9HobNIBW91zqtUYSuhOk6Rwe-XY3tyLYsYG22hHf_lXKGUUcYLpsMvnn7JAv_md3Y0LoasVsC8lCI3jqI3KAlIKdbsCj7rRwFfIVGyt4AiEukRB53ABJ-gdK-g7sxTp030whMJ0kxqw97zHEl5mqHXNXufvcah0bWUrDgD5mHRATS-InSQ937dZIgCEZw1SLvKM_bbfzV3oIdPwn42Le7UgkteuwAfh1BirS9yUUsdnJwYyP0wXDwTMPQ_VDhkEqSV3YhOTZs3ZAe-k8sG7cgo6hT09L7KRbwkxkwPKAMQz675B68FFNn54E4vbv4IZacIegNuU10dt_MKmexlKGDYWRqAgdUvbxkLEsrgxlb2oHRRo-tfpVKnVsSADrlb5oIejGqMRwJzl3ew-LUblTCIsBjadwJCcBhnTqI35xTUwC2h0OIcaLv7-I23iJ2R-H6eEVMITxqalfx0rY-cqg3e0NNmgookXtXpl4516JHBv8csQqyxlHKewymunYtKSwmLI81Bg1ZF2NXQw8jueeGXvg530tfbyFdyuaid-nRj_PjsffN9RHoLNFLWQkmM_eCtk25rEcVu4H8CkoMaoj-IStXzaPQsuGZUncdo4BVNPGPDlIEwfNRTNc86QGSWJ0_5FyRm7ZnDev3FOfPpYJxN6gwrPvWcC0kdK7mzFfAwGycOIHaZOd0NiumvbPHQWJg1sU3JZuDOJrxy22NCjU-KNJirJ9mPLDsJ5BQxpmx4zDCGkyZgTmsXCFx8rf7CKdEMC0dyM4JjNeLQ16YJ__6J-o_oS3uV5bMAAfO-mPWv_65Q26zn5gUnFU9XJwOQN46Iu4Q9YIvPxN25kIaVZZvq6bMPp7m8hn8DhkfOIPQQYlAxwxEdWGGiMlMn_fY4yhL2maZfBxhEaE_Au7Mz3ubsOFTKHpFBzJRETdz7cnBxO3vLcTw_JZZdC-DlMr-FTx-PEQpNanlBs7ur7lqTVP4dkkBoGD_Ye-np_g1xEgZ4DP53FpOb57jusbOiIzMiew49kpByD0r4Xp7SWlLfvpHhHiE9CpPEYCT7ZCiPK5sZjL2OYOUiev0_ide4MY2IcOybapAFsFlcFwVlWwQo8tmkw&cid=CAASEuRoD-Vxj5Q2gK7HUSJhNn3mKw&rfl=3%2Chttps%253A%252F%252Fwww.bg3.co%242%2C%2Chttps%253A%252F%252Fadx.holmesmind.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 20:09:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
263389
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 25 Aug 2023 20:09:31 GMT
generate_204
tpc.googlesyndication.com/ Frame 43C5 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?GOVOwg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lu-pei-pian-tai-ren-ai-bai-bai-zou-chun-xiang-fang-chang-jia.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 21:19:20 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
generate_204
tpc.googlesyndication.com/ Frame 485B 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?fg-GkQ
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lu-pei-pian-tai-ren-ai-bai-bai-zou-chun-xiang-fang-chang-jia.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 21:19:20 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 86E0 		1 KB
752 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661721559094&bpp=6&bdt=210&idt=292&shv=r20220822&mjsv=m202208180101&ptt=5&saldr=sa&correlator=3192124272842&frm=8&ife=1&pv=2&ga_vid=573015669.1661721559&ga_sid=1661721559&ga_hid=748760412&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31069004%2C31064018&oid=2&pvsid=1139310003802546&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.onhdry252n6&fsb=1&dtd=306
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
11844
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 28 Aug 2022 18:01:56 GMT
etag
48472445140208031
expires
Mon, 29 Aug 2022 18:01:56 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 42AF 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
70d89accbde6aa4a19cf84a6b4dc3ac8bf681919402ebc0fea8ca9f3950e744f

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 8D5D 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
206454
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 26 Aug 2022 11:58:26 GMT
expires
Sat, 26 Aug 2023 11:58:26 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 45D6 		1 KB
752 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661721559119&bpp=12&bdt=229&idt=365&shv=r20220822&mjsv=m202208180101&ptt=5&saldr=sa&correlator=3634509533723&frm=8&ife=1&pv=2&ga_vid=1648317943.1661721559&ga_sid=1661721559&ga_hid=1884503631&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C44760911%2C31069063&oid=2&pvsid=4299496234072682&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.w2twi0i8v5bv&fsb=1&dtd=379
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
11844
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 28 Aug 2022 18:01:56 GMT
etag
48472445140208031
expires
Mon, 29 Aug 2022 18:01:56 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 98C7 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f4e7a93b6983a24369a1f1f35d51810941e3019d20da3788cf7e671b1b410cc5

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 039E 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
206454
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 26 Aug 2022 11:58:26 GMT
expires
Sat, 26 Aug 2023 11:58:26 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 98C7 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodarir&v=30&d=1&s=1&f=0.01&bgai=B76002NsLY57JCpWYoQPEqKbACQAAAAA4AeAEAg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661721559119&bpp=12&bdt=229&idt=365&shv=r20220822&mjsv=m202208180101&ptt=5&saldr=sa&correlator=3634509533723&frm=8&ife=1&pv=2&ga_vid=1648317943.1661721559&ga_sid=1661721559&ga_hid=1884503631&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C44760911%2C31069063&oid=2&pvsid=4299496234072682&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.w2twi0i8v5bv&fsb=1&dtd=379
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Aug 2022 21:19:20 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 86E0
Redirect Chain
  • https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESELrtd6fpPSpoI0i2ZJpPMvg&google_cver=1&google_push=AehlK4DKFA0fLotQVVwocNEuJOHdc2vcgVVOmYATTK0tf2JvivjoIIw...
  • https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=1603c0833113204e&is_secure=true&networkId=14000&version=1&google_gid=CAESELrtd6fpPSpoI0i2ZJpPMvg&google_cver=1&google_push=AehlK4DKFA0f...
  • https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAALfryHZfyRaAMmprxtAAAAAAA&expiration=1661807962&google_cver=1&is_secure=true&google_gid=CAESELrtd6fpPSpoI0i2ZJpPM...
170 B
189 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAALfryHZfyRaAMmprxtAAAAAAA&expiration=1661807962&google_cver=1&is_secure=true&google_gid=CAESELrtd6fpPSpoI0i2ZJpPMvg&google_push=AehlK4DKFA0fLotQVVwocNEuJOHdc2vcgVVOmYATTK0tf2JvivjoIIwwszEDGoOAiu2KwVAXVjr9L6Kh2rpM5jhYuWwZb2iiCIuNWg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661721559094&bpp=6&bdt=210&idt=292&shv=r20220822&mjsv=m202208180101&ptt=5&saldr=sa&correlator=3192124272842&frm=8&ife=1&pv=2&ga_vid=573015669.1661721559&ga_sid=1661721559&ga_hid=748760412&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31069004%2C31064018&oid=2&pvsid=1139310003802546&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.onhdry252n6&fsb=1&dtd=306
Protocol
H3
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Aug 2022 21:19:22 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 28 Aug 2022 21:19:22 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAALfryHZfyRaAMmprxtAAAAAAA&expiration=1661807962&google_cver=1&is_secure=true&google_gid=CAESELrtd6fpPSpoI0i2ZJpPMvg&google_push=AehlK4DKFA0fLotQVVwocNEuJOHdc2vcgVVOmYATTK0tf2JvivjoIIwwszEDGoOAiu2KwVAXVjr9L6Kh2rpM5jhYuWwZb2iiCIuNWg
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
i.match
s.tribalfusion.com/z/ Frame 86E0
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEJqiImm9F3PpZudHcOTfxyg&google_cver=1&google_push=AehlK4BFuUoBUCwPp90SJYMPJXA9H3zEuwJHKdbhYw-BDaG74lTDNCimg6vJ4WbRSyDWNQqgIAx1kQwzfiXg81iaolj-6KP3w6G-&...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEJqiImm9F3PpZudHcOTfxyg&google_cver=1&google_push=AehlK4BFuUoBUCwPp90SJYMPJXA9H3zEuwJHKdbhYw-BDaG74lTDNCimg6vJ4WbRSyDWNQqgIAx1kQwzfiXg81iaolj-6KP3w6G...
43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEJqiImm9F3PpZudHcOTfxyg&google_cver=1&google_push=AehlK4BFuUoBUCwPp90SJYMPJXA9H3zEuwJHKdbhYw-BDaG74lTDNCimg6vJ4WbRSyDWNQqgIAx1kQwzfiXg81iaolj-6KP3w6G-&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAehlK4BFuUoBUCwPp90SJYMPJXA9H3zEuwJHKdbhYw-BDaG74lTDNCimg6vJ4WbRSyDWNQqgIAx1kQwzfiXg81iaolj-6KP3w6G-%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661721559094&bpp=6&bdt=210&idt=292&shv=r20220822&mjsv=m202208180101&ptt=5&saldr=sa&correlator=3192124272842&frm=8&ife=1&pv=2&ga_vid=573015669.1661721559&ga_sid=1661721559&ga_hid=748760412&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31069004%2C31064018&oid=2&pvsid=1139310003802546&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.onhdry252n6&fsb=1&dtd=306
Protocol
H2
Server
172.64.152.245 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Aug 2022 21:19:21 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
742015ae19675abc-MEL
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
content-type
image/gif; charset=utf-8
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 28 Aug 2022 21:19:21 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
546
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
742015ac7f985abc-MEL
p3p
CP="NOI DEVo TAIa OUR BUS"
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEJqiImm9F3PpZudHcOTfxyg&google_cver=1&google_push=AehlK4BFuUoBUCwPp90SJYMPJXA9H3zEuwJHKdbhYw-BDaG74lTDNCimg6vJ4WbRSyDWNQqgIAx1kQwzfiXg81iaolj-6KP3w6G-&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAehlK4BFuUoBUCwPp90SJYMPJXA9H3zEuwJHKdbhYw-BDaG74lTDNCimg6vJ4WbRSyDWNQqgIAx1kQwzfiXg81iaolj-6KP3w6G-%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
cache-control
no-cache, private
content-type
text/html
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 86E0
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEPTh3ix2N_HZ5Kn08oArDds&google_cver=1&google_push=AehlK4Dp6_3hAU6CUwyWBbCa-xFzSVeYt2EZl6OI3IZwdZrX6esUki2FjUW4bjvgr_lukURSUzBWLzii...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEPTh3ix2N_HZ5Kn08oArDds&google_cver=1&google_push=AehlK4Dp6_3hAU6CUwyWBbCa-xFzSVeYt2EZl6OI3IZwdZrX6esUki2FjUW4bjvgr_lukURSUzB...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODkwMDAyNjIyMDE2NDU2NjIwNw&google_push=AehlK4Dp6_3hAU6CUwyWBbCa-xFzSVeYt2EZl6OI3IZwdZrX6esUki2FjUW4bjvgr_lukURSUzBWLz...
170 B
189 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODkwMDAyNjIyMDE2NDU2NjIwNw&google_push=AehlK4Dp6_3hAU6CUwyWBbCa-xFzSVeYt2EZl6OI3IZwdZrX6esUki2FjUW4bjvgr_lukURSUzBWLziiOUmUpsna2o5-2oTPr2D3Wg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661721559094&bpp=6&bdt=210&idt=292&shv=r20220822&mjsv=m202208180101&ptt=5&saldr=sa&correlator=3192124272842&frm=8&ife=1&pv=2&ga_vid=573015669.1661721559&ga_sid=1661721559&ga_hid=748760412&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31069004%2C31064018&oid=2&pvsid=1139310003802546&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.onhdry252n6&fsb=1&dtd=306
Protocol
H3
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Aug 2022 21:19:21 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 28 Aug 2022 21:19:21 GMT
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODkwMDAyNjIyMDE2NDU2NjIwNw&google_push=AehlK4Dp6_3hAU6CUwyWBbCa-xFzSVeYt2EZl6OI3IZwdZrX6esUki2FjUW4bjvgr_lukURSUzBWLziiOUmUpsna2o5-2oTPr2D3Wg
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame 86E0
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEGkES_KrYMaPxv3at8uvlkU&google_cver=1&googl...
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEGkES_KrYMaPxv3at8uvlkU&google_push=Ae...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEGkES_KrYMaPxv3at8uvlkU&google_hm=Ywvb2fifO9Odw-d0VttCDwAAA14AAAAB&google_nid=index&google_push=AehlK4C15jlTvy2sZWl4sI-Z8vr9SmDkFRcAH...
170 B
189 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEGkES_KrYMaPxv3at8uvlkU&google_hm=Ywvb2fifO9Odw-d0VttCDwAAA14AAAAB&google_nid=index&google_push=AehlK4C15jlTvy2sZWl4sI-Z8vr9SmDkFRcAHMQv80sV6vpVETvGKUZowri_FsHrXquj3JXtAhN8cpCkj92upyXUbwdPUA5Xk75hYw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661721559094&bpp=6&bdt=210&idt=292&shv=r20220822&mjsv=m202208180101&ptt=5&saldr=sa&correlator=3192124272842&frm=8&ife=1&pv=2&ga_vid=573015669.1661721559&ga_sid=1661721559&ga_hid=748760412&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31069004%2C31064018&oid=2&pvsid=1139310003802546&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.onhdry252n6&fsb=1&dtd=306
Protocol
H3
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Aug 2022 21:19:21 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 28 Aug 2022 21:19:21 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ufmCF6MCIiBhIlzqSNaqu0axavKshj5IghtYMgllNAnWYM%2BR5qwxPkT1yILY%2BPQ%2Fdo3MA5c3oZliO1mAE2z%2Bx5zb49arWq91NKrOLdOaDzT4VRqatH0TkoSNhE1feh9It94%2FUD2N1MwkOw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEGkES_KrYMaPxv3at8uvlkU&google_hm=Ywvb2fifO9Odw-d0VttCDwAAA14AAAAB&google_nid=index&google_push=AehlK4C15jlTvy2sZWl4sI-Z8vr9SmDkFRcAHMQv80sV6vpVETvGKUZowri_FsHrXquj3JXtAhN8cpCkj92upyXUbwdPUA5Xk75hYw
cache-control
no-cache
cf-ray
742015ae9b4b3772-MEL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
pixel
cm.g.doubleclick.net/ Frame 86E0
Redirect Chain
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEKxvWiUqxXaCTkO8H3F-kTQ&google_cver=1&google_push=AehlK4DhWUvTH5UhTT-XNGbWrh3Ug98r6CpC5Tla0mPKhQ2OPr7iDNbmsZoci1tE7cpZboyTXnzmgnkHHZgK5r11...
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_hm=55d788a4&google_redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FadExInit%3Dg&google_push=AehlK4DhWUvTH5UhTT-XNGbWrh3Ug98r6CpC5Tla0mPKhQ2O...
170 B
189 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_hm=55d788a4&google_redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FadExInit%3Dg&google_push=AehlK4DhWUvTH5UhTT-XNGbWrh3Ug98r6CpC5Tla0mPKhQ2OPr7iDNbmsZoci1tE7cpZboyTXnzmgnkHHZgK5r11G15TRiXKFYOflg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661721559094&bpp=6&bdt=210&idt=292&shv=r20220822&mjsv=m202208180101&ptt=5&saldr=sa&correlator=3192124272842&frm=8&ife=1&pv=2&ga_vid=573015669.1661721559&ga_sid=1661721559&ga_hid=748760412&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31069004%2C31064018&oid=2&pvsid=1139310003802546&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.onhdry252n6&fsb=1&dtd=306
Protocol
H3
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Aug 2022 21:19:21 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 28 Aug 2022 21:19:21 GMT
via
1.1 35a6ccd005bb4de1deff66dab22059c4.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
SIN2-P2
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_hm=55d788a4&google_redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FadExInit%3Dg&google_push=AehlK4DhWUvTH5UhTT-XNGbWrh3Ug98r6CpC5Tla0mPKhQ2OPr7iDNbmsZoci1tE7cpZboyTXnzmgnkHHZgK5r11G15TRiXKFYOflg
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
8Rm91Ec4IhvG8iRawKNUhdg_zGTURZggs9EoF6-osMfnZg4jI2F-Ig==
ebda_cs
y.one.impact-ad.jp/ul_cb/ Frame 86E0 		11 B
218 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://y.one.impact-ad.jp/ul_cb/ebda_cs?google_gid=CAESEOnp3OtS36i2l2r0GunBSrA&google_cver=1&google_push=AehlK4DFP7ZmrkJl1BiM5_NjucHcbioU5OsOwcDcEHY87_FR4utxDyI4-InkeYLRbGBH627-9C6Y84v50nCeD0tkK8SyngPiXWGeWw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661721559094&bpp=6&bdt=210&idt=292&shv=r20220822&mjsv=m202208180101&ptt=5&saldr=sa&correlator=3192124272842&frm=8&ife=1&pv=2&ga_vid=573015669.1661721559&ga_sid=1661721559&ga_hid=748760412&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31069004%2C31064018&oid=2&pvsid=1139310003802546&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.onhdry252n6&fsb=1&dtd=306
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.213.109.249 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
249.109.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 28 Aug 2022 21:19:21 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
11
Content-Type
text/html; charset=UTF-8
/
b1sync.zemanta.com/usersync/googleadx/ Frame 86E0
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEI6CoX7hA8kv1mqCIjCHQA8&google_cver=1&google_push=AehlK4DVM2rYG-BzGgaK5CNo2-Eh-nuBRsc3PlNz8x8eCIY5HP0b4Cl8r7l67cdy1VWu5qwLf5pQAl6PSJvn4...
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEI6CoX7hA8kv1mqCIjCHQA8&google_push=AehlK4DVM2rYG-BzGgaK5CNo2-Eh-nuBRsc3PlNz8x8eCIY5HP0b4Cl8r7l67cdy1VWu5qwLf5pQAl6PSJvn4...
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AehlK4DVM2rYG-BzGgaK5CNo2-Eh-nuBRsc3PlNz8x8eCIY5HP0b4Cl8r7l67cdy1VWu5qwLf5pQAl6PSJvn4otKJaRlb-3xMNHWIBU&google_hm=eFBBb0lzQ2duVWhjT...
  • https://b1sync.zemanta.com/usersync/googleadx/?google_error=5
26 B
127 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b1sync.zemanta.com/usersync/googleadx/?google_error=5
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661721559094&bpp=6&bdt=210&idt=292&shv=r20220822&mjsv=m202208180101&ptt=5&saldr=sa&correlator=3192124272842&frm=8&ife=1&pv=2&ga_vid=573015669.1661721559&ga_sid=1661721559&ga_hid=748760412&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31069004%2C31064018&oid=2&pvsid=1139310003802546&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.onhdry252n6&fsb=1&dtd=306
Protocol
HTTP/1.1
Server
64.202.112.31 Lovettsville, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 28 Aug 2022 21:19:22 GMT
Content-Length
26
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Sun, 28 Aug 2022 21:19:22 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://b1sync.zemanta.com/usersync/googleadx/?google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
258
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 86E0 		0
59 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KIZl-vp0amOysPQJsVeo1z00n04tIVU5bZXtBKIMElM3COrmEkyS46KJ5g6kKTfd0oEoIvow
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661721559094&bpp=6&bdt=210&idt=292&shv=r20220822&mjsv=m202208180101&ptt=5&saldr=sa&correlator=3192124272842&frm=8&ife=1&pv=2&ga_vid=573015669.1661721559&ga_sid=1661721559&ga_hid=748760412&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31069004%2C31064018&oid=2&pvsid=1139310003802546&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.onhdry252n6&fsb=1&dtd=306
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 21:19:20 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
oORtDv9EbGDZJqtoCU6ZUa1h2CU5mRmZpTeRJMx0_5U.js
pagead2.googlesyndication.com/bg/ Frame 8D5D 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/oORtDv9EbGDZJqtoCU6ZUa1h2CU5mRmZpTeRJMx0_5U.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
sffe /
Resource Hash
a0e46d0eff446c60d926ab68094e9951ad61d82539991999a5379124cc74ff95
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 19:05:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
440059
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14118
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 08:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 23 Aug 2023 19:05:01 GMT
pixel
cm.g.doubleclick.net/ Frame 45D6
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEO2XN-dt9DABAXI9IBqlTqQ&google_cver=1&google_push=AehlK4DedeDG4jjuw_8aDYs5qAdIWqKxZkTQwuMqRF3PpsqdLXMhDnbQIA_UrdsfhF4YSd-HVWCIgJaEuLJkWHWH...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AehlK4DedeDG4jjuw_8aDYs5qAdIWqKxZkTQwuMqRF3PpsqdLXMhDnbQIA_UrdsfhF4YSd-HVWCIgJaEuLJkWHWHGq6HtARUx6kgZObUd2anBHidkwS8Sf...
170 B
189 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AehlK4DedeDG4jjuw_8aDYs5qAdIWqKxZkTQwuMqRF3PpsqdLXMhDnbQIA_UrdsfhF4YSd-HVWCIgJaEuLJkWHWHGq6HtARUx6kgZObUd2anBHidkwS8SfEOqgyXAqC6XDqddHcCROgh5A
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661721559119&bpp=12&bdt=229&idt=365&shv=r20220822&mjsv=m202208180101&ptt=5&saldr=sa&correlator=3634509533723&frm=8&ife=1&pv=2&ga_vid=1648317943.1661721559&ga_sid=1661721559&ga_hid=1884503631&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C44760911%2C31069063&oid=2&pvsid=4299496234072682&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.w2twi0i8v5bv&fsb=1&dtd=379
Protocol
H3
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Aug 2022 21:19:21 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Sun, 28 Aug 2022 21:19:21 GMT
Server
MT3 4505 5b23575 master hkg-pixel-x7 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AehlK4DedeDG4jjuw_8aDYs5qAdIWqKxZkTQwuMqRF3PpsqdLXMhDnbQIA_UrdsfhF4YSd-HVWCIgJaEuLJkWHWHGq6HtARUx6kgZObUd2anBHidkwS8SfEOqgyXAqC6XDqddHcCROgh5A
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 28 Aug 2022 21:19:20 GMT
result
sync-dsp.ad-m.asia/dsp/api/sync/ Frame 45D6
Redirect Chain
  • https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=google&pixel_match=y&google_gid=CAESEIyRRCqLNao2dFqiYIvYIxE&google_cver=1&google_push=AehlK4D_FJUJuMGLDCK_mf6h0eMMk5eiH20zAKsVij_t51aKcb4yQSsqqreskXry...
  • https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=google&pixel_match=y&google_gid=CAESEIyRRCqLNao2dFqiYIvYIxE&google_cver=1&google_push=AehlK4D_FJUJuMGLDCK_mf6h0eMMk5eiH20zAKsVij_t51aKcb4yQSsqqreskXry...
  • https://cm.g.doubleclick.net/pixel?google_nid=admatrix_dsp&google_push=AehlK4D_FJUJuMGLDCK_mf6h0eMMk5eiH20zAKsVij_t51aKcb4yQSsqqreskXryyHxDsn6q8kULz416DSfXt4XByeY5-au4NBOuVeWEx5F6qg2Ydy1x7ix2YFXhK4...
  • https://sync-dsp.ad-m.asia/dsp/api/sync/result?s=google&suid-set=1&google_error=5
43 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-dsp.ad-m.asia/dsp/api/sync/result?s=google&suid-set=1&google_error=5
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661721559119&bpp=12&bdt=229&idt=365&shv=r20220822&mjsv=m202208180101&ptt=5&saldr=sa&correlator=3634509533723&frm=8&ife=1&pv=2&ga_vid=1648317943.1661721559&ga_sid=1661721559&ga_hid=1884503631&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C44760911%2C31069063&oid=2&pvsid=4299496234072682&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.w2twi0i8v5bv&fsb=1&dtd=379
Protocol
HTTP/1.1
Server
202.131.200.84 , Japan, ASN17941 (BIT-ISLE Equinix Japan Enterprise K.K., JP),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 28 Aug 2022 21:19:23 GMT
Server
nginx
Content-Type
image/gif
Cache-Control
no-store,no-cache
Connection
close
Content-Length
43
expires
-1

Redirect headers

pragma
no-cache
date
Sun, 28 Aug 2022 21:19:22 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync-dsp.ad-m.asia/dsp/api/sync/result?s=google&suid-set=1&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
286
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 45D6
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEKYPpNhohYWrqPAzeMVWJIE&google_cver=1&google_push=AehlK4Axk8ro0gdY01kNkkgIEJQp0pU8pQTYebuY4VAtUt5ABdpOqlxrVk0QTHVOQe2E2ENm7uygFpPCKWKEJxE...
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=vYFjBwSSSQ101uaKom6VpmfR_hc&google_push=AehlK4Axk8ro0gdY01kNkkgIEJQp0pU8pQTYebuY4VAtUt5ABdpOqlxrVk0QTHVOQe2E2ENm7uygFpPCKWKEJx...
170 B
189 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=vYFjBwSSSQ101uaKom6VpmfR_hc&google_push=AehlK4Axk8ro0gdY01kNkkgIEJQp0pU8pQTYebuY4VAtUt5ABdpOqlxrVk0QTHVOQe2E2ENm7uygFpPCKWKEJxEd_pGTTGN1nlrDzQDfVGQ2I2bEPR11-2YvtqeyAW3P1fzzEowRTR2fEyY
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661721559119&bpp=12&bdt=229&idt=365&shv=r20220822&mjsv=m202208180101&ptt=5&saldr=sa&correlator=3634509533723&frm=8&ife=1&pv=2&ga_vid=1648317943.1661721559&ga_sid=1661721559&ga_hid=1884503631&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C44760911%2C31069063&oid=2&pvsid=4299496234072682&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.w2twi0i8v5bv&fsb=1&dtd=379
Protocol
H3
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Aug 2022 21:19:22 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=vYFjBwSSSQ101uaKom6VpmfR_hc&google_push=AehlK4Axk8ro0gdY01kNkkgIEJQp0pU8pQTYebuY4VAtUt5ABdpOqlxrVk0QTHVOQe2E2ENm7uygFpPCKWKEJxEd_pGTTGN1nlrDzQDfVGQ2I2bEPR11-2YvtqeyAW3P1fzzEowRTR2fEyY
Date
Sun, 28 Aug 2022 21:19:21 GMT
Connection
keep-alive
Content-Length
285
Content-Type
text/html; charset=utf-8
pixel
cm.g.doubleclick.net/ Frame 45D6
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEGkES_KrYMaPxv3at8uvlkU&google_cver=1&googl...
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEGkES_KrYMaPxv3at8uvlkU&google_push=Ae...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEGkES_KrYMaPxv3at8uvlkU&google_hm=Ywvb2fifO9Odw-d0VttCDwAAA14AAAAB&google_nid=index&google_push=AehlK4BNcn31imph8JeuDiHtcNyxgK7USxkb8...
170 B
189 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEGkES_KrYMaPxv3at8uvlkU&google_hm=Ywvb2fifO9Odw-d0VttCDwAAA14AAAAB&google_nid=index&google_push=AehlK4BNcn31imph8JeuDiHtcNyxgK7USxkb8iyv8SLWeJQcm7V93MavPP5oNG2YoY-2O8YoDQKLjX0DGWviYZUqh1fkJqIGjSWaEZarCyHOefjKrW3KLcrNZTuF-9mImiDtoGJeVLiSPas
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661721559119&bpp=12&bdt=229&idt=365&shv=r20220822&mjsv=m202208180101&ptt=5&saldr=sa&correlator=3634509533723&frm=8&ife=1&pv=2&ga_vid=1648317943.1661721559&ga_sid=1661721559&ga_hid=1884503631&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C44760911%2C31069063&oid=2&pvsid=4299496234072682&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.w2twi0i8v5bv&fsb=1&dtd=379
Protocol
H3
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Aug 2022 21:19:21 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 28 Aug 2022 21:19:21 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M%2Fn04yErKldZGxV1amJHuP6IoYEyiN1mdY3QsfQ4Pi2o%2F%2B096MNj2nBTxXTUL%2FEl%2Bn37nz%2BCEvt9F3ehUxG96c1lW92AGInLVKnIdPpJxnRLfS2XoPAG1wxSb8apqdA%2BKjbRVoX7XElDWw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEGkES_KrYMaPxv3at8uvlkU&google_hm=Ywvb2fifO9Odw-d0VttCDwAAA14AAAAB&google_nid=index&google_push=AehlK4BNcn31imph8JeuDiHtcNyxgK7USxkb8iyv8SLWeJQcm7V93MavPP5oNG2YoY-2O8YoDQKLjX0DGWviYZUqh1fkJqIGjSWaEZarCyHOefjKrW3KLcrNZTuF-9mImiDtoGJeVLiSPas
cache-control
no-cache
cf-ray
742015ae9b4d3772-MEL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
pixel
cm.g.doubleclick.net/ Frame 45D6
Redirect Chain
  • https://ads.yieldmo.com/exptsync?google_gid=CAESELmLXQ3SV-_wDxuMRrp_ToI&google_cver=1&google_push=AehlK4CTYr6UkUi0HfIzc6X1wSCCDrmNS69-Id9p621JjhismJHcjzTt7gBPqk6-roETLmWAzuTkj77p6a0j9ML-qc3o0RkHCjO...
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AehlK4CTYr6UkUi0HfIzc6X1wSCCDrmNS69-Id9p621JjhismJHcjzTt7gBPqk6-roETLmWAzuTkj77p6a0j9ML-qc3o0RkHCjO8FL7oXjIlgLNJ_O8-Cb-iWizLi1R4NPx...
170 B
189 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AehlK4CTYr6UkUi0HfIzc6X1wSCCDrmNS69-Id9p621JjhismJHcjzTt7gBPqk6-roETLmWAzuTkj77p6a0j9ML-qc3o0RkHCjO8FL7oXjIlgLNJ_O8-Cb-iWizLi1R4NPxapjsEZkAPEA&google_hm=ZzNjNWI5ZGVjNDY1NTI5OTI4Njg=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661721559119&bpp=12&bdt=229&idt=365&shv=r20220822&mjsv=m202208180101&ptt=5&saldr=sa&correlator=3634509533723&frm=8&ife=1&pv=2&ga_vid=1648317943.1661721559&ga_sid=1661721559&ga_hid=1884503631&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C44760911%2C31069063&oid=2&pvsid=4299496234072682&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.w2twi0i8v5bv&fsb=1&dtd=379
Protocol
H3
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Aug 2022 21:19:21 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 28 Aug 2022 21:19:21 GMT
location
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AehlK4CTYr6UkUi0HfIzc6X1wSCCDrmNS69-Id9p621JjhismJHcjzTt7gBPqk6-roETLmWAzuTkj77p6a0j9ML-qc3o0RkHCjO8FL7oXjIlgLNJ_O8-Cb-iWizLi1R4NPxapjsEZkAPEA&google_hm=ZzNjNWI5ZGVjNDY1NTI5OTI4Njg=
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
0
dot.gif
s0.2mdn.net/ Frame 45D6 		43 B
184 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dot.gif?google_gid=CAESEGiZaCpMVrPo3Hb-07dPuAI&google_cver=1&google_push=AehlK4BmEbK0sLAn5jUdPEHUOcC5md2kVpBwDSt0fPYENFsfUFdMH_8515sKu5ixw0tljVLV_vfO-YwurAWRVh6oRGTTyYcNFKbwxjuyHcDl3RFDvoi1Z1v_KpCNOHtJhPTNzhygdxnc4ANP
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661721559119&bpp=12&bdt=229&idt=365&shv=r20220822&mjsv=m202208180101&ptt=5&saldr=sa&correlator=3634509533723&frm=8&ife=1&pv=2&ga_vid=1648317943.1661721559&ga_sid=1661721559&ga_hid=1884503631&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C44760911%2C31069063&oid=2&pvsid=4299496234072682&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.w2twi0i8v5bv&fsb=1&dtd=379
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f149.1e100.net
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 21:19:20 GMT
x-content-type-options
nosniff
last-modified
Sun, 01 Feb 2009 08:00:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 29 Aug 2022 21:19:20 GMT
sspsync
cksync.yahoo.co.jp/ Frame 45D6 		35 B
620 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cksync.yahoo.co.jp/sspsync?ptr=12703&google_gid=CAESEOW2vOg_jlMzQ1XL8vXTNhE&google_cver=1&google_push=AehlK4CsamMEM-omVlEqI8liV6lNVK6CducYJTDPUQH0TX6VJVW9Br9FqIKGnARkQcqme6dKaNDXGeRoi-j0C-F5wPvtvkMEXDSfNrp7XvZkfjRKDRBJVkQnAikUGyX4DtJYYuUlS9fgiXVl
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661721559119&bpp=12&bdt=229&idt=365&shv=r20220822&mjsv=m202208180101&ptt=5&saldr=sa&correlator=3634509533723&frm=8&ife=1&pv=2&ga_vid=1648317943.1661721559&ga_sid=1661721559&ga_hid=1884503631&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C44760911%2C31069063&oid=2&pvsid=4299496234072682&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.w2twi0i8v5bv&fsb=1&dtd=379
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
183.79.249.252 , Japan, ASN24572 (YAHOO-JP-AS-AP Yahoo Japan, JP),
Reverse DNS
Software
ATS /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 21:19:21 GMT
x-content-type-options
nosniff
server
ATS
age
0
x-frame-options
SAMEORIGIN
content-type
image/gif
cache-control
private, no-store, no-cache
cross-origin-resource-policy
cross-origin
content-length
35
x-xss-protection
1; mode=block
attr
cm.g.doubleclick.net/pixel/ Frame 45D6 		0
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IrJxAeTNTChnLnSUQhHiIafPy9ToT40ObiDvHysgip4zwXY_-aU6c6A41Mf-njKIe6Qe7K0Yo
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661721559119&bpp=12&bdt=229&idt=365&shv=r20220822&mjsv=m202208180101&ptt=5&saldr=sa&correlator=3634509533723&frm=8&ife=1&pv=2&ga_vid=1648317943.1661721559&ga_sid=1661721559&ga_hid=1884503631&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C44760911%2C31069063&oid=2&pvsid=4299496234072682&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.w2twi0i8v5bv&fsb=1&dtd=379
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 21:19:20 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
oORtDv9EbGDZJqtoCU6ZUa1h2CU5mRmZpTeRJMx0_5U.js
pagead2.googlesyndication.com/bg/ Frame 039E 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/oORtDv9EbGDZJqtoCU6ZUa1h2CU5mRmZpTeRJMx0_5U.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
sffe /
Resource Hash
a0e46d0eff446c60d926ab68094e9951ad61d82539991999a5379124cc74ff95
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 19:05:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
440060
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14118
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 08:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 23 Aug 2023 19:05:01 GMT
dv-measurements2986.js
cdn.doubleverify.com/ Frame 3DF8 		552 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dv-measurements2986.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lu-pei-pian-tai-ren-ai-bai-bai-zou-chun-xiang-fang-chang-jia.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.213.140.75 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-140-75.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 /
Resource Hash
16ddaec8fa914389399e7cdb920faf6124aa4690ec3184b0aca04d5721dba960

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 28 Aug 2022 21:19:21 GMT
Content-Encoding
gzip
Last-Modified
Wed, 24 Aug 2022 12:01:59 GMT
Server
Microsoft-IIS/10.0
ETag
"80553250b1b7d81:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=946080900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
107715
dv-measurements2986.js
cdn.doubleverify.com/ Frame 95A1 		552 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dv-measurements2986.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lu-pei-pian-tai-ren-ai-bai-bai-zou-chun-xiang-fang-chang-jia.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.213.140.75 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-140-75.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 /
Resource Hash
16ddaec8fa914389399e7cdb920faf6124aa4690ec3184b0aca04d5721dba960

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 28 Aug 2022 21:19:21 GMT
Content-Encoding
gzip
Last-Modified
Wed, 24 Aug 2022 12:01:59 GMT
Server
Microsoft-IIS/10.0
ETag
"80553250b1b7d81:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=946080900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
107715
sodar
pagead2.googlesyndication.com/pagead/ Frame 5591 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022082202&jk=528864085794125&bg=!ZmWlZSHNAAYUOm8VNDo7ACkAdvg8WrlA3lhMF4BU11obIEe1BtFd3ylBzwgJNnEfyau7XpfeYhUxHgIAAAB5UgAAAAFoAQcKANH3dZCcZYirQ3K58r9l7OhYIVVuvDNFRjGhPa9SQTA8Kze1xHZ9RGLmNQxH8nKo8pF_lc12dSmwDG1RiY_bxeiTMMK7f8nxyO9aBYbG2gc_1IUwLuU6xbCAJ5-oYEL7j0_1mWU6DPROM_Osv2vItbmuQAqRnHBHSaUYXK_HE-PnpR-aNKRg9ThLgzTewLxT0iIdyoYjQhW-icdE5pJ9TzMjGxwwevRZsNxbiznPrqf7isFIi_R6hYnHQhuxlrqmnAQ_0UFHgVew-AW3YX2FW5aORJkCrwE-UhTChyno-Su3jIQq92aVmZkl7TANjdtwa4QZKnZn2vv6fXG6hAQuio6DNsoFkgD_gITVhkSks640KDRfRTrlXAunkWigSU9-Tr00aVhMLBQ8FtuHMEzrHuIv2AmNX5ODeHr4twj1ZIpk1LAtPpCV5rXlhHx6DYgw5SK78B6buYFmAehoskmcUWv2QIO7WzuVbfE385W6NogUWqrv4L0k370TqbQB-ckdj3D0qWSt0Ze8BOt8jej17TkGWkSq_qn6hONpGFvpzeV_9OSvazvJz3NoZGJqxU6ooNtktvMmRwbH7ac_WtnJ_sVdq7vx2X_esJjhNVIKEIa3skVrrwEB4ToIEnBEXBD2P_dl7XdmBolRNqezm2WIkX-uksD2PZeUc9eRX9siPgpdLy-F00ghZbpU595dUBk-caRZtutWKC00nzFCf9yzG43d7xPvDIkn8TFlT8YH42sQscUaJbfBjGQz4OcNj2WUzov0K9SUOV-luRce5UzrhZF19BUTKB8Xzs8DMl9lCZOTmGgVes1-g5z6x7_Ga_P6IMDnyGeshEpbEPvW20ySqyPUcK7hKCTM7icE5UbnPgJ6pkuMqykuf4mcd5ujWYtOY5n4jWIImMmn0jG5gdTcKyode96YyS5-NU_a18GZ7cQ60XUmgtaT0ees0nyIZfjNgkoQnSSHYxFd-IHHUV3mNLjUiPqJbCmfWYIvfCiJ1PECQPT7KOhcC-OvkGBXZDdBFYUxFy8h33RU8kzLcIJuqwMr4tVsRm32-ELShvpgyQ8hVxG_WXRmxqwdIsS7GQWb2PDDF4WdSkVsN3v32oU-qJqJJe40QPyWrfNQsNCon1IA353e-V8F9VZ6C4OFmDB_p_lO3kzWmN-yGsPEQFDz_au0g-9lDZ_ltq0L8pAfZGoShzr3-A
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lu-pei-pian-tai-ren-ai-bai-bai-zou-chun-xiang-fang-chang-jia.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame AD05 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022082202&jk=4101489512092726&bg=!-_il-LzNAAYUOm8VNDo7ACkAdvg8Wq85rYb6HoYC5G75G30pCC0UK07irA4RZrjPK_wBv--mi6XnYQIAAABwUgAAAAFoAQcKAAeGt_mhrU8omQK_lKmYVcIjKaBHi5EPaMvrhGQptmukF86iMsxSb33Jwf5lBCQh_6wN9DgKYrS6rgiN3EWAAp4iEQhu0ghybbXcyqzLH4SQK6mRd1iWJJ2EwzdG5GKilrdkodx_PDK8GIsdBAZqE9Dxkt-EsRQ-pi21Xfzxk2TSz8TrHPxH7ZeRPfAklWktHnwT4qegwlqAFkwA1Mxy2YAh_ITayP1M2hyagTnrNvhVNx3FwGi1htqOLHDJarBNRULu89okcI9xTuHH6bb0K4yDVO1PaNHqbqrV93lXZj193Sbl6wmvD2MbtOdXhmNcbCPJjilBm7ZXxe8L8FTauhvViv4KBuru7zo_8kZyoeSPWVdozp8L2ES8ik02_iygo_GoRKSJGntneKrxTn7LgaPmt5-kjoJqCSmerUsbJbUwKah4cfTTPT6LL9271FQQllI6-R_pFSv-EauY4fFkRgjkMb-wLB8jzV3a-cPT8Yv4rBQnRtF_1nyhm8qOfgX0g1YYxLMtGQ0PxqV8Bp-2B1UNRtUhFuXc8fr9Te985xZv2pJgb-1H8evb5Covv1xNG1U0OGlPVJKJPPzkPG7I4YTqcuLTQTfSsb2xQhE6IG-ytayRMtYkfFp14wo110g00HU9tdKY57Q7VcFMGPOwXTXKtXOv4VYEWu1wV7ybaT1rLD-dwMF9tA3qOjwmplg0r2FwNaXVMg4ISVfFiQO5CiCJHZvm-xB61PfqnvZ42LoMfrnu5NZxsodMC7r8RQILQE-7lXvtK1WM882N-CZ9W_vWIOwH1DP6xWEb3lAuiWmV4jnnCwulW9JvEltBJiTpnKSYxT3scPwdmIf7ioUHV5feFQL9phc0JMcqTnPhVSgQbYKQ3k3--5CO3bjLdm-8xZwDbMsnor_GhWU6GdryzoT06hPkCAke0MXpMHwHuII_-_J5HEPghvdnmQ
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lu-pei-pian-tai-ren-ai-bai-bai-zou-chun-xiang-fang-chang-jia.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8D5D 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BZKoS2NsLY7yTCYeaoQPP0Ia4CQAAAAA4AeAEAg&bg=!k5ClkNTNAAYUOm8VNDo7ACkAdvg8WkvqJ3l_Q73KP31vih6jVGnciAExFCY0a1oLb4xvfBywNRcqswIAAABuUgAAAAJoAQcKAGkLMdWPZ0_x_gTd-8KKsScp7gNt9FQ7ylVzF_wQJv6gtexNS_KXPZicoQGT5i1gN4JWimYB--pZX1bZFDuJKuExF-csaCQIR_qQyrcB9YlZCPk6jC4rqGbHvSj82GI1DZCspH77g-t17-eZAwLDWhxcgdv1I2Lj3jVqE9DzPx-NtPSqRHF8YVhBmmBkoxP2yF-1upKZKBRm2yjgKDxSrrabNwt_RdDESL7nUD3Y1HxQOuMmXTDs2uszlvd97ifkOJMl8_n-hSCtSCT2USmzTFzzQLqLkSill6qh72vtqeR9vp6wbly-YBlNwH1Mk3GjkYZisQjDFy9vgnG2-5AX6gxotRewou6AIOTYp6RgoCNFGmCqpqgIubUZEIG1Mxpgqd8HAWej2XBy7jc4-FAVBt8ng5jjyOHysDoJeapiF3RcMRKRicCLA-otLRs7qDxmOnkzO0CWjshpzEIMdcXbPY2nt6MFRtz1ejY73MG4uAmIW-RoazCJBgeTNFkL05odT_MIQSzImYYitNoh-BWSbeOHU8UZ38nyyKJ8hLkcrMG29sjF0SNPaTporWD64RAKa75TczeTndICgYuVV7gDSGawyVHlvk9PqMDkOEkhheeUxOdE4n42Vt-iRkDb6LjgIaHTQGSAZB8sMlH0po28QG_oduFAhh4cHWAF0rG9KcZqdHiT6xQYwJ0o3KebUbk_UziyC9ilqIKC8VYBeFeQ9MdACmpJ9-Ze4H7lCFH1MqT4HZUjngY66_mL3M_KR9qsRQfCtm7HXP_MmQES5qdQ6HbMAZEzp8lloQQHz48j9-fZiFt0fcKB4w6srLK6k8qeddzjwX_BhGoykZe8irqtGdsIPZdpI2aC1ifLcK4mYbCs33YmeY_kCvpGENlgiMFOrQUDIqveRIA4zga3H1BdVpWOQ1Pd08fcQ4J4EgzNoEnmnIw6Q4qomSoMgUcmzqW9NBBglzTTXpre_Fw6snfWAaA3pDNHY_iO2lFLDZxJvRcrMdQFKAGZgsY6UUcojOCQXHLc2ez9onabdx2j9K4t2rTPjca164Ve5BF1C2AyTXzwTMXwGMTeapM-_g3OeQMni2Trjbl_j4MU2bolhzRzEzLcCs7gjlzoL-TvGT1wHSrzjUe_vxczYc0d3snmWsgFAzJYAaa4ERibTdj0q9Pg6g
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661721559094&bpp=6&bdt=210&idt=292&shv=r20220822&mjsv=m202208180101&ptt=5&saldr=sa&correlator=3192124272842&frm=8&ife=1&pv=2&ga_vid=573015669.1661721559&ga_sid=1661721559&ga_hid=748760412&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31069004%2C31064018&oid=2&pvsid=1139310003802546&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.onhdry252n6&fsb=1&dtd=306
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Aug 2022 21:19:21 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 039E 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B76002NsLY57JCpWYoQPEqKbACQAAAAA4AeAEAg&bg=!YWKlYibNAAYUOm8VNDo7ACkAdvg8WrdzLMeMnDwBS_NC4DKNR66RWe8gCiCUtQTm31lqUnzvpvGcdgIAAABkUgAAAAJoAQcKADVfUcsdWvenvQQn4AhRDspWoSCncsCw0jEJDSPRJIJMGJ_7BgHxZ45Px_bgxkMDb-UbrJP91ZkC8OwbGvLwSSgGGDuv8ZR-8UaFj0E1V-d_QQltKNnj_RbgSxq9SzIJZ1LAXTFBuQRH1WNfo4Gn4lqSO1rXnb57evE3FH56li18IicGbgBM6IELPjEeDT-oF2_SwM1zjhiTvotbp9NCRYFuh9kRZCLfJuilC7iOUNTNnzC1RKT7ghD1e61vf-2XuRWoJyQzKj1T5fgjSjx3O48LdMl2hMaS-5ohUpd5RBLPD3Bhx2q2iqhsDkeadRQ7qlO7Om5h8IRyrja7MLnKbKtoTyki2HPp6oYcmpb1M5lmh3XvSbHnH8qpG3UfkYpbpkmwH8iDQW8NFfZiiji2weinvQBh8Kdckg1C80iHbRh88Jt40i6r3eEUeVSYEZCa8XWmfLfno4FbcEhX_jl8NJofyPDj_voMqeTj2u1NO-UerDM5RL8bAS1ynnx5HfyasLB2nC9jtqJg912vjOOIgN7ZVHkSravoZXghHh4hEoY0xVm2q9f12yT-HhzHTn5NRN8CWkS7PUaxZmv-SESAxDLpzxlcV8fYDar7O0UlkzTHDohvugLdZ82przBYTQx4XxOxVXgvGAdpn-CkS83GiPB9nvQ4Uh4WMvHGrX65GylfkU3L2uu3wkMnERhs36ArgxHz5flNUIDpIVEYmCB_Roszzl7UyHoteb-u74KNThp1msRNnQYQVNZ1bsWQvXrbQAhhuwIeEs_LJOaSscbfaxT9A-3j90wZZiBkcmP7DCPOxreX9Igd4S9o4ZYFbPYSpuojdttR6s2xegH7lXjEFGA7l4eioxWtuIOgZlqLMVEPlwM2pwjDBIvyX1Zqxv1J-LowXe8awJw7n3xdv_Sy79ZKVz-4bsePLkpcDW56zzFq6D0aANDy4wBpTIewS43GoQrfVjo6kAY0Jud-wRZpHhub-iY9L1RseslCrSxWldxYxV0YnMYiN7wgygFTnC_vqhZlRYK0vtNE3C_52wFX0Is3tYQOoCBC-oeMYLUObBOmgA_m_P5x-QUS
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661721559119&bpp=12&bdt=229&idt=365&shv=r20220822&mjsv=m202208180101&ptt=5&saldr=sa&correlator=3634509533723&frm=8&ife=1&pv=2&ga_vid=1648317943.1661721559&ga_sid=1661721559&ga_hid=1884503631&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C44760911%2C31069063&oid=2&pvsid=4299496234072682&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.w2twi0i8v5bv&fsb=1&dtd=379
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Aug 2022 21:19:21 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		202 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
830bd3a65c5fa4dc529188918c4a616169f852392de329eb2f2ad97d8260e15b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 21:19:21 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
73244
x-xss-protection
0
expires
Sun, 28 Aug 2022 21:19:21 GMT
log
aplogger.adpushup.com/ 		0
53 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://aplogger.adpushup.com/log?event=linkPreview_failed_JSONRequest&data=eyJzaXRlSWQiOjQyNzUzLCJ1cmwiOiIvYS9sdS1wZWktcGlhbi10YWktcmVuLWFpLWJhaS1iYWktem91LWNodW4teGlhbmctZmFuZy1jaGFuZy1qaWEuaHRtbCIsInRpbWUiOjE2NjE3MjE1NjEzMjB9
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.211.156.162 Mumbai, India, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 21:19:21 GMT
server
nginx/1.14.0 (Ubuntu)
view
googleads4.g.doubleclick.net/pcs/ Frame 42AF 		0
63 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsusdSYOPo0eOEAIPM1blHdfrOQJ-z7lsajjA4rs0xmQjLM9g3r1lWD_gDk-_FJVu-g9nMp1zLXKaa32TPzguYyYZn38a7H5REaA4b_GZCOLa6IaHkX27ZOIWtZhfwXt71usySgQQEnidbIb7Byx5v_fSYfTyM9V7eYae07JC5eBoi05bp2s78CUFXUXmyT8jMT3NO_w9ub3dDGRu1fMRpKdZ6O4z27hsDEEs3ZzwGPMwkjfhug0cGTTMtuUd5J9VZyERSscsLrK5dWINf5q7pOYEHb3KY7Pff-JShShSegxIkOO1tbP77XL4JQLsJiTxlMf22oE9pZu-AO1-B8ZWHjVMTvxdfpq6ssHMqM9vvb06dTMbLi5LSACGq0hnW8d2PP0KCosh2yRKAWoE_6_pNb4fP3VliVLXMwDGSyTWlMKBeRoyJhpQivyFoo7dr6ha3uKhWp4Z0RttwNGwB776yijoJ4bBTBkIi3lsNH5Vj8SDTZ5f9t6H1wSgcZxA8gp7Xf00nYJ4WamvQxMsrLrQxPTAamwMBqlvP0TfH8ZYbVwroh77mcB78Rtn_RHL0pmdPE2ohQrH8njreQ4bli3fkId68GRwIGLuv9SnIj6zlLl7icpVoiHaHxbY63TIK6bAIPcJmhW2CjqFvgVueg5YdEDnU9adsB4Xy7AXiKRmeLmByJB6TF1aGh_xdj8huF5OkWu4koOsazddX-grRDg_piHF-2JNceYXbcdPUnRwTuZT04d10mMLrYPd0ZsRWJfriCM1Kxt3hBABAZNiB2DBQqm6jTKMVrWRntxvcNump97KRFlBwRq6V3VCfo37uo947TzbCpO5VIYSHp0LRShA5V_km7XugfZzpjOxGLQguqyN7qHvujivg-KlampYQEDJyUdkQA47hUoieMdx9gmOKVoJSxY4S5Tx9lHaW_tSWyQtfZJHpj_VYadTWtT3QheAMyCvbcwxdrZEdJBzaB04UVcn0E7UiH-jTWL1AwMBBDqbrEhBIrPHoPikN_q9qmuRVxWOkiWEoeNirZXNVTitdS13HBv607HLv6KYeseDiBcEGFsUpEnQz0Idz9VdtyezXv6x5XzcDZNEtdJHUS9XaFUZ1YnawebrOmUqDb66007RgPh-WgWDtmSm154kIutneTZX4PFf_hcZEkIalAwkHecgOP0uiOGcrDrjgcq6veNCqN9G6-VUM2BPDKoUZqwSE9M0kyE67tbpyU3d0kcR-aHRGSdYbqCPPZsaNUS9K7gESPn6fdFR0a3aEdxDXwhGDRxCQ&sai=AMfl-YTE-ivk4bmARShgOvUGMyU4rdg3NDWTRViuph2uGCxN9yVk6LssKU9g1ESBCoRa2krex_bqE6QeN2UG4ZzzCQJNLJ7TzHkyyN9qZYBX3dZ6CKUzvcPh5Yygj2b6I4rnCvCj_8EnmpEfTPIFMxsLmRg8Uh_HFA&sig=Cg0ArKJSzCqDdEoa9_ktEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=887&vt=11&dtpt=886&dett=2&cstd=0&cisv=r20220822.80324&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D0nSlvYfY7qk9JL_uENrFX8sgVAx__vvK-HoH4hAOQMBmPNq7N61OTfb92QVMiTHejyvcSUm8rbP1Prmz9DpOQvYPRaw&cry=1&dbm_d=AKAmf-BrmKPBgdBzFOUxFqrB9wsIxC7do0MiIGtv5DeNw4rhyY02z26-LJgQSId3ID3NVyigFUkf7CACZd9uNQrPo1LPbQhUwy_cEn6GKO_Z5czvsuDIbO_VGON-ss5KkKPnoo9TI4-BMnu3hTWNqHP67h9bDmfKLUoABrr4M052HPTXldto7spdz3v7r9yiTCyD9gTdpO8VQGzrMUcAoZ2uhB6K_APZ8TA3ddsfQOoZnZAKWJj91n8YNG2-PlSnIXtLWDPWCxWO14jvejOtZPJ_-UiJl1yzVJ6hX62RCVN1TWT36EeNul58rHmOF74VDF1oYDCcvPkzCHt9AFawE2WeCSqDPJ4ebwylYjJ_HI9VKNMp-spW6VMi6v0Y9HFeRacDDsPW8PCp6S2JRcqJd8S8g95LGo-L6ZauEdxRONwczwn9sxllVmzDWAOL9WKI6POEKSjlew3v91Lam3TPbs-JFSEEuBprDkrErIwV0uhY8t7K2Zu8SpljTeLeK-G2uOLIIfMPS1NaPdua6rhHtSVQ7xixSBpxrugtOOiNB5GZSiQeBVyjFQMjvFdcNOVI9Hsc43P0jyHLhREwL_Ln9OGZryJfpvYdxMatHJViCVxY2G-xhBg1v4wBQp4jW5bs4n1RnAwa4O_kN5lEolnQAPHDGNwCSQbBsmOWhhlHD2H1pcXX7Myo6GyolISWMBHMHIM5sOTb_64esG7AFMDjm3nlHgekEo1nfz-7nYbi4f0CPNB3nFCMYNDwyMa9OGJxPz2poPfFVqdhZKxzPXPhKmk7VAeeB9g4i_JFs9O2gctN6hI31gV48rVZ_EIUrgaV7AKy3NPIb8_fKIO11hIauB2mHeylzDEIeRWOEM7yVFjZgzy80xSYhcE5P47Wmfwdq-P9C4_uSPm_EDemFo956m0T9bZ_1lMK5OGFGmfFkBDC_sebxKRde7n5WdJ5RVIxCGXGhJzUsywssdUHijgeYb5WntnPAV0irUWiSt-1ZYs-uES1axo9P417mJSZJyAKVB3avPt50AomyAR9bpD3U_K_03DHfU4HMcOoJ12OqhJ3b018F27AoZmQSsY2LHHkKEAlELmzjIPTKtpVjjcV3aGNsQoKiMNUJd9Ggz4ExDHVwxXyhtXV2QlSh8NpAp8sApzK5TLz7_aVk7fxaUXmO-y8S7ixUHAOALX8KbkkNC8_jcLbnOTj_o_dV1hcmn_6EgQAXZB9gi-ymihkfMszoyVKcw7ZWPb7F4Ee03-tN2z14A1K2OaVE6B0_jAcat8sQ_PVs5SQXVNnd7uAjp2AfmqvmhUwSP3vLbd_TTeIr_20Q0R2mSAoHGo4wNvh1DIxIdtyY01b51WCjRm-a602MHg8DQTyAEHiE5GNhog8a7K4eP3QyoxL2oN7lj2mQlpvRVy-fE4m7X30X_1WYWsO38cSf86p_BK9Al1-eiR9eksvrKlaTYRt-ozIuXYSVdy8r78ZWpWx89us1blLTaaWzXrKgwqEuZqO1PRI-Yes_tnc9V2m_YSKWIrG9OzJMVaT2zPQVX0TAftGCDETe4wYV6QMqSDXovACJ9hHtn-iynE0aBn7_j0j7RYj_EwxlB9KxJHPnmHj_FBcYd7U0ZOPE1itJGQU-amJ4UUmmpngAtSLZkd59l1zEiNhIhDjj4LNiqnEBwPHK9c1Om_knR4Vy5Yhve4UtPmpWUW1JmFeX07jv-IUgXFC4dCcIB5AwtcmjlXlIkgz0j1qzvu1UyeKAPJYJdvSYWlQA-CzCiNycc48rlYflL2cf2rdMua2Cv9z6SiC3upOf8dZ4o6MzcsAKskr6a-fsP0lD23JiAl_csqOQq9fYOyXTSnlXmKiSuzZR_9gRZ6V9DGJ68LoejRNzI6EAa2qugD255xxHr8pPfSfl6Twx0aTxRYxuSvXgvWogBYWYTT4nqYR87YsG6lu--7elaOvz2biwtnj4ioTfkeMgdI1J2oSh6eCKiHxjPpxPCNON-avBJoZ532LpuVn24Af-J3B9tb8s-0BQY5YK9DCblongNimqcxVKK5ucfds90gk5wvZ1Uanys2oMsGL5g0wna--zl9lTLiMutKY6gKzzVt2rd1OymLjjyKE_Wf6zkUNbqaN1eSxOMk78tVFDrvRf5yuVs7wlaI89NEWjSZRsgRCrZoIisKU02b3PgBTzhTvR0xv2iPMxPxheDsDiOjyqjACnyLYZ5hFBl599AdAYJVB1QTG_fEjzVYIhrgsboaTlO9Ucp1wrFhryHtR67MzdqBrLgNJEh2Xli429Eyqq6cnh_vkF7IaUmRp-5ZPJw8a6cpPrScc9LQGNj7nRZ72nWRrOlfUSroxkz1dOhqliYBoQ4SdbbuH7dEk1bIGshmcjq-g10UjJ6pcTk_YmgXe-aOSmlYAfyns36KN9Mx_5UV7AhjkU48Kfd060t940wpqVgqSF5c3vUxiQog8wYOdWb3x8ZTtkK3ea-OpUCGGeKCElmrqx4_HY5dDYRQ4p08ydcfh43fa2Pjd93i4IZSn9DlQ8HzO6QrpYZzF9YVYIIEQPc42BoJh9lyYGa2LGxO7pIvDhOkXbIE2Fswe0zGYCeO4B1ZTIrKWMuEDM3rpJTbSe-dWBzjMmWUVuIXFTxClDxsHha1RL17xCCEVbPJiJfVR8j41XbxZ7Hb8Skf0V_FV5aGbhrjNKwDIjeKIiZbi5EZq5wK0QZxdmQ2JXYI-MAeUKnykqWzj_EyAdckZMNtVCG01MKFANRnx6tp1U3SDm8qsAPGynbRJVAcKtZW_D4PLoMUJnXRAK7_ywU6EiTIzgM44xJe6asOyFYXcZIWPvlt5rrJfipQElPCNvdfvQ9tk3YJm9xhA9PannzhN_BdePaOLaYttPIOWkMwXxZZbH5rUjUCnllFQyGaJJs4CFzXtXVLz800oUloBbkqkSRsIVufdQ9IFJpH_GWDAEwisLB0hPWE1G7-tkdLMAdyL5088gfuTDHx8wipMLTgxtiahddwTL-0Ols7y02q82_qGfBam6qJg-1beSlszU9HHixdHjoieL0Kq7cRQ396QmwSTL5NOwhXpkV_jYqDE_vGjnAYj7ui6NtEnxgkDtErH45cw4RlNiMpwDg-U2c8AoxaMdnMzZpRvn1a1ZeA5RsGNHXgC1bL7-NmGDPTXU0NvKF2FIk9e2g&cid=CAASEuRoI5BYTYP_3-VE9M_gWe5GGA&rfl=3%2Chttps%253A%252F%252Fwww.bg3.co%242%2C%2Chttps%253A%252F%252Fadx.holmesmind.com%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 28 Aug 2022 21:19:21 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
view
googleads4.g.doubleclick.net/pcs/ Frame 98C7 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuKHj1xA1T-HsoMeNMwObJHeNaXLLFMQd8FdwBSX9ny2s_6Aejbp7_2-XSr5AD1EU7MXnzBl3AoGG8LrnPylDhqeU5Fw3a02x4IwuGskJXp0BI8ymwYl5n75YirHfNpI90QeqkV08DkItaFuqPMYopxROgZ3mU5kdTia80C7rGNVBfkuoB1dEcOsjcjCyD4OZVtLQ0uNbsZvjVbTwfwhbckK20Gbb8KimPWuydIBzkFpfspIrwJspna3JKYONqQEji8IQOri-jOn6uculKwN6Xz10uOQ7tPAN1v4Oly1x6rqurzBn38Sk9g2sOjNbLkmcxDQCHjbnZ47K1uQMUhnZnsLkedTMVoz27TQ0Si5utzr1iL3-7ZtGxXe4KsIXeAnBSlgw-fJjWty1bDot8a5jB5rsPIfFkz0R6anP0pYiCwyS_c7byxpakANdhaYQe5MPTkaSdlFZTAUK0pWgN0xOh_deu9lpJC8bcs9GftMMqCmmj6YWtR7bwFZ-XpTA9M3BaxAnqj-_P8-xAt1YyuENh2dQmq6N2rUsiTahPkSqTh8vy8CDMk_NUV-IK9xgPxzhK7OUGdqqnUL9qgJZwJiM72H8chSrXUs5AskiO9DfnSPdXXoK4DBYhv0vMcybYnn4KzRW4AgeSpVQwKPr3RIGFO2u_sRHC5rLDthUk3AGvihNPmAYyOycsjO4a3lpog6eogphy64xXj93ZmwB4CacffivrTfnbia22Vl6076NCyFNktioEPcbIFjRi1OevvN2YgUkZyXeIoxLz6SDNlfhnyPhFYPTZrhe-39PRGkaGzrNHihSQtXpiBsDkmtghj4-tZgu0Q4nxD0U4e9iBvPbTWOKK5keMdLuM0xIaSF-kU3vbGoxx7bCIdb0MKzVfw9_as9ymjQucwEkNnj3iWBA6JBnu-Ddoz15VmslMycaVj3P1T1bnltPh9tCORMmyw3HxZzTsoygwzo6nGB9h4ZV3cuLZs7h9cVhQ7wC8F2RdSO40X45hCwnXU2rhjCwyWjm8zDPw0erOFDUFrLa6_C5-4M3ctxItP4Z4MbEvFhqpSegQgPMwkURB6q5CFCyGhp3iiUNkOWAf7T8BnyteJJ1nU6m1xCUleFJlK946XNHpLtm0IuXvoDULULBzGmh0vNe18C0fPjliPhB8gacmpKnDwFkviNLc4sgTbVRro-PcMSDBwJeCa4ZCvx0UjRQpoCvpQv5tmU3DoJA7HGubs6uT97ZBneyGTcRt3HSPxszAQ3iEitZWRi8p78cehhshXkKBr&sai=AMfl-YSYhT9ay0yOmS6G34JtxCT820hPhSOoatbg7wZWan1l4egA4u-YxWAyGrmjozFfhevbO6KgsB4x5UKRsr-_vizL_jffGOVfqMbBky-_K-9Sm61RQgLrrxg7m4vEwBPLiNArWsR9zebvyssKJkTiTGqgGTtHzg&sig=Cg0ArKJSzGYgGe2tclqzEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=870&vt=11&dtpt=869&dett=2&cstd=0&cisv=r20220822.74484&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B80Bq9J9armd6KHu-hoq43-EkBDtt89_BzLGmPZNiRO8TJx4eq3T-WOYo4S3DVZ5zyNV9IxEL0FJqyAjuscsYK_mk0Bg&cry=1&dbm_d=AKAmf-AbgwV3lFAOyxz1BUig3EbhwJlKf7_RZkFoh9BhITEpF6o3IsucUlGprlo_DJMMUeu0PIofM8SNsTbqlbycjvuvguLfCyqzHQrlpjVQYmG0xXct2zB9usooIjvSB-23gsEaaKJpbTHBNvLC96_PQON7ZkZ_i6jn2G2oDrZLGZvPTi8IG70R8nAHeEPVR7s9f8-ESpAeaLCYtqhrtdMguQuAxtirlBnCripUHexZW-NI92w8yyRa5mi1GdEIgQD9EB6pB_S5qz3GxWvt0pLrRCPZJ33id4B3uIezfG1uTsMCxSCduOU2VkH-6G8lvZUhagDYyV2JEsCMJbPCKIXFObEt5CLC1HSs5KKis1s3HP1Ry3SCegRGXn3ouDcH4_gvp5bKDFlluKUciwEfV9wg7SUMMfUXHI2of8lghFJa3x2aJdXfCVYaYWSJSFLQHp2e7X2RqhhrAtpX2Jdz38LhTOMkfkgdC54KsdD5yHvXyMr6d7mKfHs7bOe_ddSG8WMFlbO2zTcTnpfpW-CarvbnFa3vFzxUgrCIOJVfF9Ezja57lpwgH1DAyIdyxV3lV3ZLteBCuAPEv74Cc9KusZbkJzpgpQOHOLpeBVrFcPB1RwdJCrkKHJOGGrVGNaOcThTDnOVTP4vmLK5wnTBv54vfcb0rsLZjmBx1TfsdjtIaEhtMAf1AUn56si_oXLUq4GRFW4AJjTgC-EJ8HL-e334a-fF6ye1RYgGNjJt3V36_6N7FB4vuzvEubBy0WK2cTQAqel2XjR0wf2aRBvQiFF5YY6Vv_DLPAqTx6lK7fvYPfxAJ8K4A2colJqAFd01fq1trlEBklUIqlng8zyB5rnGrewKH6gjta6XTzCjMv6ohr566S5jP2HkpCwJBX_L76WoejhmbMkOkg7oflBHJ2pBXOe_u_ThbxLX1u4LFV9vPMJu_dz0H_FgHGyitHfLQ8078u7pO9vAC7fMruuaX2nYfdOmflj6cJZW87EX6WZ7uTVcjFwcr3C8GAxkzu0t6ppm2_c8_ZhGhHYM54oWelTePiUCl9Z6yRvO39te4G58ehWSa0bUPtCtHV9b_dpKxPZ5kgKWEt8zupe1_e_HCoHuBY53FEZuJ7QH0WJI5D0IGz2vbMSq1dyaLe7dkstrs5uTQe30nJ40Fi2shYlaLD9Q6CFErdHZQFHXpi-6XGFZcX2Jl__-vFUngjrc6eqUEYMVdQqh0XvJJZOEjk47fZHNPPHpuGJi4kbRs5hKPYeVm1i7LO3e-qP1WUjjf9DX2h7cRjPEhb5_61C2hZOq2ORbt54Mwi14C4qwom8rW3YS_QaN4TnETE44H5o1E1XNbGnm2KZ5z1TpnKhtJL9NwL5_i8PeYskzjT5xQaCStbE_Bi8Ve-YtgYK6svp9-4SRfx7NjmG58wUTKi2jKFM9VhrGSSyBryrDKHdg9VublvyumBEFyHzh8EYRtH3BofaXQIAP08uE6relw7qYTscHREYqjX7uZ4i8zDZE7L-zvpngTCc2ZIC91pY71gGl6P5TwhAL_5mu8sij-4-o8-1k1DAesFeJhIxG_-pVbU_17T1oM0Kmsvx9Gpwtll0IKivbYiDmwpdix1S6wke7nz6-KQT9jUbAMkL59qGCtImzioAB_c09UnFVbiOIPBqXHF7p0NjND0dz_MA1BxVLplTy-im1PPM4gXf1uGZJ24PNga-oKX7SD4KnGO97M3ozLbJ3A_jCIkxrU40b8yfgsC1olfp0_n20rWbQKDt6M4emyhYhe1DbAGw0yx_dtofnJXMsdPMGdRXLARB5CFHDSjXX-cF4O1p8iCff-eoM2AuhmdF_Oo3T5WrLbnwDBdVmhxKphu-Kb8ynz_pgAte3WKNI-0HgAlWEZArltxFaitGlYAoWCpz0XXwl2c62xgHRoe_xoCTFIv0DavzUEtL4mDiSR26I0ruWLyItEwONAFbkMxhfS8ufyrrT9GUnGk71vA8yGvQhFTAKQqNwUKRl-mYbLt7H9knL5Q9jRlxW7NlkUKMIrtMTYbrLSEkw91hkmnD-42Kc6axIxKTf9HobNIBW91zqtUYSuhOk6Rwe-XY3tyLYsYG22hHf_lXKGUUcYLpsMvnn7JAv_md3Y0LoasVsC8lCI3jqI3KAlIKdbsCj7rRwFfIVGyt4AiEukRB53ABJ-gdK-g7sxTp030whMJ0kxqw97zHEl5mqHXNXufvcah0bWUrDgD5mHRATS-InSQ937dZIgCEZw1SLvKM_bbfzV3oIdPwn42Le7UgkteuwAfh1BirS9yUUsdnJwYyP0wXDwTMPQ_VDhkEqSV3YhOTZs3ZAe-k8sG7cgo6hT09L7KRbwkxkwPKAMQz675B68FFNn54E4vbv4IZacIegNuU10dt_MKmexlKGDYWRqAgdUvbxkLEsrgxlb2oHRRo-tfpVKnVsSADrlb5oIejGqMRwJzl3ew-LUblTCIsBjadwJCcBhnTqI35xTUwC2h0OIcaLv7-I23iJ2R-H6eEVMITxqalfx0rY-cqg3e0NNmgookXtXpl4516JHBv8csQqyxlHKewymunYtKSwmLI81Bg1ZF2NXQw8jueeGXvg530tfbyFdyuaid-nRj_PjsffN9RHoLNFLWQkmM_eCtk25rEcVu4H8CkoMaoj-IStXzaPQsuGZUncdo4BVNPGPDlIEwfNRTNc86QGSWJ0_5FyRm7ZnDev3FOfPpYJxN6gwrPvWcC0kdK7mzFfAwGycOIHaZOd0NiumvbPHQWJg1sU3JZuDOJrxy22NCjU-KNJirJ9mPLDsJ5BQxpmx4zDCGkyZgTmsXCFx8rf7CKdEMC0dyM4JjNeLQ16YJ__6J-o_oS3uV5bMAAfO-mPWv_65Q26zn5gUnFU9XJwOQN46Iu4Q9YIvPxN25kIaVZZvq6bMPp7m8hn8DhkfOIPQQYlAxwxEdWGGiMlMn_fY4yhL2maZfBxhEaE_Au7Mz3ubsOFTKHpFBzJRETdz7cnBxO3vLcTw_JZZdC-DlMr-FTx-PEQpNanlBs7ur7lqTVP4dkkBoGD_Ye-np_g1xEgZ4DP53FpOb57jusbOiIzMiew49kpByD0r4Xp7SWlLfvpHhHiE9CpPEYCT7ZCiPK5sZjL2OYOUiev0_ide4MY2IcOybapAFsFlcFwVlWwQo8tmkw&cid=CAASEuRoD-Vxj5Q2gK7HUSJhNn3mKw&rfl=3%2Chttps%253A%252F%252Fwww.bg3.co%242%2C%2Chttps%253A%252F%252Fadx.holmesmind.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 28 Aug 2022 21:19:21 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
visit.js
tps.doubleverify.com/ Frame 3DF8 		724 B
700 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=586&ttfrms=27&brid=3&brver=89.0.4389.72&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTau25I%5D9%40%3D%3E6D%3E%3A%3F5%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5D38b%5D4%40Tar9EEADTbpTauTauHHH%5D38b%5D4%40Tar9EEADTbpTauTau25I%5D9%40%3D%3E6D%3E%3A%3F5%5D4%40%3ETar9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6EU2%26C%3Dl9EEADTbpTauTauHHH%5D38b%5D4%40Tau&srcurlD=2&aUrlD=0&ssl=https:&dfs=1038&ddur=555&uid=1661721561606663&jsCallback=dvCallback_1661721561606520&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=280&winw=336&wouh=1200&wouw=1600&scah=1200&scaw=1600&dvp_isOnHead=1&jsver=2986&tgjsver=2986&lvvn=28&m1=13&refD=3&referrer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-4485239425924787%26output%3Dhtml%26h%3D280%26slotname%3D3006%252F14006-1%26adk%3D3314916115%26adf%3D3653020617%26pi%3Dt.ma~as.3006%252F14006-1%26w%3D336%26url%3Dhttps%253A%252F%252Fwww.bg3.co%252F%26ea%3D0%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd%26dt%3D1661721559094%26bpp%3D6%26bdt%3D210%26idt%3D292%26shv%3Dr20220822%26mjsv%3Dm202208180101%26ptt%3D5%26saldr%3Dsa%26correlator%3D3192124272842%26frm%3D8%26ife%3D1%26pv%3D2%26ga_vid%3D573015669.1661721559%26ga_sid%3D1661721559%26ga_hid%3D748760412%26ga_fc%3D0%26nhd%3D2%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D-12245933%26ady%3D-12245933%26biw%3D-12245933%26bih%3D-12245933%26isw%3D336%26ish%3D280%26ifk%3D3719853736%26scr_x%3D-12245933%26scr_y%3D-12245933%26eid%3D44759875%252C44759926%252C44759837%252C31069004%252C31064018%26oid%3D2%26pvsid%3D1139310003802546%26uas%3D0%26nvt%3D1%26eae%3D2%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C336%252C280%26vis%3D1%26rsz%3D%257C%257CeE%257C%26abl%3DCS%26pfx%3D0%26fu%3D0%26bc%3D31%26ifi%3D1%26uci%3D1.onhdry252n6%26fsb%3D1%26dtd%3D306&fcifrms=5&brh=2&sdf=2&dvp_epl=309&noc=4&nav_pltfrm=Win32&ctx=26261893&cmp=28204324&sid=8207291&plc=342690157&crt=175564220&btreg=534647659&btadsrv=doubleclick&adsrv=1&advid=12197087&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&dvp_rcp=2&dvp_htec=1&dvp_seem=2&dvp_tuk=1&dvp_sukv=1820587167.6817615&dvp_tukv=4289225527.5716786&dvp_uuid=57612976788.27843&dvp_strhd=0.2999992370605469&dvpx_strhd=0.2999992370605469&dvp_tuid=981553766378
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements2986.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.174.120.107 Avondale, United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
2c66c520d3192a771af6d41215a228381c2b6cb5ec7e44a51d748144edfee798

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 28 Aug 2022 21:19:23 GMT
Content-Encoding
br
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=0
Transfer-Encoding
chunked
Expires
08/27/2022 21:19:23
visit.js
tps.doubleverify.com/ Frame 95A1 		724 B
700 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=723&ttfrms=8&brid=3&brver=89.0.4389.72&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTau25I%5D9%40%3D%3E6D%3E%3A%3F5%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5D38b%5D4%40Tar9EEADTbpTauTauHHH%5D38b%5D4%40Tar9EEADTbpTauTau25I%5D9%40%3D%3E6D%3E%3A%3F5%5D4%40%3ETar9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6EU2%26C%3Dl9EEADTbpTauTauHHH%5D38b%5D4%40Tau&srcurlD=2&aUrlD=0&ssl=https:&dfs=1013&ddur=514&uid=1661721561758438&jsCallback=dvCallback_1661721561758571&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=280&winw=336&wouh=1200&wouw=1600&scah=1200&scaw=1600&dvp_isOnHead=1&jsver=2986&tgjsver=2986&lvvn=28&m1=13&refD=3&referrer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-4485239425924787%26output%3Dhtml%26h%3D280%26slotname%3D3006%252F14006-1%26adk%3D3314916115%26adf%3D3653020616%26pi%3Dt.ma~as.3006%252F14006-1%26w%3D336%26url%3Dhttps%253A%252F%252Fwww.bg3.co%252F%26ea%3D0%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd%26dt%3D1661721559119%26bpp%3D12%26bdt%3D229%26idt%3D365%26shv%3Dr20220822%26mjsv%3Dm202208180101%26ptt%3D5%26saldr%3Dsa%26correlator%3D3634509533723%26frm%3D8%26ife%3D1%26pv%3D2%26ga_vid%3D1648317943.1661721559%26ga_sid%3D1661721559%26ga_hid%3D1884503631%26ga_fc%3D0%26nhd%3D2%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D-12245933%26ady%3D-12245933%26biw%3D-12245933%26bih%3D-12245933%26isw%3D336%26ish%3D280%26ifk%3D3719853736%26scr_x%3D-12245933%26scr_y%3D-12245933%26eid%3D44759876%252C44759927%252C44759842%252C44760911%252C31069063%26oid%3D2%26pvsid%3D4299496234072682%26uas%3D0%26nvt%3D1%26eae%3D2%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C336%252C280%26vis%3D1%26rsz%3D%257C%257CeE%257C%26abl%3DCS%26pfx%3D0%26fu%3D0%26bc%3D31%26ifi%3D1%26uci%3D1.w2twi0i8v5bv%26fsb%3D1%26dtd%3D379&fcifrms=5&brh=2&sdf=2&dvp_epl=309&noc=4&nav_pltfrm=Win32&ctx=26261893&cmp=28204324&sid=8207291&plc=342690157&crt=175564220&btreg=534647659&btadsrv=doubleclick&adsrv=1&advid=12197087&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&dvp_rcp=2&dvp_htec=1&dvp_seem=2&dvp_tuk=1&dvp_sukv=363203193.45412797&dvp_tukv=2376788863.3110375&dvp_uuid=871018791696.1359&dvp_strhd=0.09999847412109375&dvpx_strhd=0.09999847412109375&dvp_tuid=903811163591
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements2986.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.174.120.107 Avondale, United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
14aa6cd910470c45e7bef34a3d30697ac933bb897720960ae3a7972ed1bf1e50

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 28 Aug 2022 21:19:23 GMT
Content-Encoding
br
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=0
Transfer-Encoding
chunked
Expires
08/27/2022 21:19:23
integrator.js
adservice.google.com.au/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082202.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 28 Aug 2022 21:19:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082202.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 28 Aug 2022 21:19:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		79 KB
25 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1703123161682811&correlator=392779375226326&eid=31068457%2C31069104&output=ldjh&gdfp_req=1&vrg=2022082202&ptt=17&impl=fifs&iu_parts=103512698%3A22574853003%2C22477626096%2C22479095528%2C22579309510&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3&prev_iu_szs=320x50%7C728x250%7C728x90%7C690x90%7C690x250%7C675x90%7C675x250%7C670x90%7C670x250%7C650x90%7C650x250%7C650x150%7C630x90%7C630x250%7C602x100%7C600x90%7C600x250%7C580x90%7C570x90%7C550x150%7C468x60%7C320x50%7C320x100%7C300x50%7C300x100%7C300x75%7C300x250%7C250x250%7C200x200%2C320x50%7C728x90%7C690x90%7C675x90%7C670x90%7C650x90%7C630x90%7C600x90%7C580x90%7C570x90%7C468x60%7C320x50%7C300x50%7C300x75%2C320x50%7C120x600&fluid=height%2Cheight%2Cheight&ifi=1&adks=1420297610%2C2857874404%2C4082231052&sfv=1-0-38&fsapi=false&prev_scp=adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26refreshcount%3D0%26refreshrate%3D30%7Cadpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26refreshcount%3D0%26refreshrate%3D30%7Cadpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26refreshcount%3D0%26refreshrate%3D30&eri=1&cust_params=da%3Dadx%26outbrain%3Dtrue&sc=1&cookie=ID%3D4bf5512d5143586a-22bf8ac6d8d500b6%3AT%3D1661721558%3ART%3D1661721558%3AS%3DALNI_MYqcYi3QtJIZAAD-dXmMQViP1YQ3w&gpic=UID%3D0000092e96e42a41%3AT%3D1661721558%3ART%3D1661721558%3AS%3DALNI_MaNFV8HrbzSIXvLlBcdiTUBHrMkww&arp=1&abxe=1&dt=1661721561903&lmt=1661721561&dlt=1661721554800&idt=4266&adxs=236%2C436%2C5&adys=60%2C1110%2C300&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0&ucis=1%7C2%7C3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Flu-pei-pian-tai-ren-ai-bai-bai-zou-chun-xiang-fang-chang-jia.html&frm=20&vis=1&psz=728x-1%7C728x-1%7C120x-1&msz=728x-1%7C728x-1%7C120x-1&fws=4%2C516%2C516&ohw=728%2C1600%2C1600&ga_vid=31152529.1661721562&ga_sid=1661721562&ga_hid=5149&ga_fc=false&ga_cid=amp-7CyGMWah7TnXWr9O9EIxJQ
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082202.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f156.1e100.net
Software
cafe /
Resource Hash
2a86660bfa468d88b3d443f578874c69527e0b7f9124604d39c167ac37b61460
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 21:19:22 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25634
x-xss-protection
0
google-lineitem-id
-1,-1,-1
pragma
no-cache
server
cafe
google-creative-id
-1,-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
1658cca735c76dfbd679764915247b41.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 7B89 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://1658cca735c76dfbd679764915247b41.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082202.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 28 Aug 2022 21:19:22 GMT
expires
Mon, 28 Aug 2023 21:19:22 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
publishertag.prebid.117.js
static.criteo.net/js/ld/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1661278076254.v6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 21:19:22 GMT
content-encoding
gzip
last-modified
Wed, 29 Dec 2021 12:30:46 GMT
server
nginx
etag
W/"61cc54f6-15c19"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 29 Aug 2022 21:19:22 GMT
collect
www.google-analytics.com/g/ 		0
106 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=2oe8o0&_p=5149&cid=31152529.1661721562&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=1&sid=1661721562&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Flu-pei-pian-tai-ren-ai-bai-bai-zou-chun-xiang-fang-chang-jia.html&dt=%E9%99%B8%E9%85%8D%E7%AF%87%EF%BC%8D%E8%87%BA%E4%BA%BA%E6%84%9B%E6%8B%9C%E6%8B%9C%E8%B5%B0%E6%98%A5%20%E5%83%8F%E6%94%BE%E9%95%B7%E5%81%87%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_fv=1&_ss=1&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_success
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f139.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Aug 2022 21:19:22 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
1658cca735c76dfbd679764915247b41.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 3E07 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://1658cca735c76dfbd679764915247b41.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082202.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 28 Aug 2022 21:19:22 GMT
expires
Mon, 28 Aug 2023 21:19:22 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
1658cca735c76dfbd679764915247b41.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 49A3 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://1658cca735c76dfbd679764915247b41.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082202.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 28 Aug 2022 21:19:22 GMT
expires
Mon, 28 Aug 2023 21:19:22 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012208081650000/ Frame C976 		220 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012208081650000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082202.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
d2e5722cf0b8d8df31200550801d755733c56d9ca2758b7041fbed009e0c9d08
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
318192
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61502
x-xss-protection
0
server
sffe
date
Thu, 25 Aug 2022 04:56:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"df13b0b17adb5918"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 25 Aug 2023 04:56:10 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012208081650000/v0/ Frame C976 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012208081650000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082202.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
1e14ddde632bad66a3f79d6dc2c6a212d3b1b5cd8100cb6b73984b8797c5ed86
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
156268
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5197
x-xss-protection
0
server
sffe
date
Sat, 27 Aug 2022 01:54:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"aca8368210f82021"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 27 Aug 2023 01:54:54 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012208081650000/v0/ Frame C976 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012208081650000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082202.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
70fa25d0cd4744b6b91054ad55e3e931dad31cc85915b13e33e4e674426c7cc1
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
318192
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28794
x-xss-protection
0
server
sffe
date
Thu, 25 Aug 2022 04:56:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"cc093c4134ec5f1e"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 25 Aug 2023 04:56:10 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012208081650000/v0/ Frame C976 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012208081650000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082202.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
ec61d9fd1b3609a3a53f377ed07059c3dc7d2cb1502022e0623b4ebc1ea0f35e
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
168303
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1913
x-xss-protection
0
server
sffe
date
Fri, 26 Aug 2022 22:34:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"ef17e6cba96d5668"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 26 Aug 2023 22:34:19 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012208081650000/v0/ Frame C976 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012208081650000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082202.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
8d200dc372fb333c0ca488fba2a569a686cbf5f1ba0cc0544a4a8c96a4f91de3
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
168226
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12948
x-xss-protection
0
server
sffe
date
Fri, 26 Aug 2022 22:35:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"08e07a681963ea9f"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 26 Aug 2023 22:35:36 GMT
truncated
/ Frame C976 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9597416f5c3f7d86e624826db697705d7db39b22e19b19cf2ee15a29d5b69401

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
4319624902604913062
tpc.googlesyndication.com/simgad/ Frame C976 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/4319624902604913062?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qn-OqnPpSTdKqpLnWNux8JQM1lAQA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lu-pei-pian-tai-ren-ai-bai-bai-zou-chun-xiang-fang-chang-jia.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
06862d2bc2da67d85f660972bbb8cae05483b97c21ef9bfc1f44d675a8dfc78c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 21:19:22 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15121
x-xss-protection
0
last-modified
Thu, 26 May 2022 04:59:41 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 28 Aug 2023 21:19:22 GMT
zh_tw.png
tpc.googlesyndication.com/pagead/images/abg/ Frame C976 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/zh_tw.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lu-pei-pian-tai-ren-ai-bai-bai-zou-chun-xiang-fang-chang-jia.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
cafe /
Resource Hash
a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 16:44:05 GMT
x-content-type-options
nosniff
server
cafe
age
16517
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
7688947696963022458
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3430
x-xss-protection
0
expires
Mon, 29 Aug 2022 16:44:05 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame C976 		344 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lu-pei-pian-tai-ren-ai-bai-bai-zou-chun-xiang-fang-chang-jia.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 03:50:19 GMT
x-content-type-options
nosniff
server
cafe
age
62943
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
6766994032117382215
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Mon, 29 Aug 2022 03:50:19 GMT
l
www.google.com/ads/measurement/ Frame C976 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaS-oPUAih4y_u9mS5gk8B98619YU4iDpA82ve8ArFdiaLwFZ6DySF1Q_umCATkZmdA2P1KpGCJ_nvOMusDv1GjKvH4t9g
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lu-pei-pian-tai-ren-ai-bai-bai-zou-chun-xiang-fang-chang-jia.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.103 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f103.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame C976 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CjVQO2tsLY5HhAvXQyAOahL6wCKuC_9xr6ZjD6oMQrJPG2LQJEAEguoTAM2ClwKOApAGgAYaxjsoDyAECqQK5mExcgCSnPuACAKgDAcgDCKoEsAJP0CoGwFqsP9TCq2gZ37wHJ8vO65FNPLr6osVI-kHdF7j9hVY7zUMu0xjNfH5rqGFzrvHvBzIINf-xqDLZXv-xpcvkaP_EDiPbgsWDiBayi3Gqcm7nujj7ITCA7c0xbglVDXKbGhUJb0ZHu3tDSBl8LmI1lmKr93Z2xDEC6JiLqZjRCV3GqUo4T9igsmwMyYc0dOwTa4j2DYXMZKYVfLqVxz60ySQR99GdAY45iLiyFL99Kff2SMOTjzntTeLC1SXkCaS_iMxjKJN7SmuNrvEC8Ac9EhsAxOpjUdII66iTcYCyls1b8Pa_0EXDvdKOygc7rhfe9LSB4DDacFFZyV_tXBGhsSM3i-VvXP-uK4HGyBXCMv6pQIibG5Kc6ot2jQdtmre5lfzY3OgG0YkjKCPWwATx9OiIiQTgBAGgBgKAB77G5EKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBC52wrSCA8IgGEQARgdMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODCACgPICwHYEwPQFQGAFwGyFx4KHAgAEhRwdWItODkzMzMyOTk5OTM5MTEwNBjKqx4&sigh=4ebryLOJ7P0&uach_m=[UACH]
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lu-pei-pian-tai-ren-ai-bai-bai-zou-chun-xiang-fang-chang-jia.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f156.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
publishertag.prebid.js
static.criteo.net/js/ld/ 		87 KB
28 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
17d2a9596b37d5d8c0e8b46eda67f51c04e05703e5619deff979d5ef50563e91
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 21:19:23 GMT
content-encoding
gzip
last-modified
Tue, 16 Aug 2022 07:20:45 GMT
server
nginx
etag
W/"62fb454d-15cfe"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 29 Aug 2022 21:19:23 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 42AF 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst6wX9J0uKjXLcbFWGoFn-bBk5Z8m8XhNc4Fee1R0UA3PzsBrU4lhkEmjT5n44euQgDRKrjr5dNLb7MtMFNGrLlGCch5GiDazqN5pK5lLaWfjMR0ej3TS_JxaVykgykMmnsiwM&sai=AMfl-YQyt6Uf418j-sRDCIADeUF0G7blpsFGev5p7ohX3C1RMVahGwIGH6R7wEdIc4e2hD29q3Zb_M51TtgE6moc_ZVzDqaQipeko2o&sig=Cg0ArKJSzJ6CW5KOx7IHEAE&cid=CAASEuRoI5BYTYP_3-VE9M_gWe5GGA&id=lidar2&mcvt=1000&p=0,0,250,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220824&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3314916115&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1661721559402&rpt=2582&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Aug 2022 21:19:23 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 2504 		482 B
274 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNCgQRCLx0IYl8WtcTAB&v=APEucNXqvW_xcuLkIJT_Y4T05h7mm19N6mbcgEeNaZNTlBvxZet0fDGxzojfNJBaHVDo8nDgSEIXaeTBF6xeNaQhXEqRVKjA8A
Requested by
Host: 1658cca735c76dfbd679764915247b41.safeframe.googlesyndication.com
URL: https://1658cca735c76dfbd679764915247b41.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
7599e0a5ce1ba2a12f036e998e19e60b6e982178e4363d4630ab3a91ca73bf62
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1658cca735c76dfbd679764915247b41.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
253
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 28 Aug 2022 21:19:23 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 3E07 		80 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Agg1mXwiEZkO3PUPO1RMmR7F5DRimjXY-QDXE8WEpjv6VK5taP9cPC4lirpX7yJxfq21IKkPvybGfggdiiXuqu3Tp6AA&cry=1&dbm_d=AKAmf-ACI52tQZXLt_9KKt9710EewdcnvEIXKEH7LppbvxgS2I-zu2LsSNYF0PUUHgYOJOn47gLpP1y0s_jGxMMwhlaJfdVRPWM8xmdB3CMEWhgfekFiOREyBxqqrY3snDAGLUusAKpdadx3V_qQQYIWal8xG6_gItp_SFUSfLm6u08sf5ak0F4d5z_SZX53u6iSpjg09BNUx4-ZfogS67X3tNYukf2wCMJgIIAmjYaR9cmPPQ7Tsxvww4RB9ajche1oUuvgxdB9zEcyUu8xsNW75wkiK72WlzLGofYSElad8-gMivi-ta63CCKDg2sAeCQ-oYucc-oloTO_89QaRu3JhuY-WYixY55P5q6R7USG8ttaNdTCsKd6F8cBrVUMZ7Am_OT4ZKWFbCkdN81YNGSK0fZTh3hda2_xhTBRSl6Z-FHMajwAZM5-HwP5bk7RCLRnAZ9XWZfBVHB39ayKey2xVYTsvGzcuZYW_xnGpbCAZWTxGcSd2tBd9qQuAF3O64AzX_pI4WyIMnF6Z9lcjxKIP2t6K_i6GFWc-JeHwkspPK9vtP8vkbkDBKB3oxVYOyNy27-UTprDSRBIuvCEtF31WJPQIrorWaDjaf5Gaa-VuR5vTx7SVHZlVSko7GI9e1uKnM3bMeu8uwDQN8rFw6_ArkP9_fS16iCFceoXkxfJ6X63AfTKFPV_V-aTic3H9K_6yyOIbl0bdGfrYMZsEyfOiSu6LSSITFTn7oujepRS7IH3mgNR8MB3g6cDBpU9nnuvxMrLw8_qDGAcY7NfSH7H9t9rAadErvSnbCIehwXuKMpI-LoE8DesWmGsZwKNAkIsVnROR8epP0PIQleh9iWky9KlgyhR7VuOauCCss7Qc6YMnz4RqFQ_Nb7EZ1BULyoGz2h0Q3_sCcF0X9XCShOh6NyN_S2iUX0VNNROzZ9oJXEm9VvxHnNehNJHbriPp_b-y62UNbR91zKjmSFpayZs2VuuAkIgRprFe3xNZGZFnoZ9MaOHUPbMf2Fp2phMNVF1_tjTclsrNDarkLNAMslsDVAWvwWYWn5mvbj6nXPWhwUqJr98U0kGJKmqnnDdDNhqZtQ36fOOyjF0oBu_GnJubbt8LQQ89SgrYlRT6vGFBJX8MnL9lwcgltvWbGhsLnBbViNCb9al_xcaEsj357TM59P8yhaJKRziSu5MIrdgNcKmAR9WfK9zcGfJMdUEMftIlbwJyPc2wgkq1SsASW---5rBwwmYasLweEwfjcCgJFcRWcPROQdgGggfS6VWn5Bi5HvDE8dw30xSuZ64jJ48T6bMsGd0sfQWPM8jdzvY55MYlMPq6mfFIO53iAb_MmvIA05Vz8E4MNbBxY-spr_a5yZ5PcpJA6q7GujkyV8ncQg0KdZMTic9FrFgt0vIp2FIW2L9_nzYyJV-C53CzGItIEG_DLBaOTiBrw3lCxpLheOr7-5TRHceQ2lb9cpu0CpRR2D0nL5P5bpyu02C6K93iALe8G-46TT52zW6eYeuXsl9MlkJHIkVwzmewq8u-75uwCwe1Fq_HWXvNf23O_D6h1jzfJu_jpcKe2u3zn9hgk05nB57toeyQPW8yTBjlqYH-uhGniwOVQ8EiMUY1TzHS_-XjH4MrmeOwVF1lxdebSIfLmQOB99Xmteentre5b2wr7n7qnIy_hAv67YH48-2lcNAZ45bJxQu--ZxbGESGk01gxyaPJbRKzYytd3MhlSl4BoN6CRnwx6D8g97PUXchXa-3LwZoNfQIYo0oL_Ucb9ycdWjelTj008QXCX4HZo6eFOSRctTgI5QJpKl4uBB2wIj22dkg-bnvQMVhyw_73XY-ltL0Xucr7TZTHhFXi4RnqOXzH9tvmxE2d1Zirkgl0QdxmAxq6i9dtdLUcOsUxxrniHh9htmeFjIY3DXfx4mLg0LrjE6vs76cejQddo6seeivT2AgKA74d-zmbY8LE2zePaiF1D3GQ_6Tlty5aN2JTs2mDAuvErs0VkZP_ARLNeIAfwamILHacWrd7kJY8I4rxqN7zFAuy6nRYdDDdSOy7OA5k1Y5A0gN78uJhpzww91P3WK380lBKzHSN9kQLcQf1KTCnuZoOWY1f5tMvyV31g6UGmK9tT1cmvhsKZVgM_pWNp3al6hnyFjm0vWbdpv7vDTwQfBIAkqxUFCTyBPVxPrlM1jj_Juk1Q6F9HEILF1hvepfAKV_0M4nc8cJ1pPBd5pknoAVqQkCPoccWfn2tdez0H2q3rQ0Qg5zJ2P0kWMVIBDqMvWaBblz2wqX6yiAjtojNZRENJp1_MEkp1hP3mFg1b7Sph0DBob76W17u9p2Asgm_Cj7FtxdmvgnxE0MX30UmKxyOxQ80xA_EQCFvjZKdsWgvchfP62MKbScektHE6jVtD_uTniIOGc0mln5hanh0fQtN76yl4nnpiytj4fJXLAz6G0NlxQvoami4hXxsxDrDRxh6qDF7sYoBvLPGZYC5_FH8Nj573gsfFGGlbQOMhyONt4WR4HnIe44fgYNB_Wk190zDTsodD7wbw62EfgC-6bi8OP0_oYHvxJm2g7uaNO9VSwylQVY4faNb3P2xzeo2jGhCjNcrJand8wWdN9G37oNbhU4DMSluPAta14vZmwoTKnEnsQb-B_uoGoHk2CCgU-icOuPp2StTeWekdwwuE90hFpS9gho8h5ejvZXsrc4xXTDZADOji9cttkI4eIZxt-MmHY60mSQm67Z2y014s66WikpZFimGpF6wVmPlH6kjkVWsZObELPwreRlEkJglejrpawbPxmex5fhuPAR8M6y5oaWtCMiUbxzyrmaIYEaJIskcP48aQVucQk6FIZgTouArMklgH_aLSThL0zZY5WTaOQUFYRUUA0vDOn9FpKPQ9tbdvEP9p7rsuJ2tlIJt2ZnaLHQewZIomdm5J42gAHJ7KDT4lZjUavRjErOJwSUHC9tx-TwVOcpwX8iRhtMDk2FW_g9eioZr58UVS80CnJ9hhsL_ZdIHwpGo9Ntxh4EWBDGC38JgBFcNaU0LJniuOkwEbsfZg8-ZBjOXAoJmYYDSEK-dSIMllnlE9zKucKqvmeiVw_U0ZnIW2ANwhoSm8AE_8NtBXz0PlwmQEByrROq-8IGDOCk_vA252ep4C2bQCypCnvMKcER3_xAy86vKjggm9jdytG-M18nE4ytkG2jVnGJKSe3bGsIljdRzR0-aa4qnfxWQnCcfDOVQJrUQ&cid=CAASJORodyFabnU5M-vMKFc8a3aYSnA9rRAle823Xcgiy3cuy5mDVw&rfl=1%2Chttps%253A%252F%252Fwww.bg3.co%252F%240
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lu-pei-pian-tai-ren-ai-bai-bai-zou-chun-xiang-fang-chang-jia.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
7165e1b780f7e3f7da7a2404aa85d81e01950cb5fb40b604873785624fe2379c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://1658cca735c76dfbd679764915247b41.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Aug 2022 21:19:23 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34232
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3E07 		42 B
68 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AJrGg8QQZemapZVZsP1NUX0KAqJav9dxCth0nHt2E1HIMiHvjSltJ4s871fCWyXW0U_6zb_r83tjM8o3wayqIbMHzolurMgeU2sbKvj8SIeor02Tc
Requested by
Host: 1658cca735c76dfbd679764915247b41.safeframe.googlesyndication.com
URL: https://1658cca735c76dfbd679764915247b41.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://1658cca735c76dfbd679764915247b41.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Aug 2022 21:19:23 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/ Frame 3E07 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/window_focus_fy2021.js
Requested by
Host: 1658cca735c76dfbd679764915247b41.safeframe.googlesyndication.com
URL: https://1658cca735c76dfbd679764915247b41.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://1658cca735c76dfbd679764915247b41.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 17:56:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
12190
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 11 Sep 2022 17:56:13 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/ Frame 3E07 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 1658cca735c76dfbd679764915247b41.safeframe.googlesyndication.com
URL: https://1658cca735c76dfbd679764915247b41.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
cafe /
Resource Hash
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://1658cca735c76dfbd679764915247b41.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 17:18:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
14464
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7599
x-xss-protection
0
server
cafe
etag
9215437806027971270
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 11 Sep 2022 17:18:19 GMT
l
www.google.com/ads/measurement/ Frame 3E07 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTd1QH58KnMqGSy5sZMzKTtRVVCM7GU9VVs0AZWIQ6hsCzZ5RP_yx4Ts3t7IgXGFHzbEkFyDKFuML7x3l_HrDs3smMv5w
Requested by
Host: 1658cca735c76dfbd679764915247b41.safeframe.googlesyndication.com
URL: https://1658cca735c76dfbd679764915247b41.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.103 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f103.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://1658cca735c76dfbd679764915247b41.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3E07 		140 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 1658cca735c76dfbd679764915247b41.safeframe.googlesyndication.com
URL: https://1658cca735c76dfbd679764915247b41.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
sffe /
Resource Hash
40b5f6acfe971488e28b4570d0b485406d6a56cbdf45e86f0df9b1f040eb6d0d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://1658cca735c76dfbd679764915247b41.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 21:19:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44079
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1661341966742178"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 28 Aug 2022 21:19:25 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 855B 		342 B
236 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNCgQRCLx0IYisqtcTAB&v=APEucNW3uLoT-UHRU3p5gj5W4nSFvvwxATWWmhWG7rsvToDf1XbGtSayI_VXJANIQfobDT9qahN0G0qG-XX_4WJSoicxvrdGKw
Requested by
Host: 1658cca735c76dfbd679764915247b41.safeframe.googlesyndication.com
URL: https://1658cca735c76dfbd679764915247b41.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
5d6b864869c19ea1f500174a8dc3f327fd5fdc7e8f92f569788a6744341e4f27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1658cca735c76dfbd679764915247b41.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
215
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 28 Aug 2022 21:19:23 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 49A3 		80 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D4KSE21HuL-J0NrSvRY-vgmdGw8qolBVyFmIIeJ8s6P117WJWmsvwVhWua2ER9h4k9PnfSAEoJOyV9BBdY29zTYBAlhQ&cry=1&dbm_d=AKAmf-DVz7QQOE5JiTyDn-iA2jmckdWY74MGel8ETrWvfhsOT4Gg2Q0scUGc8KQfRKmMB6ByzDFUxpDPeXLvNenCEpXIhiN8bVUGumKdHjwCJeVqofj8HOgCHdZH5gFjrQDc_n9Se-5xPlRPgAI8BF3hYA7YY5rb3qWNFGX3W_IHVRgGuc4yZAVWzpI7Us5VMCzRmgA8fxVxitYisW3ZhjK3_GYmxMdP8JrYjAfjGST41MfYU0DaLTDDnqCrrF7x70_W_NSZTYxAebkwFKH32vT0zh1Xhr_Mqzu_GvtT95TGF_lbEUnyLMds1WE-by-FUaSdeMsEsTB8_J5WUCFN7XRd_91X3Ck06kjLIDklJrWvJMTooWZHvVKoTlClScVSbiApgjkrU-UVKe3AXF626YJ_DnDNlsmXwG9smEjbH9yzgWGWwJcsbj7Q3ASlJLHksxmjdtX-vKW7k71M9ZSS49Nrm9D_oDmLHFZJ58adoVIBB6d7ufC844u450eJgvlplk9BXoo-P9Ajo51JMMu6x_qUtrrVoJUGkcrce_YK3U-voIirT4e1SHla_OevK7SENf31fkNY3FeT1rHMFoUEn6Y142CNV3okeIyMVfUr7gm2Y-cGpH7SW6f17nC1bk6mFQOKCJUs8QuqS9jT7NPkq6-6JgpXxVobJTJSU1ooZwJSrgxsqUc4033CtQXtWfgMjPlCMoTxu_yM-4Z6jzdBClHkuBsJIY9V07ZNLbcKmGipkuek8_UfDBaTd0f6b8meO-LF1xU3-IR3iQBw-iLDRAPbdZOAI0xYEfvQpJuatuPKxSDdZg06hY8I7Zb6NPsVvImW2SWOnijq1PR0-Oo8b3_C4FLHnIOWUsApQyTZ7pEyQANxK_seJYMFsDr_anu-oc6Ws8Ihq7Glt02KqHZn8MIaiNQWO9Y2SYMNqptQnZBUGMxhOrz_FimPRw3mJKkkKgIskKEV8StCHuoxSHGAIgy08HmhpRJcZ5PitqrpMfK3Zng1vMmdW2jAc5TW3mRCAPwYQtUEdJaDClQPbsJE1uLCbiLuXL81qTrR0xr-HwSyqizYyRtgILOC1UTE56t3YE_dRMC0Lt2alrzPZ8Xve92KiTvb0ncRnAP1wjg44Vv4ZRuV9w5pA2aIFgrW5YPJYwYQbx0qHqA40jEXs0AVlMD-xbDAVRB7y-XST_n-rwoS_naW7bB_-RUWEv3kkfA7xFOLw1TddzwJgbRmJHkTspEjJtDW9vhYqhiWOHSaWpm3knl4UN7Icci2Ekgjc2DhEMd7yf5_vjHvZKkJUO08BE6XP6xu9ywpk3Ble3fDJHWs3m9IKV9krc_GFtiT39mrxrG7e8SpT_NZuTEwPl01aldg0BWwzDYjLXDcsyLXR1r2uJWbe65KLjXL9BLFFNfAWwjfQMTJ87jUNtN_ETxAuO9k95mNXAxS2CUO08ra2NsW7fuU9PTJV5VPxOMFWU5-zpGzJpinxaWGUqkwmlJpZ496RnKvNMd_Uq0mflyizBj4dk018C8K5p-0OOzdHqtP01QYEq_8-r2UpBXkrXqElNqC7JKAbnbyWP6aRzXeqlGTgyKd1W0xZCU43cXKOpMVnMiiRxyzyNaEwmNJtohZMa1Ubp2DBMdq2aAqBxHO5q9EUD2i_DtCbXBlyKbg6hsPeAz7PbFFvO7HDzijnEWzqCb-a3TzVFQoICNuGcYVITPbN-VdW6AXSY4THwwcDKgXzeI_xseDa0mgCxkea-ljh90sUonDLypMo5-DTo7691Uqq7SMAYFEip0trUsch4GrTv-7CGa93XBAXL3OhyLpx5ID9ncRG7RK2Hyi437NwNkSwzffjQfBmm5UKs22yr-XZ5gpsW9-Jtl901KTdWYgxIK_BjeMQIEfp2wLz2Elnq6j-Ic0Q1R9II7qOoE_G9Sp-AiiKP39ASWPhOdT6XfyVxP81qnN5CikXu-OXKAlD-8HA4V5KzFv4bCAJH1YO9HUw7Tc6kBwb0xTDycavtudZ9JsbfVDXizx9g9fcIhI0hU2FSS34X-NQag4NwhOE8QkzYhvXbmdFxHp_wIbGPAuCB1v7DJehCt8D-obLp1YeLUEGHT7Gzn28FT_JYQ4Cnun2BZ7IV9VJl_fuvKyt3OjB5SL3xIISUpN1VzaIsns138MvlT1vyLohqWfMniVJxgTSIKWGzmjfALBrKERTLHL47s8uGKCTyuYOyHyCEKeQfsVBsWKr_oJ9-cZqm5-GMkJ6sWmtmWGYWD2NAixJrEU0joN269EOAmxzTLeX20c0JELA7BGQuPI5pcvqVG6Zc5CaYIMRm3v0VbDb7kGw1L8yGCJHqMOB67CTk9R-mNfyrA-k9ma1FXq3PubxCoPDDgjTqu9ffyemogeKv0VtpxxdRX8K8fvfKwx8ngESS3SRdpmWqFzziBGUt3qLrL1p5dHDfla_7utQfaf_nJxOSXb_elVvpVmBpqgSqWibvY1x5ndU19iw33-L79zZDp9rNUVqV1-Mms2xMTQU6pWCH28CNKYTREGbVj2yIP1RFXHCpHxhBsdyi-q07QoE8njp-eb4rhvyO3kMOPIj_lKv4tpEhgrsdD-rEU9mGUZSXUId413iNDVk7BIpDdoCmGPcHEL-KpbRgP_UrMNMEpBMEWJLkA0jv8LktYgfgmQexXbwjxyF0y34a-xoTKflHVqxWFt_NQz84pGfO58Np4Y7jCq2EQ53SoxxCJgDPi2KFOJzxc9ZhKv1uLt_ePENvwrsnaAWq-uRiOl1040mui-oDym7zFzB0NAC7IDYa65SAOlRQieGSNZhtjiZL3BajDY882ahn2RJvLhlL-JTQERA9rNltZa8d8nhVz1YIGoBZwCN-TmIwLw6BLNcCZgJl19bUm53DLRKEhxdLk-bii07u-oyLanjX3ZXI8PP196F7MEhDemUXSwc2h6VOD0P1V8UStKoKizDu5Cl1cZtWMnMlt-xamE5LEr8KrYMnB5VcAw5Rv5NoCUpal4M2siGAwNzV_j-fuF2g4DidzAN8YNS3y0wPQuCtxK9ugdo6CdsA86K18Ri9kvdFmsidQbleyXnIkWGo6Fes4n_QwO1_WlaBHpaphvHlhye7Et6w5ot1I3BDIuISicIBhLCWunoAvDCrTUEZFMNQ1FsFt_Cohl60D4aZ5SIyCe5q6VSRFr3HsGJc-q5bRZXVgH3uWPiWLI1FFt1BrfXrGq9avCm0zwFqL1tlV5EVC0cVVbMQ&cid=CAASJORowo78beLJNivx0mPfnCSVszv3lxoJ4FElidKDP73c94FZUQ&rfl=1%2Chttps%253A%252F%252Fwww.bg3.co%252F%240
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lu-pei-pian-tai-ren-ai-bai-bai-zou-chun-xiang-fang-chang-jia.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
12b15a212021f57ae89bb223050732081156290c7aa7a0d5cbb5d9f93cffb9e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://1658cca735c76dfbd679764915247b41.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Aug 2022 21:19:23 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34254
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 49A3 		42 B
68 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Cg8PqQWJ06kJLer0qcntKDzLPl-9nIq0sanCzbdWDCX_TZ1x40D1WWWhgXcVdZxVWcOtXQsiWC1SMN1b2ews7Mxk48yMts8FmHB1VHBXknpCinQI8
Requested by
Host: 1658cca735c76dfbd679764915247b41.safeframe.googlesyndication.com
URL: https://1658cca735c76dfbd679764915247b41.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://1658cca735c76dfbd679764915247b41.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Aug 2022 21:19:23 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/ Frame 49A3 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/window_focus_fy2021.js
Requested by
Host: 1658cca735c76dfbd679764915247b41.safeframe.googlesyndication.com
URL: https://1658cca735c76dfbd679764915247b41.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://1658cca735c76dfbd679764915247b41.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 17:56:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
12190
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 11 Sep 2022 17:56:13 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/ Frame 49A3 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 1658cca735c76dfbd679764915247b41.safeframe.googlesyndication.com
URL: https://1658cca735c76dfbd679764915247b41.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
cafe /
Resource Hash
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://1658cca735c76dfbd679764915247b41.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 17:18:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
14464
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7599
x-xss-protection
0
server
cafe
etag
9215437806027971270
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 11 Sep 2022 17:18:19 GMT
l
www.google.com/ads/measurement/ Frame 49A3 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSPsIc2jGElEESpLfVD6z_7XgeZxAItZYaeJ42vrsYsugnVvvKB_EXCfhi_Llz97SVGZ_Z4UZVk3hVBiD5LS4Yd-MAe3Q
Requested by
Host: 1658cca735c76dfbd679764915247b41.safeframe.googlesyndication.com
URL: https://1658cca735c76dfbd679764915247b41.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.103 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f103.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://1658cca735c76dfbd679764915247b41.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 49A3 		140 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 1658cca735c76dfbd679764915247b41.safeframe.googlesyndication.com
URL: https://1658cca735c76dfbd679764915247b41.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
sffe /
Resource Hash
40b5f6acfe971488e28b4570d0b485406d6a56cbdf45e86f0df9b1f040eb6d0d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://1658cca735c76dfbd679764915247b41.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 21:19:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44079
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1661341966742178"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 28 Aug 2022 21:19:25 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame C976
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lu-pei-pian-tai-ren-ai-bai-bai-zou-chun-xiang-fang-chang-jia.html
Protocol
H3
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date
Sun, 28 Aug 2022 21:19:23 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
sync
partners.tremorhub.com/ Frame 2504
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=tremor_video_dbm&google_cm&google_dbm
  • https://partners.tremorhub.com/sync?UIGL=CAESECv4W3jOQyxBQjKB_Shw-to&google_cver=1
43 B
183 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partners.tremorhub.com/sync?UIGL=CAESECv4W3jOQyxBQjKB_Shw-to&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNCgQRCLx0IYl8WtcTAB&v=APEucNXqvW_xcuLkIJT_Y4T05h7mm19N6mbcgEeNaZNTlBvxZet0fDGxzojfNJBaHVDo8nDgSEIXaeTBF6xeNaQhXEqRVKjA8A
Protocol
H2
Server
54.174.78.62 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-174-78-62.compute-1.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 21:19:24 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sun, 28 Aug 2022 21:19:23 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://partners.tremorhub.com/sync?UIGL=CAESECv4W3jOQyxBQjKB_Shw-to&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
283
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
partner
sync.search.spotxchange.com/ Frame 2504
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEOVGqRlx6iGptFbT-nEsUGM&google_cver=1
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEOVGqRlx6iGptFbT-nEsUGM&google_cver=1&__user_check__=1&sync_id=16de8912-2717-11ed-85ca-195d36af0507
43 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEOVGqRlx6iGptFbT-nEsUGM&google_cver=1&__user_check__=1&sync_id=16de8912-2717-11ed-85ca-195d36af0507
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNCgQRCLx0IYl8WtcTAB&v=APEucNXqvW_xcuLkIJT_Y4T05h7mm19N6mbcgEeNaZNTlBvxZet0fDGxzojfNJBaHVDo8nDgSEIXaeTBF6xeNaQhXEqRVKjA8A
Protocol
HTTP/1.1
Server
103.71.26.125 Singapore, Singapore, ASN132134 (SPOTX-AS-AP SpotXchange, Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 28 Aug 2022 21:19:24 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
87
Connection
keep-alive
Content-Length
43

Redirect headers

Date
Sun, 28 Aug 2022 21:19:23 GMT
Server
nginx
Location
/partner?adv_id=7025&uid=CAESEOVGqRlx6iGptFbT-nEsUGM&google_cver=1&__user_check__=1&sync_id=16de8912-2717-11ed-85ca-195d36af0507
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
68
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 2504
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_i...
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=MTZkNjJmOGItMjcxNy0xMWVkLWI3MjgtMTY1MTFjNGQwMTA3
170 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=MTZkNjJmOGItMjcxNy0xMWVkLWI3MjgtMTY1MTFjNGQwMTA3
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNCgQRCLx0IYl8WtcTAB&v=APEucNXqvW_xcuLkIJT_Y4T05h7mm19N6mbcgEeNaZNTlBvxZet0fDGxzojfNJBaHVDo8nDgSEIXaeTBF6xeNaQhXEqRVKjA8A
Protocol
H3
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Aug 2022 21:19:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Sun, 28 Aug 2022 21:19:24 GMT
Server
nginx
Location
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=MTZkNjJmOGItMjcxNy0xMWVkLWI3MjgtMTY1MTFjNGQwMTA3
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
41
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 855B
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true
  • https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true&verify=true
  • https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS0uZTVPWG90RTJ1RkdpX184dWdyem1aZDNvbi5mRTNIbn5B
170 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS0uZTVPWG90RTJ1RkdpX184dWdyem1aZDNvbi5mRTNIbn5B
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNCgQRCLx0IYisqtcTAB&v=APEucNW3uLoT-UHRU3p5gj5W4nSFvvwxATWWmhWG7rsvToDf1XbGtSayI_VXJANIQfobDT9qahN0G0qG-XX_4WJSoicxvrdGKw
Protocol
H3
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Aug 2022 21:19:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS0uZTVPWG90RTJ1RkdpX184dWdyem1aZDNvbi5mRTNIbn5B
date
Sun, 28 Aug 2022 21:19:23 GMT
server
ATS/9.1.10.25
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
user-registering
ads.stickyadstv.com/ Frame 855B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm&google_dbm
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEGqDHjOuzNjlvNNtZ7iVa-c&google_cver=1
43 B
721 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEGqDHjOuzNjlvNNtZ7iVa-c&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNCgQRCLx0IYisqtcTAB&v=APEucNW3uLoT-UHRU3p5gj5W4nSFvvwxATWWmhWG7rsvToDf1XbGtSayI_VXJANIQfobDT9qahN0G0qG-XX_4WJSoicxvrdGKw
Protocol
HTTP/1.1
Server
23.52.171.154 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-52-171-154.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 28 Aug 2022 21:19:23 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
43
x-sticky-vk
1661721563771039-42
Expires
Sun, 28 Aug 2022 21:19:23 GMT

Redirect headers

pragma
no-cache
date
Sun, 28 Aug 2022 21:19:23 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEGqDHjOuzNjlvNNtZ7iVa-c&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
317
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 855B
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=11
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=ZjE0YmNjYjZjMGJmYWVjZDQwNzI0ZjVjOTNlM2UyNWQ=&gdpr=0&gdpr_consent=
170 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=ZjE0YmNjYjZjMGJmYWVjZDQwNzI0ZjVjOTNlM2UyNWQ=&gdpr=0&gdpr_consent=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNCgQRCLx0IYisqtcTAB&v=APEucNW3uLoT-UHRU3p5gj5W4nSFvvwxATWWmhWG7rsvToDf1XbGtSayI_VXJANIQfobDT9qahN0G0qG-XX_4WJSoicxvrdGKw
Protocol
H3
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Aug 2022 21:19:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 28 Aug 2022 21:19:23 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=ZjE0YmNjYjZjMGJmYWVjZDQwNzI0ZjVjOTNlM2UyNWQ=&gdpr=0&gdpr_consent=
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1661721563832020-10
Expires
Sun, 28 Aug 2022 21:19:23 GMT
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 3E07 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lu-pei-pian-tai-ren-ai-bai-bai-zou-chun-xiang-fang-chang-jia.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f149.1e100.net
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1658cca735c76dfbd679764915247b41.safeframe.googlesyndication.com/
Origin
https://1658cca735c76dfbd679764915247b41.safeframe.googlesyndication.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 16:52:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
15988
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 29 Aug 2022 16:52:55 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220822/r20110914/elements/html/ Frame 3E07 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220822/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Agg1mXwiEZkO3PUPO1RMmR7F5DRimjXY-QDXE8WEpjv6VK5taP9cPC4lirpX7yJxfq21IKkPvybGfggdiiXuqu3Tp6AA&cry=1&dbm_d=AKAmf-ACI52tQZXLt_9KKt9710EewdcnvEIXKEH7LppbvxgS2I-zu2LsSNYF0PUUHgYOJOn47gLpP1y0s_jGxMMwhlaJfdVRPWM8xmdB3CMEWhgfekFiOREyBxqqrY3snDAGLUusAKpdadx3V_qQQYIWal8xG6_gItp_SFUSfLm6u08sf5ak0F4d5z_SZX53u6iSpjg09BNUx4-ZfogS67X3tNYukf2wCMJgIIAmjYaR9cmPPQ7Tsxvww4RB9ajche1oUuvgxdB9zEcyUu8xsNW75wkiK72WlzLGofYSElad8-gMivi-ta63CCKDg2sAeCQ-oYucc-oloTO_89QaRu3JhuY-WYixY55P5q6R7USG8ttaNdTCsKd6F8cBrVUMZ7Am_OT4ZKWFbCkdN81YNGSK0fZTh3hda2_xhTBRSl6Z-FHMajwAZM5-HwP5bk7RCLRnAZ9XWZfBVHB39ayKey2xVYTsvGzcuZYW_xnGpbCAZWTxGcSd2tBd9qQuAF3O64AzX_pI4WyIMnF6Z9lcjxKIP2t6K_i6GFWc-JeHwkspPK9vtP8vkbkDBKB3oxVYOyNy27-UTprDSRBIuvCEtF31WJPQIrorWaDjaf5Gaa-VuR5vTx7SVHZlVSko7GI9e1uKnM3bMeu8uwDQN8rFw6_ArkP9_fS16iCFceoXkxfJ6X63AfTKFPV_V-aTic3H9K_6yyOIbl0bdGfrYMZsEyfOiSu6LSSITFTn7oujepRS7IH3mgNR8MB3g6cDBpU9nnuvxMrLw8_qDGAcY7NfSH7H9t9rAadErvSnbCIehwXuKMpI-LoE8DesWmGsZwKNAkIsVnROR8epP0PIQleh9iWky9KlgyhR7VuOauCCss7Qc6YMnz4RqFQ_Nb7EZ1BULyoGz2h0Q3_sCcF0X9XCShOh6NyN_S2iUX0VNNROzZ9oJXEm9VvxHnNehNJHbriPp_b-y62UNbR91zKjmSFpayZs2VuuAkIgRprFe3xNZGZFnoZ9MaOHUPbMf2Fp2phMNVF1_tjTclsrNDarkLNAMslsDVAWvwWYWn5mvbj6nXPWhwUqJr98U0kGJKmqnnDdDNhqZtQ36fOOyjF0oBu_GnJubbt8LQQ89SgrYlRT6vGFBJX8MnL9lwcgltvWbGhsLnBbViNCb9al_xcaEsj357TM59P8yhaJKRziSu5MIrdgNcKmAR9WfK9zcGfJMdUEMftIlbwJyPc2wgkq1SsASW---5rBwwmYasLweEwfjcCgJFcRWcPROQdgGggfS6VWn5Bi5HvDE8dw30xSuZ64jJ48T6bMsGd0sfQWPM8jdzvY55MYlMPq6mfFIO53iAb_MmvIA05Vz8E4MNbBxY-spr_a5yZ5PcpJA6q7GujkyV8ncQg0KdZMTic9FrFgt0vIp2FIW2L9_nzYyJV-C53CzGItIEG_DLBaOTiBrw3lCxpLheOr7-5TRHceQ2lb9cpu0CpRR2D0nL5P5bpyu02C6K93iALe8G-46TT52zW6eYeuXsl9MlkJHIkVwzmewq8u-75uwCwe1Fq_HWXvNf23O_D6h1jzfJu_jpcKe2u3zn9hgk05nB57toeyQPW8yTBjlqYH-uhGniwOVQ8EiMUY1TzHS_-XjH4MrmeOwVF1lxdebSIfLmQOB99Xmteentre5b2wr7n7qnIy_hAv67YH48-2lcNAZ45bJxQu--ZxbGESGk01gxyaPJbRKzYytd3MhlSl4BoN6CRnwx6D8g97PUXchXa-3LwZoNfQIYo0oL_Ucb9ycdWjelTj008QXCX4HZo6eFOSRctTgI5QJpKl4uBB2wIj22dkg-bnvQMVhyw_73XY-ltL0Xucr7TZTHhFXi4RnqOXzH9tvmxE2d1Zirkgl0QdxmAxq6i9dtdLUcOsUxxrniHh9htmeFjIY3DXfx4mLg0LrjE6vs76cejQddo6seeivT2AgKA74d-zmbY8LE2zePaiF1D3GQ_6Tlty5aN2JTs2mDAuvErs0VkZP_ARLNeIAfwamILHacWrd7kJY8I4rxqN7zFAuy6nRYdDDdSOy7OA5k1Y5A0gN78uJhpzww91P3WK380lBKzHSN9kQLcQf1KTCnuZoOWY1f5tMvyV31g6UGmK9tT1cmvhsKZVgM_pWNp3al6hnyFjm0vWbdpv7vDTwQfBIAkqxUFCTyBPVxPrlM1jj_Juk1Q6F9HEILF1hvepfAKV_0M4nc8cJ1pPBd5pknoAVqQkCPoccWfn2tdez0H2q3rQ0Qg5zJ2P0kWMVIBDqMvWaBblz2wqX6yiAjtojNZRENJp1_MEkp1hP3mFg1b7Sph0DBob76W17u9p2Asgm_Cj7FtxdmvgnxE0MX30UmKxyOxQ80xA_EQCFvjZKdsWgvchfP62MKbScektHE6jVtD_uTniIOGc0mln5hanh0fQtN76yl4nnpiytj4fJXLAz6G0NlxQvoami4hXxsxDrDRxh6qDF7sYoBvLPGZYC5_FH8Nj573gsfFGGlbQOMhyONt4WR4HnIe44fgYNB_Wk190zDTsodD7wbw62EfgC-6bi8OP0_oYHvxJm2g7uaNO9VSwylQVY4faNb3P2xzeo2jGhCjNcrJand8wWdN9G37oNbhU4DMSluPAta14vZmwoTKnEnsQb-B_uoGoHk2CCgU-icOuPp2StTeWekdwwuE90hFpS9gho8h5ejvZXsrc4xXTDZADOji9cttkI4eIZxt-MmHY60mSQm67Z2y014s66WikpZFimGpF6wVmPlH6kjkVWsZObELPwreRlEkJglejrpawbPxmex5fhuPAR8M6y5oaWtCMiUbxzyrmaIYEaJIskcP48aQVucQk6FIZgTouArMklgH_aLSThL0zZY5WTaOQUFYRUUA0vDOn9FpKPQ9tbdvEP9p7rsuJ2tlIJt2ZnaLHQewZIomdm5J42gAHJ7KDT4lZjUavRjErOJwSUHC9tx-TwVOcpwX8iRhtMDk2FW_g9eioZr58UVS80CnJ9hhsL_ZdIHwpGo9Ntxh4EWBDGC38JgBFcNaU0LJniuOkwEbsfZg8-ZBjOXAoJmYYDSEK-dSIMllnlE9zKucKqvmeiVw_U0ZnIW2ANwhoSm8AE_8NtBXz0PlwmQEByrROq-8IGDOCk_vA252ep4C2bQCypCnvMKcER3_xAy86vKjggm9jdytG-M18nE4ytkG2jVnGJKSe3bGsIljdRzR0-aa4qnfxWQnCcfDOVQJrUQ&cid=CAASJORodyFabnU5M-vMKFc8a3aYSnA9rRAle823Xcgiy3cuy5mDVw&rfl=1%2Chttps%253A%252F%252Fwww.bg3.co%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
cafe /
Resource Hash
c9499ea51a2956fd2c1600591ae117fe9ad81065d625b1b2c593c7720e5b228f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://1658cca735c76dfbd679764915247b41.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 20:01:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4669
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3181
x-xss-protection
0
server
cafe
etag
18418590997839133011
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 11 Sep 2022 20:01:34 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220822/r20110914/ Frame 3E07 		30 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220822/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Agg1mXwiEZkO3PUPO1RMmR7F5DRimjXY-QDXE8WEpjv6VK5taP9cPC4lirpX7yJxfq21IKkPvybGfggdiiXuqu3Tp6AA&cry=1&dbm_d=AKAmf-ACI52tQZXLt_9KKt9710EewdcnvEIXKEH7LppbvxgS2I-zu2LsSNYF0PUUHgYOJOn47gLpP1y0s_jGxMMwhlaJfdVRPWM8xmdB3CMEWhgfekFiOREyBxqqrY3snDAGLUusAKpdadx3V_qQQYIWal8xG6_gItp_SFUSfLm6u08sf5ak0F4d5z_SZX53u6iSpjg09BNUx4-ZfogS67X3tNYukf2wCMJgIIAmjYaR9cmPPQ7Tsxvww4RB9ajche1oUuvgxdB9zEcyUu8xsNW75wkiK72WlzLGofYSElad8-gMivi-ta63CCKDg2sAeCQ-oYucc-oloTO_89QaRu3JhuY-WYixY55P5q6R7USG8ttaNdTCsKd6F8cBrVUMZ7Am_OT4ZKWFbCkdN81YNGSK0fZTh3hda2_xhTBRSl6Z-FHMajwAZM5-HwP5bk7RCLRnAZ9XWZfBVHB39ayKey2xVYTsvGzcuZYW_xnGpbCAZWTxGcSd2tBd9qQuAF3O64AzX_pI4WyIMnF6Z9lcjxKIP2t6K_i6GFWc-JeHwkspPK9vtP8vkbkDBKB3oxVYOyNy27-UTprDSRBIuvCEtF31WJPQIrorWaDjaf5Gaa-VuR5vTx7SVHZlVSko7GI9e1uKnM3bMeu8uwDQN8rFw6_ArkP9_fS16iCFceoXkxfJ6X63AfTKFPV_V-aTic3H9K_6yyOIbl0bdGfrYMZsEyfOiSu6LSSITFTn7oujepRS7IH3mgNR8MB3g6cDBpU9nnuvxMrLw8_qDGAcY7NfSH7H9t9rAadErvSnbCIehwXuKMpI-LoE8DesWmGsZwKNAkIsVnROR8epP0PIQleh9iWky9KlgyhR7VuOauCCss7Qc6YMnz4RqFQ_Nb7EZ1BULyoGz2h0Q3_sCcF0X9XCShOh6NyN_S2iUX0VNNROzZ9oJXEm9VvxHnNehNJHbriPp_b-y62UNbR91zKjmSFpayZs2VuuAkIgRprFe3xNZGZFnoZ9MaOHUPbMf2Fp2phMNVF1_tjTclsrNDarkLNAMslsDVAWvwWYWn5mvbj6nXPWhwUqJr98U0kGJKmqnnDdDNhqZtQ36fOOyjF0oBu_GnJubbt8LQQ89SgrYlRT6vGFBJX8MnL9lwcgltvWbGhsLnBbViNCb9al_xcaEsj357TM59P8yhaJKRziSu5MIrdgNcKmAR9WfK9zcGfJMdUEMftIlbwJyPc2wgkq1SsASW---5rBwwmYasLweEwfjcCgJFcRWcPROQdgGggfS6VWn5Bi5HvDE8dw30xSuZ64jJ48T6bMsGd0sfQWPM8jdzvY55MYlMPq6mfFIO53iAb_MmvIA05Vz8E4MNbBxY-spr_a5yZ5PcpJA6q7GujkyV8ncQg0KdZMTic9FrFgt0vIp2FIW2L9_nzYyJV-C53CzGItIEG_DLBaOTiBrw3lCxpLheOr7-5TRHceQ2lb9cpu0CpRR2D0nL5P5bpyu02C6K93iALe8G-46TT52zW6eYeuXsl9MlkJHIkVwzmewq8u-75uwCwe1Fq_HWXvNf23O_D6h1jzfJu_jpcKe2u3zn9hgk05nB57toeyQPW8yTBjlqYH-uhGniwOVQ8EiMUY1TzHS_-XjH4MrmeOwVF1lxdebSIfLmQOB99Xmteentre5b2wr7n7qnIy_hAv67YH48-2lcNAZ45bJxQu--ZxbGESGk01gxyaPJbRKzYytd3MhlSl4BoN6CRnwx6D8g97PUXchXa-3LwZoNfQIYo0oL_Ucb9ycdWjelTj008QXCX4HZo6eFOSRctTgI5QJpKl4uBB2wIj22dkg-bnvQMVhyw_73XY-ltL0Xucr7TZTHhFXi4RnqOXzH9tvmxE2d1Zirkgl0QdxmAxq6i9dtdLUcOsUxxrniHh9htmeFjIY3DXfx4mLg0LrjE6vs76cejQddo6seeivT2AgKA74d-zmbY8LE2zePaiF1D3GQ_6Tlty5aN2JTs2mDAuvErs0VkZP_ARLNeIAfwamILHacWrd7kJY8I4rxqN7zFAuy6nRYdDDdSOy7OA5k1Y5A0gN78uJhpzww91P3WK380lBKzHSN9kQLcQf1KTCnuZoOWY1f5tMvyV31g6UGmK9tT1cmvhsKZVgM_pWNp3al6hnyFjm0vWbdpv7vDTwQfBIAkqxUFCTyBPVxPrlM1jj_Juk1Q6F9HEILF1hvepfAKV_0M4nc8cJ1pPBd5pknoAVqQkCPoccWfn2tdez0H2q3rQ0Qg5zJ2P0kWMVIBDqMvWaBblz2wqX6yiAjtojNZRENJp1_MEkp1hP3mFg1b7Sph0DBob76W17u9p2Asgm_Cj7FtxdmvgnxE0MX30UmKxyOxQ80xA_EQCFvjZKdsWgvchfP62MKbScektHE6jVtD_uTniIOGc0mln5hanh0fQtN76yl4nnpiytj4fJXLAz6G0NlxQvoami4hXxsxDrDRxh6qDF7sYoBvLPGZYC5_FH8Nj573gsfFGGlbQOMhyONt4WR4HnIe44fgYNB_Wk190zDTsodD7wbw62EfgC-6bi8OP0_oYHvxJm2g7uaNO9VSwylQVY4faNb3P2xzeo2jGhCjNcrJand8wWdN9G37oNbhU4DMSluPAta14vZmwoTKnEnsQb-B_uoGoHk2CCgU-icOuPp2StTeWekdwwuE90hFpS9gho8h5ejvZXsrc4xXTDZADOji9cttkI4eIZxt-MmHY60mSQm67Z2y014s66WikpZFimGpF6wVmPlH6kjkVWsZObELPwreRlEkJglejrpawbPxmex5fhuPAR8M6y5oaWtCMiUbxzyrmaIYEaJIskcP48aQVucQk6FIZgTouArMklgH_aLSThL0zZY5WTaOQUFYRUUA0vDOn9FpKPQ9tbdvEP9p7rsuJ2tlIJt2ZnaLHQewZIomdm5J42gAHJ7KDT4lZjUavRjErOJwSUHC9tx-TwVOcpwX8iRhtMDk2FW_g9eioZr58UVS80CnJ9hhsL_ZdIHwpGo9Ntxh4EWBDGC38JgBFcNaU0LJniuOkwEbsfZg8-ZBjOXAoJmYYDSEK-dSIMllnlE9zKucKqvmeiVw_U0ZnIW2ANwhoSm8AE_8NtBXz0PlwmQEByrROq-8IGDOCk_vA252ep4C2bQCypCnvMKcER3_xAy86vKjggm9jdytG-M18nE4ytkG2jVnGJKSe3bGsIljdRzR0-aa4qnfxWQnCcfDOVQJrUQ&cid=CAASJORodyFabnU5M-vMKFc8a3aYSnA9rRAle823Xcgiy3cuy5mDVw&rfl=1%2Chttps%253A%252F%252Fwww.bg3.co%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
cafe /
Resource Hash
c0d0b5ecf5aa2cd5475929aefcb44d67c5d5cc8cbcdb3991e45f0944f0344619
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://1658cca735c76dfbd679764915247b41.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 20:37:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2488
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11819
x-xss-protection
0
server
cafe
etag
10563440404697844360
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 11 Sep 2022 20:37:55 GMT
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 49A3 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lu-pei-pian-tai-ren-ai-bai-bai-zou-chun-xiang-fang-chang-jia.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f149.1e100.net
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1658cca735c76dfbd679764915247b41.safeframe.googlesyndication.com/
Origin
https://1658cca735c76dfbd679764915247b41.safeframe.googlesyndication.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 16:52:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
15988
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 29 Aug 2022 16:52:55 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220822/r20110914/elements/html/ Frame 49A3 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220822/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D4KSE21HuL-J0NrSvRY-vgmdGw8qolBVyFmIIeJ8s6P117WJWmsvwVhWua2ER9h4k9PnfSAEoJOyV9BBdY29zTYBAlhQ&cry=1&dbm_d=AKAmf-DVz7QQOE5JiTyDn-iA2jmckdWY74MGel8ETrWvfhsOT4Gg2Q0scUGc8KQfRKmMB6ByzDFUxpDPeXLvNenCEpXIhiN8bVUGumKdHjwCJeVqofj8HOgCHdZH5gFjrQDc_n9Se-5xPlRPgAI8BF3hYA7YY5rb3qWNFGX3W_IHVRgGuc4yZAVWzpI7Us5VMCzRmgA8fxVxitYisW3ZhjK3_GYmxMdP8JrYjAfjGST41MfYU0DaLTDDnqCrrF7x70_W_NSZTYxAebkwFKH32vT0zh1Xhr_Mqzu_GvtT95TGF_lbEUnyLMds1WE-by-FUaSdeMsEsTB8_J5WUCFN7XRd_91X3Ck06kjLIDklJrWvJMTooWZHvVKoTlClScVSbiApgjkrU-UVKe3AXF626YJ_DnDNlsmXwG9smEjbH9yzgWGWwJcsbj7Q3ASlJLHksxmjdtX-vKW7k71M9ZSS49Nrm9D_oDmLHFZJ58adoVIBB6d7ufC844u450eJgvlplk9BXoo-P9Ajo51JMMu6x_qUtrrVoJUGkcrce_YK3U-voIirT4e1SHla_OevK7SENf31fkNY3FeT1rHMFoUEn6Y142CNV3okeIyMVfUr7gm2Y-cGpH7SW6f17nC1bk6mFQOKCJUs8QuqS9jT7NPkq6-6JgpXxVobJTJSU1ooZwJSrgxsqUc4033CtQXtWfgMjPlCMoTxu_yM-4Z6jzdBClHkuBsJIY9V07ZNLbcKmGipkuek8_UfDBaTd0f6b8meO-LF1xU3-IR3iQBw-iLDRAPbdZOAI0xYEfvQpJuatuPKxSDdZg06hY8I7Zb6NPsVvImW2SWOnijq1PR0-Oo8b3_C4FLHnIOWUsApQyTZ7pEyQANxK_seJYMFsDr_anu-oc6Ws8Ihq7Glt02KqHZn8MIaiNQWO9Y2SYMNqptQnZBUGMxhOrz_FimPRw3mJKkkKgIskKEV8StCHuoxSHGAIgy08HmhpRJcZ5PitqrpMfK3Zng1vMmdW2jAc5TW3mRCAPwYQtUEdJaDClQPbsJE1uLCbiLuXL81qTrR0xr-HwSyqizYyRtgILOC1UTE56t3YE_dRMC0Lt2alrzPZ8Xve92KiTvb0ncRnAP1wjg44Vv4ZRuV9w5pA2aIFgrW5YPJYwYQbx0qHqA40jEXs0AVlMD-xbDAVRB7y-XST_n-rwoS_naW7bB_-RUWEv3kkfA7xFOLw1TddzwJgbRmJHkTspEjJtDW9vhYqhiWOHSaWpm3knl4UN7Icci2Ekgjc2DhEMd7yf5_vjHvZKkJUO08BE6XP6xu9ywpk3Ble3fDJHWs3m9IKV9krc_GFtiT39mrxrG7e8SpT_NZuTEwPl01aldg0BWwzDYjLXDcsyLXR1r2uJWbe65KLjXL9BLFFNfAWwjfQMTJ87jUNtN_ETxAuO9k95mNXAxS2CUO08ra2NsW7fuU9PTJV5VPxOMFWU5-zpGzJpinxaWGUqkwmlJpZ496RnKvNMd_Uq0mflyizBj4dk018C8K5p-0OOzdHqtP01QYEq_8-r2UpBXkrXqElNqC7JKAbnbyWP6aRzXeqlGTgyKd1W0xZCU43cXKOpMVnMiiRxyzyNaEwmNJtohZMa1Ubp2DBMdq2aAqBxHO5q9EUD2i_DtCbXBlyKbg6hsPeAz7PbFFvO7HDzijnEWzqCb-a3TzVFQoICNuGcYVITPbN-VdW6AXSY4THwwcDKgXzeI_xseDa0mgCxkea-ljh90sUonDLypMo5-DTo7691Uqq7SMAYFEip0trUsch4GrTv-7CGa93XBAXL3OhyLpx5ID9ncRG7RK2Hyi437NwNkSwzffjQfBmm5UKs22yr-XZ5gpsW9-Jtl901KTdWYgxIK_BjeMQIEfp2wLz2Elnq6j-Ic0Q1R9II7qOoE_G9Sp-AiiKP39ASWPhOdT6XfyVxP81qnN5CikXu-OXKAlD-8HA4V5KzFv4bCAJH1YO9HUw7Tc6kBwb0xTDycavtudZ9JsbfVDXizx9g9fcIhI0hU2FSS34X-NQag4NwhOE8QkzYhvXbmdFxHp_wIbGPAuCB1v7DJehCt8D-obLp1YeLUEGHT7Gzn28FT_JYQ4Cnun2BZ7IV9VJl_fuvKyt3OjB5SL3xIISUpN1VzaIsns138MvlT1vyLohqWfMniVJxgTSIKWGzmjfALBrKERTLHL47s8uGKCTyuYOyHyCEKeQfsVBsWKr_oJ9-cZqm5-GMkJ6sWmtmWGYWD2NAixJrEU0joN269EOAmxzTLeX20c0JELA7BGQuPI5pcvqVG6Zc5CaYIMRm3v0VbDb7kGw1L8yGCJHqMOB67CTk9R-mNfyrA-k9ma1FXq3PubxCoPDDgjTqu9ffyemogeKv0VtpxxdRX8K8fvfKwx8ngESS3SRdpmWqFzziBGUt3qLrL1p5dHDfla_7utQfaf_nJxOSXb_elVvpVmBpqgSqWibvY1x5ndU19iw33-L79zZDp9rNUVqV1-Mms2xMTQU6pWCH28CNKYTREGbVj2yIP1RFXHCpHxhBsdyi-q07QoE8njp-eb4rhvyO3kMOPIj_lKv4tpEhgrsdD-rEU9mGUZSXUId413iNDVk7BIpDdoCmGPcHEL-KpbRgP_UrMNMEpBMEWJLkA0jv8LktYgfgmQexXbwjxyF0y34a-xoTKflHVqxWFt_NQz84pGfO58Np4Y7jCq2EQ53SoxxCJgDPi2KFOJzxc9ZhKv1uLt_ePENvwrsnaAWq-uRiOl1040mui-oDym7zFzB0NAC7IDYa65SAOlRQieGSNZhtjiZL3BajDY882ahn2RJvLhlL-JTQERA9rNltZa8d8nhVz1YIGoBZwCN-TmIwLw6BLNcCZgJl19bUm53DLRKEhxdLk-bii07u-oyLanjX3ZXI8PP196F7MEhDemUXSwc2h6VOD0P1V8UStKoKizDu5Cl1cZtWMnMlt-xamE5LEr8KrYMnB5VcAw5Rv5NoCUpal4M2siGAwNzV_j-fuF2g4DidzAN8YNS3y0wPQuCtxK9ugdo6CdsA86K18Ri9kvdFmsidQbleyXnIkWGo6Fes4n_QwO1_WlaBHpaphvHlhye7Et6w5ot1I3BDIuISicIBhLCWunoAvDCrTUEZFMNQ1FsFt_Cohl60D4aZ5SIyCe5q6VSRFr3HsGJc-q5bRZXVgH3uWPiWLI1FFt1BrfXrGq9avCm0zwFqL1tlV5EVC0cVVbMQ&cid=CAASJORowo78beLJNivx0mPfnCSVszv3lxoJ4FElidKDP73c94FZUQ&rfl=1%2Chttps%253A%252F%252Fwww.bg3.co%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
cafe /
Resource Hash
c9499ea51a2956fd2c1600591ae117fe9ad81065d625b1b2c593c7720e5b228f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://1658cca735c76dfbd679764915247b41.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 20:01:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4669
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3181
x-xss-protection
0
server
cafe
etag
18418590997839133011
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 11 Sep 2022 20:01:34 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220822/r20110914/ Frame 49A3 		30 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220822/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D4KSE21HuL-J0NrSvRY-vgmdGw8qolBVyFmIIeJ8s6P117WJWmsvwVhWua2ER9h4k9PnfSAEoJOyV9BBdY29zTYBAlhQ&cry=1&dbm_d=AKAmf-DVz7QQOE5JiTyDn-iA2jmckdWY74MGel8ETrWvfhsOT4Gg2Q0scUGc8KQfRKmMB6ByzDFUxpDPeXLvNenCEpXIhiN8bVUGumKdHjwCJeVqofj8HOgCHdZH5gFjrQDc_n9Se-5xPlRPgAI8BF3hYA7YY5rb3qWNFGX3W_IHVRgGuc4yZAVWzpI7Us5VMCzRmgA8fxVxitYisW3ZhjK3_GYmxMdP8JrYjAfjGST41MfYU0DaLTDDnqCrrF7x70_W_NSZTYxAebkwFKH32vT0zh1Xhr_Mqzu_GvtT95TGF_lbEUnyLMds1WE-by-FUaSdeMsEsTB8_J5WUCFN7XRd_91X3Ck06kjLIDklJrWvJMTooWZHvVKoTlClScVSbiApgjkrU-UVKe3AXF626YJ_DnDNlsmXwG9smEjbH9yzgWGWwJcsbj7Q3ASlJLHksxmjdtX-vKW7k71M9ZSS49Nrm9D_oDmLHFZJ58adoVIBB6d7ufC844u450eJgvlplk9BXoo-P9Ajo51JMMu6x_qUtrrVoJUGkcrce_YK3U-voIirT4e1SHla_OevK7SENf31fkNY3FeT1rHMFoUEn6Y142CNV3okeIyMVfUr7gm2Y-cGpH7SW6f17nC1bk6mFQOKCJUs8QuqS9jT7NPkq6-6JgpXxVobJTJSU1ooZwJSrgxsqUc4033CtQXtWfgMjPlCMoTxu_yM-4Z6jzdBClHkuBsJIY9V07ZNLbcKmGipkuek8_UfDBaTd0f6b8meO-LF1xU3-IR3iQBw-iLDRAPbdZOAI0xYEfvQpJuatuPKxSDdZg06hY8I7Zb6NPsVvImW2SWOnijq1PR0-Oo8b3_C4FLHnIOWUsApQyTZ7pEyQANxK_seJYMFsDr_anu-oc6Ws8Ihq7Glt02KqHZn8MIaiNQWO9Y2SYMNqptQnZBUGMxhOrz_FimPRw3mJKkkKgIskKEV8StCHuoxSHGAIgy08HmhpRJcZ5PitqrpMfK3Zng1vMmdW2jAc5TW3mRCAPwYQtUEdJaDClQPbsJE1uLCbiLuXL81qTrR0xr-HwSyqizYyRtgILOC1UTE56t3YE_dRMC0Lt2alrzPZ8Xve92KiTvb0ncRnAP1wjg44Vv4ZRuV9w5pA2aIFgrW5YPJYwYQbx0qHqA40jEXs0AVlMD-xbDAVRB7y-XST_n-rwoS_naW7bB_-RUWEv3kkfA7xFOLw1TddzwJgbRmJHkTspEjJtDW9vhYqhiWOHSaWpm3knl4UN7Icci2Ekgjc2DhEMd7yf5_vjHvZKkJUO08BE6XP6xu9ywpk3Ble3fDJHWs3m9IKV9krc_GFtiT39mrxrG7e8SpT_NZuTEwPl01aldg0BWwzDYjLXDcsyLXR1r2uJWbe65KLjXL9BLFFNfAWwjfQMTJ87jUNtN_ETxAuO9k95mNXAxS2CUO08ra2NsW7fuU9PTJV5VPxOMFWU5-zpGzJpinxaWGUqkwmlJpZ496RnKvNMd_Uq0mflyizBj4dk018C8K5p-0OOzdHqtP01QYEq_8-r2UpBXkrXqElNqC7JKAbnbyWP6aRzXeqlGTgyKd1W0xZCU43cXKOpMVnMiiRxyzyNaEwmNJtohZMa1Ubp2DBMdq2aAqBxHO5q9EUD2i_DtCbXBlyKbg6hsPeAz7PbFFvO7HDzijnEWzqCb-a3TzVFQoICNuGcYVITPbN-VdW6AXSY4THwwcDKgXzeI_xseDa0mgCxkea-ljh90sUonDLypMo5-DTo7691Uqq7SMAYFEip0trUsch4GrTv-7CGa93XBAXL3OhyLpx5ID9ncRG7RK2Hyi437NwNkSwzffjQfBmm5UKs22yr-XZ5gpsW9-Jtl901KTdWYgxIK_BjeMQIEfp2wLz2Elnq6j-Ic0Q1R9II7qOoE_G9Sp-AiiKP39ASWPhOdT6XfyVxP81qnN5CikXu-OXKAlD-8HA4V5KzFv4bCAJH1YO9HUw7Tc6kBwb0xTDycavtudZ9JsbfVDXizx9g9fcIhI0hU2FSS34X-NQag4NwhOE8QkzYhvXbmdFxHp_wIbGPAuCB1v7DJehCt8D-obLp1YeLUEGHT7Gzn28FT_JYQ4Cnun2BZ7IV9VJl_fuvKyt3OjB5SL3xIISUpN1VzaIsns138MvlT1vyLohqWfMniVJxgTSIKWGzmjfALBrKERTLHL47s8uGKCTyuYOyHyCEKeQfsVBsWKr_oJ9-cZqm5-GMkJ6sWmtmWGYWD2NAixJrEU0joN269EOAmxzTLeX20c0JELA7BGQuPI5pcvqVG6Zc5CaYIMRm3v0VbDb7kGw1L8yGCJHqMOB67CTk9R-mNfyrA-k9ma1FXq3PubxCoPDDgjTqu9ffyemogeKv0VtpxxdRX8K8fvfKwx8ngESS3SRdpmWqFzziBGUt3qLrL1p5dHDfla_7utQfaf_nJxOSXb_elVvpVmBpqgSqWibvY1x5ndU19iw33-L79zZDp9rNUVqV1-Mms2xMTQU6pWCH28CNKYTREGbVj2yIP1RFXHCpHxhBsdyi-q07QoE8njp-eb4rhvyO3kMOPIj_lKv4tpEhgrsdD-rEU9mGUZSXUId413iNDVk7BIpDdoCmGPcHEL-KpbRgP_UrMNMEpBMEWJLkA0jv8LktYgfgmQexXbwjxyF0y34a-xoTKflHVqxWFt_NQz84pGfO58Np4Y7jCq2EQ53SoxxCJgDPi2KFOJzxc9ZhKv1uLt_ePENvwrsnaAWq-uRiOl1040mui-oDym7zFzB0NAC7IDYa65SAOlRQieGSNZhtjiZL3BajDY882ahn2RJvLhlL-JTQERA9rNltZa8d8nhVz1YIGoBZwCN-TmIwLw6BLNcCZgJl19bUm53DLRKEhxdLk-bii07u-oyLanjX3ZXI8PP196F7MEhDemUXSwc2h6VOD0P1V8UStKoKizDu5Cl1cZtWMnMlt-xamE5LEr8KrYMnB5VcAw5Rv5NoCUpal4M2siGAwNzV_j-fuF2g4DidzAN8YNS3y0wPQuCtxK9ugdo6CdsA86K18Ri9kvdFmsidQbleyXnIkWGo6Fes4n_QwO1_WlaBHpaphvHlhye7Et6w5ot1I3BDIuISicIBhLCWunoAvDCrTUEZFMNQ1FsFt_Cohl60D4aZ5SIyCe5q6VSRFr3HsGJc-q5bRZXVgH3uWPiWLI1FFt1BrfXrGq9avCm0zwFqL1tlV5EVC0cVVbMQ&cid=CAASJORowo78beLJNivx0mPfnCSVszv3lxoJ4FElidKDP73c94FZUQ&rfl=1%2Chttps%253A%252F%252Fwww.bg3.co%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
cafe /
Resource Hash
c0d0b5ecf5aa2cd5475929aefcb44d67c5d5cc8cbcdb3991e45f0944f0344619
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://1658cca735c76dfbd679764915247b41.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 20:37:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2488
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11819
x-xss-protection
0
server
cafe
etag
10563440404697844360
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 11 Sep 2022 20:37:55 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 3E07 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 1658cca735c76dfbd679764915247b41.safeframe.googlesyndication.com
URL: https://1658cca735c76dfbd679764915247b41.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://1658cca735c76dfbd679764915247b41.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 20:09:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
263392
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 25 Aug 2023 20:09:31 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 3F98 		1 KB
755 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 1658cca735c76dfbd679764915247b41.safeframe.googlesyndication.com
URL: https://1658cca735c76dfbd679764915247b41.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1658cca735c76dfbd679764915247b41.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
11847
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 28 Aug 2022 18:01:56 GMT
etag
48472445140208031
expires
Mon, 29 Aug 2022 18:01:56 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 3E07 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3766c12d01684796a9e19d102a9697d212c63a61f756a16b4b14e93705847443

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 49A3 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 1658cca735c76dfbd679764915247b41.safeframe.googlesyndication.com
URL: https://1658cca735c76dfbd679764915247b41.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://1658cca735c76dfbd679764915247b41.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 20:09:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
263392
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 25 Aug 2023 20:09:31 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 3DB8 		1 KB
755 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 1658cca735c76dfbd679764915247b41.safeframe.googlesyndication.com
URL: https://1658cca735c76dfbd679764915247b41.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1658cca735c76dfbd679764915247b41.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
11847
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 28 Aug 2022 18:01:56 GMT
etag
48472445140208031
expires
Mon, 29 Aug 2022 18:01:56 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 49A3 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c448f62438d6bcb5cf41b244bb9064705171680c836d8e0dbbe4ccdd965d76a9

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 3F98
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESELikDWBIPjAh28opMmxhJiU&google_cver=1&google_push=AehlK4CrKAcUyB25SuHr6VNuLGgqU3vjAnmsmjerPf_JDMfIRoZ_7WDuVm_63BZ2hhBPup1LPyfjuNPSBug9ALc6wL9zcXN9FOwGP...
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzM2OTE1NTYzNDQ5ODc3MDY5Mg==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESELikDWBIPjAh28opMmxhJiU&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESELikDWBIPjAh28opMmxhJiU&google_cver=1
Requested by
Host: 1658cca735c76dfbd679764915247b41.safeframe.googlesyndication.com
URL: https://1658cca735c76dfbd679764915247b41.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
50.116.239.135 , United States, ASN6336 (TURN-US-ASN, US),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Aug 2022 21:19:24 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type
image/gif
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Sun, 28 Aug 2022 21:19:24 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESELikDWBIPjAh28opMmxhJiU&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
i.match
a.tribalfusion.com/ Frame 3F98 		43 B
682 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.tribalfusion.com/i.match?p=b6&u=CAESEJqiImm9F3PpZudHcOTfxyg&google_cver=1&google_push=AehlK4DuWv8Ec2RjqQQRuxTBO-ekQGm7NL6HoDOAQgpgGsBLqV3AgiT1mH6gEuAcRmJNehICnz2iz2Nkycak_ieE4tulVflRxV-Oxu8wm_ZGWROcSJoxZDvFDyvo76h24rUoSXpdHRLUWHOANSrNGZXba0A&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAehlK4DuWv8Ec2RjqQQRuxTBO-ekQGm7NL6HoDOAQgpgGsBLqV3AgiT1mH6gEuAcRmJNehICnz2iz2Nkycak_ieE4tulVflRxV-Oxu8wm_ZGWROcSJoxZDvFDyvo76h24rUoSXpdHRLUWHOANSrNGZXba0A%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: 1658cca735c76dfbd679764915247b41.safeframe.googlesyndication.com
URL: https://1658cca735c76dfbd679764915247b41.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.152.245 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Aug 2022 21:19:23 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
742015bd8bbb5ac8-MEL
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
content-type
image/gif; charset=utf-8
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 3F98
Redirect Chain
  • https://match.adsrvr.org/track/cmf/google?google_gid=CAESEILtUSC7m0--l17YtNrFBZk&google_cver=1&google_push=AehlK4ARA3FLHGA8xm89cYvWQVKMPd_-rUOo22RioiVH0q1b52yPrymosWkVz8mmTtkGOJiWy8bVoNsPdJTAUTranS...
  • https://match.adsrvr.org/track/cmb/google?google_gid=CAESEILtUSC7m0--l17YtNrFBZk&google_cver=1&google_push=AehlK4ARA3FLHGA8xm89cYvWQVKMPd_-rUOo22RioiVH0q1b52yPrymosWkVz8mmTtkGOJiWy8bVoNsPdJTAUTranS...
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=NmU2MmFhMDMtMTEwMC00NTU3LWE5YjAtN2M4MTYwYmFhYjQ0&google_push&gdpr=0&gdpr_consent=&ttd_tdid=6e62aa03-1100-4557-a9b0-7c8160baab44
170 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=NmU2MmFhMDMtMTEwMC00NTU3LWE5YjAtN2M4MTYwYmFhYjQ0&google_push&gdpr=0&gdpr_consent=&ttd_tdid=6e62aa03-1100-4557-a9b0-7c8160baab44
Requested by
Host: 1658cca735c76dfbd679764915247b41.safeframe.googlesyndication.com
URL: https://1658cca735c76dfbd679764915247b41.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Aug 2022 21:19:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 28 Aug 2022 21:19:23 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=NmU2MmFhMDMtMTEwMC00NTU3LWE5YjAtN2M4MTYwYmFhYjQ0&google_push&gdpr=0&gdpr_consent=&ttd_tdid=6e62aa03-1100-4557-a9b0-7c8160baab44
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
423
pixel
cm.g.doubleclick.net/ Frame 3F98
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEAGcUB1UFnDPzI0MAI0MfG4&google_cver=1&google_push=AehlK4BexsKOxsohF5WDRaeHsarBnDTbVwfFuGNo1MEuqegba2nofwkbpis_lYqLXFfDzli35hOdYGj7dFTgJuaMvM8s...
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEAGcUB1UFnDPzI0MAI0MfG4&google_cver=1&google_push=AehlK4BexsKOxsohF5WDRaeHsarBnDTbVwfFuGNo1MEuqegba2nofwkbpis_lYqLXFfDzli35hOdYGj7dFTgJu...
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_custom_parameter=f114f8fa-a65c-4aa6-ad4c-32818ddf1088
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_custom_parameter=f114f8fa-a65c-4aa6-ad4c-32818ddf1088
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=bd13a21d-2815-47ce-b65b-009cb57a9626&user_group=1&ssp=google&bsw_param=f114f8fa-a65c-4aa6-ad4c-32818ddf1088
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AehlK4BexsKOxsohF5WDRaeHsarBnDTbVwfFuGNo1MEuqegba2nofwkbpis_lYqLXFfDzli35hOdYGj7dFTgJuaMvM8s_A-mokOhmog7gwV-o3QYX7sSSb3_Vqtzod8hm9vk6b...
170 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AehlK4BexsKOxsohF5WDRaeHsarBnDTbVwfFuGNo1MEuqegba2nofwkbpis_lYqLXFfDzli35hOdYGj7dFTgJuaMvM8s_A-mokOhmog7gwV-o3QYX7sSSb3_Vqtzod8hm9vk6bEyMi9txBLbcnMA6yfma64&google_hm=8RT4-qZcSqatTDKBjd8QiA==
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lu-pei-pian-tai-ren-ai-bai-bai-zou-chun-xiang-fang-chang-jia.html
Protocol
H3
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Aug 2022 21:19:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AehlK4BexsKOxsohF5WDRaeHsarBnDTbVwfFuGNo1MEuqegba2nofwkbpis_lYqLXFfDzli35hOdYGj7dFTgJuaMvM8s_A-mokOhmog7gwV-o3QYX7sSSb3_Vqtzod8hm9vk6bEyMi9txBLbcnMA6yfma64&google_hm=8RT4-qZcSqatTDKBjd8QiA==
Date
Sun, 28 Aug 2022 21:19:26 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 3F98
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESELB_9UqT2cKxANXF4cQEA9E&google_cver=1&google_push=AehlK4BfczsCn4k7ojQRAmyhi9fwLAsRJMZ35pQTv3NWokhs48vP2Xmgz2t_TuOEO5vR14D2bXN_O0KqqBBk17fcrsCkqx_...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AehlK4BfczsCn4k7ojQRAmyhi9fwLAsRJMZ35pQTv3NWokhs48vP2Xmgz2t_TuOEO5vR14D2bXN_O0KqqBBk17fcrsCkqx_hQSZTD3HFxbWusVwXz5OuiAZP3sJTcqrmvMx1d...
170 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AehlK4BfczsCn4k7ojQRAmyhi9fwLAsRJMZ35pQTv3NWokhs48vP2Xmgz2t_TuOEO5vR14D2bXN_O0KqqBBk17fcrsCkqx_hQSZTD3HFxbWusVwXz5OuiAZP3sJTcqrmvMx1d81Q2lS4X19hUxljoWrU494&google_hm=NzQ2NjAwMTIyNzI1MjY4NTEwOA%3D%3D
Requested by
Host: 1658cca735c76dfbd679764915247b41.safeframe.googlesyndication.com
URL: https://1658cca735c76dfbd679764915247b41.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Aug 2022 21:19:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 28 Aug 2022 21:19:24 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AehlK4BfczsCn4k7ojQRAmyhi9fwLAsRJMZ35pQTv3NWokhs48vP2Xmgz2t_TuOEO5vR14D2bXN_O0KqqBBk17fcrsCkqx_hQSZTD3HFxbWusVwXz5OuiAZP3sJTcqrmvMx1d81Q2lS4X19hUxljoWrU494&google_hm=NzQ2NjAwMTIyNzI1MjY4NTEwOA%3D%3D
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
pixel
cm.g.doubleclick.net/ Frame 3F98
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEPTh3ix2N_HZ5Kn08oArDds&google_cver=1&google_push=AehlK4BOM2wp5yDiEcu0I9mnq_IqboMlMGC3m4CcVBTZwniwM3Sg3iNZk9zidDim1GoSkRSlqiHFBh0V...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODkwMDAyNjIyMDE2NDU2NjIwNw&google_push=AehlK4BOM2wp5yDiEcu0I9mnq_IqboMlMGC3m4CcVBTZwniwM3Sg3iNZk9zidDim1GoSkRSlqiHFBh...
170 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODkwMDAyNjIyMDE2NDU2NjIwNw&google_push=AehlK4BOM2wp5yDiEcu0I9mnq_IqboMlMGC3m4CcVBTZwniwM3Sg3iNZk9zidDim1GoSkRSlqiHFBh0Vp4eRu5Tj9SWL2CwH3ruwNnmYzwKFLw-kyEJ1nmviCruiDFVcXW_LtKt-n-A38mjx7ONE-fa34Fk
Requested by
Host: 1658cca735c76dfbd679764915247b41.safeframe.googlesyndication.com
URL: https://1658cca735c76dfbd679764915247b41.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Aug 2022 21:19:23 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 28 Aug 2022 21:19:23 GMT
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODkwMDAyNjIyMDE2NDU2NjIwNw&google_push=AehlK4BOM2wp5yDiEcu0I9mnq_IqboMlMGC3m4CcVBTZwniwM3Sg3iNZk9zidDim1GoSkRSlqiHFBh0Vp4eRu5Tj9SWL2CwH3ruwNnmYzwKFLw-kyEJ1nmviCruiDFVcXW_LtKt-n-A38mjx7ONE-fa34Fk
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame 3F98
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEKRP2Xpbi3e3yOe-5hJfkIE&google_cver=1&google_push=AehlK4BNeoQ8Gt_ocVmW8GMKdV3gWVCv0xSv9O2oL8gXdBRkm48xhP5y74UX75cxJnewWN_snCIc5v2Ry_n0y...
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AehlK4BNeoQ8Gt_ocVmW8GMKdV3gWVCv0xSv9O2oL8gXdBRkm48xhP5y74UX75cxJnewWN_snCIc5v2Ry_n0yTf9S5hi5oEDXKr0wUSn4HvrofRE2mquPXxA65k86A7AoJ5...
170 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AehlK4BNeoQ8Gt_ocVmW8GMKdV3gWVCv0xSv9O2oL8gXdBRkm48xhP5y74UX75cxJnewWN_snCIc5v2Ry_n0yTf9S5hi5oEDXKr0wUSn4HvrofRE2mquPXxA65k86A7AoJ5uBmk5eb70bOZXhxkfERl1sUM&google_hm=eFBBb0lzQ2duVWhjTjlHMzhzdnk=
Requested by
Host: 1658cca735c76dfbd679764915247b41.safeframe.googlesyndication.com
URL: https://1658cca735c76dfbd679764915247b41.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Aug 2022 21:19:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 28 Aug 2022 21:19:23 GMT
P3p
CP="We do not support P3P header."
Location
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AehlK4BNeoQ8Gt_ocVmW8GMKdV3gWVCv0xSv9O2oL8gXdBRkm48xhP5y74UX75cxJnewWN_snCIc5v2Ry_n0yTf9S5hi5oEDXKr0wUSn4HvrofRE2mquPXxA65k86A7AoJ5uBmk5eb70bOZXhxkfERl1sUM&google_hm=eFBBb0lzQ2duVWhjTjlHMzhzdnk=
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
291
Expires
Thu, 01 Dec 1994 16:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 3F98 		0
14 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KbmEGWCLXQPZaubEuau0VgTKGIALhRp6fan-tFAkhBIwHPalUKzOAOO8MPg44hmNnivv_D
Requested by
Host: 1658cca735c76dfbd679764915247b41.safeframe.googlesyndication.com
URL: https://1658cca735c76dfbd679764915247b41.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 21:19:23 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 0C57 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1658cca735c76dfbd679764915247b41.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
206457
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 26 Aug 2022 11:58:26 GMT
expires
Sat, 26 Aug 2023 11:58:26 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 3DB8
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESELikDWBIPjAh28opMmxhJiU&google_cver=1&google_push=AehlK4CyxVZm_3AdLQDeymLMaukh7oevdM6Klv3Sn3bq20Uz2H1L0caEM4NTwVkQoVQsOkAmqJ16M1fOmmBHOleTriaCncgUN3Fh-Q
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzI5NzA5ODA0MDQ2MDg0Mjc1Ng==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESELikDWBIPjAh28opMmxhJiU&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESELikDWBIPjAh28opMmxhJiU&google_cver=1
Requested by
Host: 1658cca735c76dfbd679764915247b41.safeframe.googlesyndication.com
URL: https://1658cca735c76dfbd679764915247b41.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
50.116.239.135 , United States, ASN6336 (TURN-US-ASN, US),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Aug 2022 21:19:24 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type
image/gif
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Sun, 28 Aug 2022 21:19:24 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESELikDWBIPjAh28opMmxhJiU&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
i.match
a.tribalfusion.com/ Frame 3DB8 		43 B
644 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.tribalfusion.com/i.match?p=b6&u=CAESEJqiImm9F3PpZudHcOTfxyg&google_cver=1&google_push=AehlK4Ds4rtCZKEerRXz7KL1N9M7YCZ-Q01oREGX1XRxlufYyeRcZj1CCGxEcvBO95c0bbBlmwRBPTLhhv0Kv_PDm9q5_IFHL2SW&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAehlK4Ds4rtCZKEerRXz7KL1N9M7YCZ-Q01oREGX1XRxlufYyeRcZj1CCGxEcvBO95c0bbBlmwRBPTLhhv0Kv_PDm9q5_IFHL2SW%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: 1658cca735c76dfbd679764915247b41.safeframe.googlesyndication.com
URL: https://1658cca735c76dfbd679764915247b41.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.152.245 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Aug 2022 21:19:23 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
742015bd8bbc5ac8-MEL
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
content-type
image/gif; charset=utf-8
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 3DB8
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEAV-1GgY-8k_33neJM0tVVU&google_cver=1&google_push=AehlK4AEj-OzEwEBuuFx49x_rmpHZ-l99qEbTVpG06adLYeRgV7ue2hXo6mI28PlXiPOBeDMSUhdfHJbHWQsUDbUw2edad6rBV0kNQ
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=44CD1B8CE5F8492FB0A28F9ECD8170E7&google_push=AehlK4AEj-OzEwEBuuFx49x_rmpHZ-l99qEbTVpG06adLYeRgV7ue2hXo6mI28PlXiPOBeDMSUhdfHJbHWQsUDb...
170 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=44CD1B8CE5F8492FB0A28F9ECD8170E7&google_push=AehlK4AEj-OzEwEBuuFx49x_rmpHZ-l99qEbTVpG06adLYeRgV7ue2hXo6mI28PlXiPOBeDMSUhdfHJbHWQsUDbUw2edad6rBV0kNQ
Requested by
Host: 1658cca735c76dfbd679764915247b41.safeframe.googlesyndication.com
URL: https://1658cca735c76dfbd679764915247b41.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Aug 2022 21:19:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 28 Aug 2022 21:19:24 GMT
x-content-type-options
nosniff
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=44CD1B8CE5F8492FB0A28F9ECD8170E7&google_push=AehlK4AEj-OzEwEBuuFx49x_rmpHZ-l99qEbTVpG06adLYeRgV7ue2hXo6mI28PlXiPOBeDMSUhdfHJbHWQsUDbUw2edad6rBV0kNQ
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
138
expires
Sat, 27 Aug 2022 21:19:24 GMT
pixel
cm.g.doubleclick.net/ Frame 3DB8
Redirect Chain
  • https://match.adsrvr.org/track/cmf/google?google_gid=CAESEILtUSC7m0--l17YtNrFBZk&google_cver=1&google_push=AehlK4CKxlGFqkYQysss9y30ypkhylEZp6UukQr9e1AbhMw05_s-ixxzBmheLM0c6-fzQL2PqYjJO-Q_eJlCjjL0QY...
  • https://match.adsrvr.org/track/cmb/google?google_gid=CAESEILtUSC7m0--l17YtNrFBZk&google_cver=1&google_push=AehlK4CKxlGFqkYQysss9y30ypkhylEZp6UukQr9e1AbhMw05_s-ixxzBmheLM0c6-fzQL2PqYjJO-Q_eJlCjjL0QY...
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=NmU2MmFhMDMtMTEwMC00NTU3LWE5YjAtN2M4MTYwYmFhYjQ0&google_push&gdpr=0&gdpr_consent=&ttd_tdid=6e62aa03-1100-4557-a9b0-7c8160baab44
170 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=NmU2MmFhMDMtMTEwMC00NTU3LWE5YjAtN2M4MTYwYmFhYjQ0&google_push&gdpr=0&gdpr_consent=&ttd_tdid=6e62aa03-1100-4557-a9b0-7c8160baab44
Requested by
Host: 1658cca735c76dfbd679764915247b41.safeframe.googlesyndication.com
URL: https://1658cca735c76dfbd679764915247b41.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Aug 2022 21:19:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 28 Aug 2022 21:19:23 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=NmU2MmFhMDMtMTEwMC00NTU3LWE5YjAtN2M4MTYwYmFhYjQ0&google_push&gdpr=0&gdpr_consent=&ttd_tdid=6e62aa03-1100-4557-a9b0-7c8160baab44
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
423
pixel
cm.g.doubleclick.net/ Frame 3DB8
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESELB_9UqT2cKxANXF4cQEA9E&google_cver=1&google_push=AehlK4Bs1wwS57b-m__kEwhwVXmxqRnc1bX0JYjzadBLWiAD3J74ZzOWdPFmVLJ_LwKjmYACKF6juotxNxz13pVDkXidwrp...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AehlK4Bs1wwS57b-m__kEwhwVXmxqRnc1bX0JYjzadBLWiAD3J74ZzOWdPFmVLJ_LwKjmYACKF6juotxNxz13pVDkXidwrpUgehsTA&google_hm=MzQxOTQxMzc2NTc0Njk4...
170 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AehlK4Bs1wwS57b-m__kEwhwVXmxqRnc1bX0JYjzadBLWiAD3J74ZzOWdPFmVLJ_LwKjmYACKF6juotxNxz13pVDkXidwrpUgehsTA&google_hm=MzQxOTQxMzc2NTc0Njk4NDA0MA%3D%3D
Requested by
Host: 1658cca735c76dfbd679764915247b41.safeframe.googlesyndication.com
URL: https://1658cca735c76dfbd679764915247b41.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Aug 2022 21:19:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 28 Aug 2022 21:19:24 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AehlK4Bs1wwS57b-m__kEwhwVXmxqRnc1bX0JYjzadBLWiAD3J74ZzOWdPFmVLJ_LwKjmYACKF6juotxNxz13pVDkXidwrpUgehsTA&google_hm=MzQxOTQxMzc2NTc0Njk4NDA0MA%3D%3D
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
pixel
cm.g.doubleclick.net/ Frame 3DB8
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEPTh3ix2N_HZ5Kn08oArDds&google_cver=1&google_push=AehlK4DdWEDVh7xKxB8tY8G4UKB7QeAlN2lkmpRx1EBzwpLZ71KXmPsBpEDnqWRwZmlyuZSLYs7zMcBR...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODkwMDAyNjIyMDE2NDU2NjIwNw&google_push=AehlK4DdWEDVh7xKxB8tY8G4UKB7QeAlN2lkmpRx1EBzwpLZ71KXmPsBpEDnqWRwZmlyuZSLYs7zMc...
170 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODkwMDAyNjIyMDE2NDU2NjIwNw&google_push=AehlK4DdWEDVh7xKxB8tY8G4UKB7QeAlN2lkmpRx1EBzwpLZ71KXmPsBpEDnqWRwZmlyuZSLYs7zMcBRbQlVuHWokJlEFx3EVWpT
Requested by
Host: 1658cca735c76dfbd679764915247b41.safeframe.googlesyndication.com
URL: https://1658cca735c76dfbd679764915247b41.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Aug 2022 21:19:23 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 28 Aug 2022 21:19:23 GMT
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODkwMDAyNjIyMDE2NDU2NjIwNw&google_push=AehlK4DdWEDVh7xKxB8tY8G4UKB7QeAlN2lkmpRx1EBzwpLZ71KXmPsBpEDnqWRwZmlyuZSLYs7zMcBRbQlVuHWokJlEFx3EVWpT
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame 3DB8
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEKRP2Xpbi3e3yOe-5hJfkIE&google_cver=1&google_push=AehlK4B_Z56uyqt1XF3faJxsLXdqnbLkVy7LkpH8jqZdHjHMZ-bgsTdE6Jb5_fZsHokBWij4NVnzlZ-qj_WxN...
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AehlK4B_Z56uyqt1XF3faJxsLXdqnbLkVy7LkpH8jqZdHjHMZ-bgsTdE6Jb5_fZsHokBWij4NVnzlZ-qj_WxNt2KC82NzzLczRpl3A&google_hm=eFBBb0lzQ2duVWhjTj...
170 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AehlK4B_Z56uyqt1XF3faJxsLXdqnbLkVy7LkpH8jqZdHjHMZ-bgsTdE6Jb5_fZsHokBWij4NVnzlZ-qj_WxNt2KC82NzzLczRpl3A&google_hm=eFBBb0lzQ2duVWhjTjlHMzhzdnk=
Requested by
Host: 1658cca735c76dfbd679764915247b41.safeframe.googlesyndication.com
URL: https://1658cca735c76dfbd679764915247b41.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Aug 2022 21:19:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 28 Aug 2022 21:19:23 GMT
P3p
CP="We do not support P3P header."
Location
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AehlK4B_Z56uyqt1XF3faJxsLXdqnbLkVy7LkpH8jqZdHjHMZ-bgsTdE6Jb5_fZsHokBWij4NVnzlZ-qj_WxNt2KC82NzzLczRpl3A&google_hm=eFBBb0lzQ2duVWhjTjlHMzhzdnk=
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
238
Expires
Thu, 01 Dec 1994 16:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 3DB8 		0
14 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KrMO-C9BDOOuB6CcENk2t7BFkJb-IalOxqvHvmgc6iN2SzE_vYcLodplriVZH_8bxBrhS4
Requested by
Host: 1658cca735c76dfbd679764915247b41.safeframe.googlesyndication.com
URL: https://1658cca735c76dfbd679764915247b41.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 21:19:23 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 4FE1 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1658cca735c76dfbd679764915247b41.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
206457
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 26 Aug 2022 11:58:26 GMT
expires
Sat, 26 Aug 2023 11:58:26 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 0D92 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220822&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208180101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
cafe /
Resource Hash
28234f5e3d21f705cd93f3b663661c4b6150bbd2a389a860ea3583c47fb5c3e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 28 Aug 2022 21:19:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10991
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 6033 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220822&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208230101/show_ads_impl_fy2021.js?bust=31069151
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
cafe /
Resource Hash
3d4cd398ffe3825f7dcd8dbb39d2ed4e4a6a7cab0903b86e70d8dd334a6e22ad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 28 Aug 2022 21:19:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11217
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame F8D2 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220822&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208180101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
cafe /
Resource Hash
4b42045831eaf4d6ab1b08bc1955fca173e96cca218693f1adc3d4bb25f02510
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 28 Aug 2022 21:19:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11065
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame FB0E 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220822&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208180101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
cafe /
Resource Hash
59a8fe87c26e8ecbd54a5a4bb5c5d55702a9da3b821d1254f12efb9ddcf05dd1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 28 Aug 2022 21:19:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11267
x-xss-protection
0
oORtDv9EbGDZJqtoCU6ZUa1h2CU5mRmZpTeRJMx0_5U.js
pagead2.googlesyndication.com/bg/ Frame 0C57 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/oORtDv9EbGDZJqtoCU6ZUa1h2CU5mRmZpTeRJMx0_5U.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
sffe /
Resource Hash
a0e46d0eff446c60d926ab68094e9951ad61d82539991999a5379124cc74ff95
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 19:05:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
440062
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14118
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 08:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 23 Aug 2023 19:05:01 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 0D92 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208180101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 21:19:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 28 Aug 2022 21:19:23 GMT
oORtDv9EbGDZJqtoCU6ZUa1h2CU5mRmZpTeRJMx0_5U.js
pagead2.googlesyndication.com/bg/ Frame 4FE1 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/oORtDv9EbGDZJqtoCU6ZUa1h2CU5mRmZpTeRJMx0_5U.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
sffe /
Resource Hash
a0e46d0eff446c60d926ab68094e9951ad61d82539991999a5379124cc74ff95
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 19:05:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
440062
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14118
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 08:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 23 Aug 2023 19:05:01 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 6033 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208230101/show_ads_impl_fy2021.js?bust=31069151
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 21:19:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 28 Aug 2022 21:19:24 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame F8D2 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208180101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 21:19:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 28 Aug 2022 21:19:24 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame FB0E 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208180101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 21:19:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 28 Aug 2022 21:19:24 GMT
index.html
s0.2mdn.net/sadbundle/8198994083416997216/ Frame A099 		86 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/8198994083416997216/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f149.1e100.net
Software
sffe /
Resource Hash
0a05de643ac8c608138f3eda57b0efb0d59285892f4e2f26840f50abdc26fd8f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1658cca735c76dfbd679764915247b41.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
15960
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
20029
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Sun, 28 Aug 2022 16:53:24 GMT
expires
Mon, 28 Aug 2023 16:53:24 GMT
last-modified
Fri, 13 May 2022 01:12:51 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 3E07 		0
27 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvCKPSvwSnakPgFGHmNqve8ji-nCeCbDzWTDq3bRqniYrics3oVeCq2dSS_gWFyfLs2ytDCnHA4a4To7GXx1FOXYrBhj2lHxbtGv27Lr5leXfecgxoZ_mRTyXIBOX3zTRM_rAgyWc_ZzJ_aB1oUWpkz3s30nsCe2DTF6EYwxaCH2GAdvzcdb7SFiJtWUzJ6kkQHALY10o_8srXHy6nOqzDl29qgdk4ynB-DppiI2EUI1s-a5iof7XnobCr7aG04dnsE3YB_mAIYSPl28QYx0-dDJm4_4ZMTOC71RpRCuMAeY2MNpOtjLX8T4agXGQsOWRh3Z-Hgaqrm2QNGCCBU9Znn2AYRrRotlt7U_GJhbRnkBMlQemirwF6MjgusyWBqeDnWLyytTPaSk7FEdE47VteqzwnYkSeCfxBHWmdNITa-z0UI0fKhXhVoi70DAfvx9o3bKhoCWSIMRg2NpCrcZpVoooGpzcxXYbJpIBzLhoNNb4to1Oc7RGmSwlskrDDzZsmjnciXY1PdPvZdD4B-l_81ZGE6-ftB6Sejp8QDM-yEYK6PpGGKSAgaYsBkGRgeFlQTZBC9l8xoWWCXFQ6IB7pMw6JOjlhjjQFh3oCbxbMMM0CYSdZRE55fqWV4qp0w8ofVR64ux36q9RAQkCixfJRe5HQVvtE1gi70rxIUYTkB5pnX_NK178uIY0y7K-0Lev85XIoYozFup9stxlRcVtEhSBJIjSCHa5aikJREFm400h3stB9JhXAosAnwHWDevA-R5-NFAoJpuu7rsi_HCFSsk5MSYG2Y4jqpqA5hNMGnQTTn9djOWT-4nIHaWeDWRTpurMaknJv7VKRm4d-SygEvb9N9JzNlDrtwyh5_EDmxVq1hZFp2huoBC7zpErgkGcCU58XId42eXUs6scqdwiQwkufyGIcQ0dLLBWNce2NoP-rLmPFJMLCgD90o2R6TvT02wGK-_L9UGyruNjr731Ou9DO4sr-v9YhgiRXQ7BxMr3GOz1JjFY4VTGWzgTpupZUlesxGhrZLJf9Blh_pNlbmMmq9PxxZWoHIbKLg0p7ziA2mE_mRHF5CF62ijJO0Y8AbDCVdItBOtLjAEIeQstHv_iqjWYanroPXY7zWdjrx_8Y03AV1DrBJyvyMdcxvVchBM1_GTxEaK3SODah_rmZ7eoaUTgm2a47K4eLtUGKhDNrxw6j1H1UlU2MBR5WJ5yBHv6S4aJgC3Slo0lcEHeVV-0RZWyp6tpPKH0ElOW15EYq11S3hsA&sai=AMfl-YRILukQWp8mNCD3gtg25eTpvxcdE8G-1t2mIsXs-uGsGMctQpeCiy89micSBg7jAyBcqrxnoM2KQDl-Z0X05EteOns4iERyTD87eMicXm_nbgOt4a6CJJrpHHfOcpEupvOh2w6OaBHE4aWpm7V4rLyiZs7cTxYvIMia0Lbqe4MQeSwOvMbzKJYZTj3jouzGoLwbAkpN2UMOaDjaK_bj4Q&sig=Cg0ArKJSzBE9RFH5leUYEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=797&cbvp=1&cstd=794&cisv=r20220822.96178&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lu-pei-pian-tai-ren-ai-bai-bai-zou-chun-xiang-fang-chang-jia.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://1658cca735c76dfbd679764915247b41.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Sun, 28 Aug 2022 21:19:24 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
img
tags.mathtag.com/view/ Frame 3E07 		49 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.mathtag.com/view/img?strat=3750455&cr=6028144&pr=5.00&txn=&rfr=
Requested by
Host: 1658cca735c76dfbd679764915247b41.safeframe.googlesyndication.com
URL: https://1658cca735c76dfbd679764915247b41.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.229.206.241 , Singapore, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MMBD/3.361.2 /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://1658cca735c76dfbd679764915247b41.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 28 Aug 2022 21:19:24 GMT
Server
MMBD/3.361.2
Content-Type
image/gif
Cache-Control
no-cache
x-mm-host
hkg-router-x70, hkg-bidder-x21
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
49
Expires
Sun, 28 Aug 2022 21:19:23 GMT
index.html
s0.2mdn.net/sadbundle/8148161235429666024/ Frame 1D64 		85 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/8148161235429666024/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f149.1e100.net
Software
sffe /
Resource Hash
bee0a78912f0d29818f02dd83a58edb8e48c3e8f51212225c7b47530f3bec208
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1658cca735c76dfbd679764915247b41.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
20010
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Sun, 28 Aug 2022 21:19:24 GMT
expires
Mon, 28 Aug 2023 21:19:24 GMT
last-modified
Fri, 13 May 2022 01:13:19 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 49A3 		0
27 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsus2xNN7F7u69mdFGX-h3_9L8XYlP6zcYM5FesiwizSLeUy9l82ihlkVGQSY8sgMWSgCuslbUsF0LyVUgTyy40gxaB-XBBQlcjuJ2txlkHcv_a-CVj-Yv5pxaWzKDEQOYO584ve_CiLxI61yU7u2hNM6gfZ0oQ6mw8WiajEoDw7ZKfR6C_Sn5oHSwWakUXdMn19V-2Xjl8rIwedQrbUyLXyocb0DIlT-m-C-dHQjsIxGg49kezqyCUvgPu1UwVWm1XY2oCe0NAlEYmgLfpHDrCf6B8mChgUE3hrM0L9AtHmRArk7T5XTDB1EWSwEpF95LW5qckVpiEqUWPBAcwtT_qnpfkRkqfqoITUC7NSU5uhxHS8lZryUBy8iyOAY6q5abhaT7GbA5WRXHQ-Llb81sZ3PcbY3VJkjBqr4rmvutROEsGfn5leUIv3GGxHbdHY25VBmOo0mjZs-kmkw4rOKQbdHxzEDgdjUNfr0ffWl-8dy463ANaY1ZokhWbFDcKwrJrLQBw7ObCbm7XkyDrC3pu9pau-1lcbkd1UVjlQxNHqSK8noQ13hKwBniK7cnROS1GIDELl9OAfvwIPmIc-rSvlE28uw54bnjRQRLWSkLCjUcMLzGk5d4XXb8EOTh8VADMNKr1wkXm80Ue7UDdpZw2BFfYp0K19znOgDBJOaRyCSV3tLa51qoJH1PfoGC0IO1zdf3d5UzItJ_SxYqvtWJ4ADWjEzUHZ9kmuT4oVi3JGX-e6nbB4E0EOs-FVhZ7A77IaC-gC1QgK1XM4cZZSbcQZVjqm4gKq_Es5hqJiTe99vIq_mH00RrKUqPLbSLdJgmt-GnPb7t3LrfN1Yy3oPgWrcpzNimNnGDunCyr6my-c9n1ZQ8XvPVmRfiM0hAXzu9KxNA9oc-3uEaR_uRCw3MzynuNtrcwIKYmQWZvkoDqHpSK7Y4f-ptnm1scxunUXTmJ37DH0hUJWT4qFCwxkDkzvp3Eds_dJ5AL_QXta3Oi1lIgPgmZdbUJTMBeyX7HksX6X0C0-D_mCDjroUBc-t2HF9nnaot0Kp65g3YlVuzfg4asqIU9HLMNuY4I-ropYXtgjqzufR_j24r7pZ9abb1neAAeJt3cUQVymCyEC3RFdSbV7amW34ml2zMybJL37TdzL1ZQbFQXmiMc0uDw4zI5j9xdvU3TLWlkBMebJNJReaFJVF4LRqEg5GheTM_it_hxvlosmTbPUVPZLdceNNr9QzSw0EdM6BsYw1Oz15uOiQoYnvrEFE_tFzQ&sai=AMfl-YQkf0BxzHgJ516FPAXF-w0GZwgS6Ix-K-0IQ-xcv6reQdkvYqNcBSHDOhWk4Q7ZPDYQdWp23hjVdvi0L9fOvULJaHLhjns-_aT47lcuBCnsnooCmPmt-VGhIH97tcJv3ebTUM7wXj4W9Aq59UZu70rQruf5Ew3USN9034Tc0rFtfjuXhXF5rUp2SMoqgExi2VVwMITj-05817poJzWDaA&sig=Cg0ArKJSzFf3juJv7n9HEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=766&cbvp=1&cstd=764&cisv=r20220822.47102&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lu-pei-pian-tai-ren-ai-bai-bai-zou-chun-xiang-fang-chang-jia.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://1658cca735c76dfbd679764915247b41.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Sun, 28 Aug 2022 21:19:24 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
img
tags.mathtag.com/view/ Frame 49A3 		49 B
328 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.mathtag.com/view/img?strat=3750455&cr=6028144&pr=5.00&txn=&rfr=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lu-pei-pian-tai-ren-ai-bai-bai-zou-chun-xiang-fang-chang-jia.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.229.206.241 , Singapore, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MMBD/3.361.2 /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://1658cca735c76dfbd679764915247b41.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 28 Aug 2022 21:19:24 GMT
Server
MMBD/3.361.2
Content-Type
image/gif
Cache-Control
no-cache
x-mm-host
hkg-router-x13, hkg-bidder-x2
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
49
Expires
Sun, 28 Aug 2022 21:19:23 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame FCE0 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
21428
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 28 Aug 2022 15:22:16 GMT
expires
Mon, 28 Aug 2023 15:22:16 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 371A 		783 B
533 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.103 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f103.1e100.net
Software
GSE /
Resource Hash
c804096e699cf6e252622ece238e1d7249dd3feab8a85157af6901a593863da5
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-BgjcFmRSfnOGvdra0p2SZg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
511
content-security-policy
script-src 'report-sample' 'nonce-BgjcFmRSfnOGvdra0p2SZg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 28 Aug 2022 21:19:24 GMT
expires
Sun, 28 Aug 2022 21:19:24 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame AB90 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
21428
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 28 Aug 2022 15:22:16 GMT
expires
Mon, 28 Aug 2023 15:22:16 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame C048 		783 B
537 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.103 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f103.1e100.net
Software
GSE /
Resource Hash
df51e9d66f6bbab45e034312d2ff4234a97120089317df52a14c71271bcb6da5
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-49pjQlqDF7eMQXIVCk4bmA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
515
content-security-policy
script-src 'report-sample' 'nonce-49pjQlqDF7eMQXIVCk4bmA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 28 Aug 2022 21:19:24 GMT
expires
Sun, 28 Aug 2022 21:19:24 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
activeview
pagead2.googlesyndication.com/pcs/ Frame C976 		42 B
69 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssRcj0b2RJr82Ni-KKWfyjtj8Wsf66uK8U_Oirmcy9n19J8zpV3zLHwqEYYzGXtbqHdcyGoizrJ5rKk4BttRjfYWEEJmnaJbZzO_1B3Ity8TQnKdbwTw-b10RpoFwgVnop7A73_d-arVoKF5pBgbvoLxYGpVkj84DMvHM-xFiXUQ746UZceMFkbUwLwaw8XSHWM9Ls0h5lJ33_ojGdTjCFwwT2ZREA0YnKBa6GkNiaKoIJQ6cILTE3OnUB9Ih2TgdRrCOfO_9E51mTYvVjbb7RWOH4oO1fYOiwtoBNJCCI6tXhNbSZIeK2jeLGk58lxLrT8MEW9HjUC5dSgiNbZnAOkYuabNf_3DxfNM_ivjfTZveYmNxKW0bOTmx1moIAKTqiB9m-ZGT1K0SsgeXUC2rjvNj6De-6yV3sOgfMu9upkGtuMtXekNm1z5uViJbyL0pxOtUSC7-SeC_PpWbegUnXJOUra-A9YMTLaKRCUvTIqZiTginyVrf4PldCMiyH6D15IO5J1mvjN4TEMvsqHiRxjus-FznPKFuFZXDNa5IuHMT1rxNUBAe9iavOmYdiFQ61LipgJp0WysJGcZdquDWwB6t97X1DMMKv8x9gG_p4Z3cqaLIFW7BCZTcJHsKFwKeSqBmWSAssVCRn087B38SA-i-o8xPSfv_8T_OzuUIbHDuVrDn2SaBMoYJ8qNRajbcwBzKF2iUklTc0WqAKBIwyEp8a-kupxhIu_RV8_ARP2yG1j3J_ijcEZ-dslLiOAVx9rQIl0D12qnDrOS94h8BRevRV9zV4b39AXRMvmehRB5peMH5sAmzFGADtWRApzX4hq9nTrS3NUB84lecwbllxWubt6XVWEmkoThMzdXj3j7nXZBd78ZfmmGdRBJRU8Sbv1_0kg5p13_7F_6NdkqM9FdM2AO02_MBDCH18YDs3flKNihO_LXMZlRUesHTKOLvWYGK7Dck-jDYZbpMGzM1ERuHrVvtDa5D4go0TrX_MmIMTBoMVaeL-rjQUi3O4d2mlx9HQiLmyztYfLpVqKpZP33z_HK7_9g1a9TUePT2AsBCm0ow_CeEKSmv1MPQujKIJNhmobMSmRgVenqm8AeRor00Kr1U4mZSK9xEH6IMANh4um-rEgMPp9NRaGa9N7-oR19Ahor3YubwPC9wO2o51BkauvyVPlhlgSpQpH8tZwmUQRX-ICZB7LtAQMw84&sai=AMfl-YQqHAmVgxNylT-ksq2rpahQ_Dv2GvwTv4E_ANAwcqgMglzzyn4hLF079EwN6LlS7xICbzFijMAoN83jgQHk38IcmeLrcjm9r2cvTt9i75UtrnpPV5r70mUXh9DweQhpWlZpZD58fAWT&sig=Cg0ArKJSzMFF-CxrPO_VEAE&cid=CAASFeRo1Pr4MiHvMyQOp-VubSXoq2yJ5g&id=ampim&o=5,300&d=120,600&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=611&tls=1611&g=100&h=100&tt=1611&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lu-pei-pian-tai-ren-ai-bai-bai-zou-chun-xiang-fang-chang-jia.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Aug 2022 21:19:24 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0C57 		0
25 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bjdwh29sLY7XRBpOo1Aa304-oCQAAAAA4AeAEAg&bg=!DwylDEjNAAYUOm8VNDo7ACkAdvg8WhcUFhTq-rg31Z4xENFFCNFi9U9DP_ymMW2cpkau2Nj4J666NwIAAACJUgAAAAJoAQeZAt2BRjMN4jkkFN1lYS_b-L4eIibP-GsjGK3fz4CjiCvLItDlkxccKwsGnYaamytBHYUEN56PA48H16tgascIFslKubQ6E03YExY8B60iwqsBKB_K89lsNDzbUJvmo2_7Hc3I3W2QUEDsEPw87l1cHCNlj_bRzZstLuqJC9z2sIojx9XhcRzYdHp-AodZ4R8GlLtFQZ3lX7Kz3iHOo2xe9KrPy2MPEzEiZIQRM-uzQyp1KXb0shvyr2LCAPCqTVU50q7_QZl4iul-rBN_ZIi754ye26k6R-t1CkdkSWllTjAR7njXiRxjB9GU6qdSGlTNaM8rqQncm13UtqEieVyGyycm1MYYH3D7FsWOacF7uKbUAS3cDcrmemj97JW7V9kiClvZIE-Jt5JVEBicTXn0plYHseG13riTq5FLPqgNhHxyFBKlGTScmTqHSO7ttBm7skPJiw4cv62vmlDGCMaKQ7D2KEwnALH28kCkFX-0cC7AO6VC2RN0PXg043HDB8WUc6WJHUlGc8xIfMmGqDQh-XGkXgH4bfnfhL3NL9PQw4ZVn1qbpesDVBdg3pUNYDycr2C2gg1IkBBb97tltE0oNbCVti4saTYVGIlkgeWoUnDM2y77hn2OLhxosN2Rsu8MOUUe3GTqdGrgPd5EGY-XxFycKVnfLHxGbdOWepBVNPCrlQzqrv1CYyYkmnIAqIdf5nwWZorTeXS5QFsb8cCGhUM-iL1-dw_UidrvTMPHq_yVJTiAp4OREDByN0o0lx62CuGu1EOZ2wOpxUSci6NWZbXqSfH_I8ELPrKdtVXN8PLrDtYgObksowR3QSirfCkwGG92nsATS1lU9mwFtEnzwpeaX_2C4jf6GvoUY3OYfgBLutiEAgvswOq1c6HTrWJavr0Xp5DlObxswIN0jbEYV5UrOo2x_SfxVfWXkP1HIEnuQXruUlc3KnOIrRcPaTMllhh0KKzGkQhUpM4rZMJl
Requested by
Host: 1658cca735c76dfbd679764915247b41.safeframe.googlesyndication.com
URL: https://1658cca735c76dfbd679764915247b41.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Aug 2022 21:19:24 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 241A 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
21428
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 28 Aug 2022 15:22:16 GMT
expires
Mon, 28 Aug 2023 15:22:16 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 4ECE 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.103 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f103.1e100.net
Software
GSE /
Resource Hash
f953ee4acc5761d6d82c5fa349afcc8ac2504508f605fc145828e55207514105
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-BqZCxhxEEZx6Omw-z3bsjg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-BqZCxhxEEZx6Omw-z3bsjg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 28 Aug 2022 21:19:24 GMT
expires
Sun, 28 Aug 2022 21:19:24 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4FE1 		0
25 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BoF0M29sLY6X8B4GB1Aar9ruoCQAAAAA4AeAEAg&bg=!o6CloOTNAAYUOm8VNDo7ACkAdvg8WpO5BJbC7AwfS62xXFn6PHss1b_SqWNPLCkbf_aFObSonpZxlgIAAABrUgAAAAJoAQcKAAhjzVKoNVQROZkC3zcb-vB5Lh5CeinD8GO28Xl8qTOK4EiM3zOD5WnU-10uyR8oe7T44DXzlvy9Fr1YDw8N3f_58afCoQXz094Mr4Z_MKUufqVSBhPj-2QHn30K5aRVWs7l76hZj_b1ku29g8NdXQzBmG1so9SWWft5lSs4cvE93uHxHF3m1bsOVTkWDarQ8ASbVE532q6fAkN0gnszo_qjvGNxaiuQMwPrdppLiUWX_vzei_-pGA0Lb-Vne5jWJ1caJf8X2x0dXCMYZmJ2rpDlcnQ30-W7KMgMJP9wNAbJr9OjVlEYTXljKbDAvrC0PwW762JFyWtZEc7cbvWHUa1GmEAjBQQtE3ptL30zc7nClWC7-_jyBEwZ169p0v7v2Q4oxUDxgutrxLCj6_A2g_lZiXNOInSQEDVEGUI-bq7EuHXSE_xyI6FpsBMgOoGsDLSS3MJwIGUb8k6mPogE00VwK_YAQ4TUnJQ44i0Te9s-C4aX0O8X4KefaGeMespkfNhz5poh5BuorLstAbOMrovk7ch6uUBJCBUPZMxK8RvnumRc7GQt9-1nttHmRx7Aj1UrfJZBxSFM9ILoobbGo345vE-hjsWWaMsU_u9ZG2RauO2qg-K8CNKWpzbGmi9nBZ6sYl5SbBxH27YxTG1oisq9JHGjC05_Wz0bdVOCHnFpeqvgrcd5yM9T4dLOct2LC_LCzBeJzHXp1HxsKj1hMuFgpTpu3rNd2W3D40K13VmYwmfcdapTMYDq79oIA6RO8tjGw2BJABXjDU39-mcUWvf72GRvYetElOPQy5IRIzdjs_D0U9OeyElOin342IZkugII8roEQweJgZEMWNrNs0OPzRZPzJDaaUr2sW-XpeoSvmepnXAqubc4BaNlyHuOhCUCJXyuHreysG2igcQqWCla0HfBdldvk4UyghahA5ndw0tizS9tzevHTofGRZk92UVnsecYNs9tHCwHOM9K2luvvm8G2VAfe-bQZQ
Requested by
Host: 1658cca735c76dfbd679764915247b41.safeframe.googlesyndication.com
URL: https://1658cca735c76dfbd679764915247b41.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Aug 2022 21:19:24 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B350 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
21428
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 28 Aug 2022 15:22:16 GMT
expires
Mon, 28 Aug 2023 15:22:16 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 9C8E 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.103 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f103.1e100.net
Software
GSE /
Resource Hash
bb838be53e8ff5dcda24c1d497e6fd775cef21061407443ae3485ff9fb122147
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-laEhb_Z4AjRKSKjB9TzU3g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-laEhb_Z4AjRKSKjB9TzU3g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 28 Aug 2022 21:19:24 GMT
expires
Sun, 28 Aug 2022 21:19:24 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
oORtDv9EbGDZJqtoCU6ZUa1h2CU5mRmZpTeRJMx0_5U.js
pagead2.googlesyndication.com/bg/ Frame FCE0 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/oORtDv9EbGDZJqtoCU6ZUa1h2CU5mRmZpTeRJMx0_5U.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
sffe /
Resource Hash
a0e46d0eff446c60d926ab68094e9951ad61d82539991999a5379124cc74ff95
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 19:05:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
440063
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14118
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 08:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 23 Aug 2023 19:05:01 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 371A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220822&jk=1139310003802546&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lu-pei-pian-tai-ren-ai-bai-bai-zou-chun-xiang-fang-chang-jia.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame C048 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220822&jk=300050850714559&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lu-pei-pian-tai-ren-ai-bai-bai-zou-chun-xiang-fang-chang-jia.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
oORtDv9EbGDZJqtoCU6ZUa1h2CU5mRmZpTeRJMx0_5U.js
pagead2.googlesyndication.com/bg/ Frame AB90 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/oORtDv9EbGDZJqtoCU6ZUa1h2CU5mRmZpTeRJMx0_5U.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
sffe /
Resource Hash
a0e46d0eff446c60d926ab68094e9951ad61d82539991999a5379124cc74ff95
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 19:05:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
440063
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14118
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 08:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 23 Aug 2023 19:05:01 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 4ECE 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220822&jk=4299496234072682&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lu-pei-pian-tai-ren-ai-bai-bai-zou-chun-xiang-fang-chang-jia.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
oORtDv9EbGDZJqtoCU6ZUa1h2CU5mRmZpTeRJMx0_5U.js
pagead2.googlesyndication.com/bg/ Frame 241A 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/oORtDv9EbGDZJqtoCU6ZUa1h2CU5mRmZpTeRJMx0_5U.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
sffe /
Resource Hash
a0e46d0eff446c60d926ab68094e9951ad61d82539991999a5379124cc74ff95
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 19:05:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
440063
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14118
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 08:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 23 Aug 2023 19:05:01 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 9C8E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220822&jk=3438147721141787&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lu-pei-pian-tai-ren-ai-bai-bai-zou-chun-xiang-fang-chang-jia.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
oORtDv9EbGDZJqtoCU6ZUa1h2CU5mRmZpTeRJMx0_5U.js
pagead2.googlesyndication.com/bg/ Frame B350 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/oORtDv9EbGDZJqtoCU6ZUa1h2CU5mRmZpTeRJMx0_5U.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
sffe /
Resource Hash
a0e46d0eff446c60d926ab68094e9951ad61d82539991999a5379124cc74ff95
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 19:05:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
440063
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14118
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 08:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 23 Aug 2023 19:05:01 GMT
DcmEnabler_01_247.js
s0.2mdn.net/879366/ Frame A099 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/DcmEnabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8198994083416997216/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f149.1e100.net
Software
sffe /
Resource Hash
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8198994083416997216/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 06:14:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
54297
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10136
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 29 Aug 2022 06:14:27 GMT
DcmEnabler_01_247.js
s0.2mdn.net/879366/ Frame 1D64 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/DcmEnabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8148161235429666024/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f149.1e100.net
Software
sffe /
Resource Hash
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8148161235429666024/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 06:14:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
54297
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10136
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 29 Aug 2022 06:14:27 GMT
generate_204
tpc.googlesyndication.com/ Frame FCE0 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?fca_7Q
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lu-pei-pian-tai-ren-ai-bai-bai-zou-chun-xiang-fang-chang-jia.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 21:19:24 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
generate_204
tpc.googlesyndication.com/ Frame AB90 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?mJRsBQ
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lu-pei-pian-tai-ren-ai-bai-bai-zou-chun-xiang-fang-chang-jia.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 21:19:24 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
view
googleads4.g.doubleclick.net/pcs/ Frame 3E07 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvCKPSvwSnakPgFGHmNqve8ji-nCeCbDzWTDq3bRqniYrics3oVeCq2dSS_gWFyfLs2ytDCnHA4a4To7GXx1FOXYrBhj2lHxbtGv27Lr5leXfecgxoZ_mRTyXIBOX3zTRM_rAgyWc_ZzJ_aB1oUWpkz3s30nsCe2DTF6EYwxaCH2GAdvzcdb7SFiJtWUzJ6kkQHALY10o_8srXHy6nOqzDl29qgdk4ynB-DppiI2EUI1s-a5iof7XnobCr7aG04dnsE3YB_mAIYSPl28QYx0-dDJm4_4ZMTOC71RpRCuMAeY2MNpOtjLX8T4agXGQsOWRh3Z-Hgaqrm2QNGCCBU9Znn2AYRrRotlt7U_GJhbRnkBMlQemirwF6MjgusyWBqeDnWLyytTPaSk7FEdE47VteqzwnYkSeCfxBHWmdNITa-z0UI0fKhXhVoi70DAfvx9o3bKhoCWSIMRg2NpCrcZpVoooGpzcxXYbJpIBzLhoNNb4to1Oc7RGmSwlskrDDzZsmjnciXY1PdPvZdD4B-l_81ZGE6-ftB6Sejp8QDM-yEYK6PpGGKSAgaYsBkGRgeFlQTZBC9l8xoWWCXFQ6IB7pMw6JOjlhjjQFh3oCbxbMMM0CYSdZRE55fqWV4qp0w8ofVR64ux36q9RAQkCixfJRe5HQVvtE1gi70rxIUYTkB5pnX_NK178uIY0y7K-0Lev85XIoYozFup9stxlRcVtEhSBJIjSCHa5aikJREFm400h3stB9JhXAosAnwHWDevA-R5-NFAoJpuu7rsi_HCFSsk5MSYG2Y4jqpqA5hNMGnQTTn9djOWT-4nIHaWeDWRTpurMaknJv7VKRm4d-SygEvb9N9JzNlDrtwyh5_EDmxVq1hZFp2huoBC7zpErgkGcCU58XId42eXUs6scqdwiQwkufyGIcQ0dLLBWNce2NoP-rLmPFJMLCgD90o2R6TvT02wGK-_L9UGyruNjr731Ou9DO4sr-v9YhgiRXQ7BxMr3GOz1JjFY4VTGWzgTpupZUlesxGhrZLJf9Blh_pNlbmMmq9PxxZWoHIbKLg0p7ziA2mE_mRHF5CF62ijJO0Y8AbDCVdItBOtLjAEIeQstHv_iqjWYanroPXY7zWdjrx_8Y03AV1DrBJyvyMdcxvVchBM1_GTxEaK3SODah_rmZ7eoaUTgm2a47K4eLtUGKhDNrxw6j1H1UlU2MBR5WJ5yBHv6S4aJgC3Slo0lcEHeVV-0RZWyp6tpPKH0ElOW15EYq11S3hsA&sai=AMfl-YRILukQWp8mNCD3gtg25eTpvxcdE8G-1t2mIsXs-uGsGMctQpeCiy89micSBg7jAyBcqrxnoM2KQDl-Z0X05EteOns4iERyTD87eMicXm_nbgOt4a6CJJrpHHfOcpEupvOh2w6OaBHE4aWpm7V4rLyiZs7cTxYvIMia0Lbqe4MQeSwOvMbzKJYZTj3jouzGoLwbAkpN2UMOaDjaK_bj4Q&sig=Cg0ArKJSzBE9RFH5leUYEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1559&vt=11&dtpt=762&dett=3&cstd=794&cisv=r20220822.96178&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lu-pei-pian-tai-ren-ai-bai-bai-zou-chun-xiang-fang-chang-jia.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://1658cca735c76dfbd679764915247b41.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 28 Aug 2022 21:19:24 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
generate_204
tpc.googlesyndication.com/ Frame 241A 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?MJdKLw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lu-pei-pian-tai-ren-ai-bai-bai-zou-chun-xiang-fang-chang-jia.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 21:19:24 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
view
googleads4.g.doubleclick.net/pcs/ Frame 49A3 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsus2xNN7F7u69mdFGX-h3_9L8XYlP6zcYM5FesiwizSLeUy9l82ihlkVGQSY8sgMWSgCuslbUsF0LyVUgTyy40gxaB-XBBQlcjuJ2txlkHcv_a-CVj-Yv5pxaWzKDEQOYO584ve_CiLxI61yU7u2hNM6gfZ0oQ6mw8WiajEoDw7ZKfR6C_Sn5oHSwWakUXdMn19V-2Xjl8rIwedQrbUyLXyocb0DIlT-m-C-dHQjsIxGg49kezqyCUvgPu1UwVWm1XY2oCe0NAlEYmgLfpHDrCf6B8mChgUE3hrM0L9AtHmRArk7T5XTDB1EWSwEpF95LW5qckVpiEqUWPBAcwtT_qnpfkRkqfqoITUC7NSU5uhxHS8lZryUBy8iyOAY6q5abhaT7GbA5WRXHQ-Llb81sZ3PcbY3VJkjBqr4rmvutROEsGfn5leUIv3GGxHbdHY25VBmOo0mjZs-kmkw4rOKQbdHxzEDgdjUNfr0ffWl-8dy463ANaY1ZokhWbFDcKwrJrLQBw7ObCbm7XkyDrC3pu9pau-1lcbkd1UVjlQxNHqSK8noQ13hKwBniK7cnROS1GIDELl9OAfvwIPmIc-rSvlE28uw54bnjRQRLWSkLCjUcMLzGk5d4XXb8EOTh8VADMNKr1wkXm80Ue7UDdpZw2BFfYp0K19znOgDBJOaRyCSV3tLa51qoJH1PfoGC0IO1zdf3d5UzItJ_SxYqvtWJ4ADWjEzUHZ9kmuT4oVi3JGX-e6nbB4E0EOs-FVhZ7A77IaC-gC1QgK1XM4cZZSbcQZVjqm4gKq_Es5hqJiTe99vIq_mH00RrKUqPLbSLdJgmt-GnPb7t3LrfN1Yy3oPgWrcpzNimNnGDunCyr6my-c9n1ZQ8XvPVmRfiM0hAXzu9KxNA9oc-3uEaR_uRCw3MzynuNtrcwIKYmQWZvkoDqHpSK7Y4f-ptnm1scxunUXTmJ37DH0hUJWT4qFCwxkDkzvp3Eds_dJ5AL_QXta3Oi1lIgPgmZdbUJTMBeyX7HksX6X0C0-D_mCDjroUBc-t2HF9nnaot0Kp65g3YlVuzfg4asqIU9HLMNuY4I-ropYXtgjqzufR_j24r7pZ9abb1neAAeJt3cUQVymCyEC3RFdSbV7amW34ml2zMybJL37TdzL1ZQbFQXmiMc0uDw4zI5j9xdvU3TLWlkBMebJNJReaFJVF4LRqEg5GheTM_it_hxvlosmTbPUVPZLdceNNr9QzSw0EdM6BsYw1Oz15uOiQoYnvrEFE_tFzQ&sai=AMfl-YQkf0BxzHgJ516FPAXF-w0GZwgS6Ix-K-0IQ-xcv6reQdkvYqNcBSHDOhWk4Q7ZPDYQdWp23hjVdvi0L9fOvULJaHLhjns-_aT47lcuBCnsnooCmPmt-VGhIH97tcJv3ebTUM7wXj4W9Aq59UZu70rQruf5Ew3USN9034Tc0rFtfjuXhXF5rUp2SMoqgExi2VVwMITj-05817poJzWDaA&sig=Cg0ArKJSzFf3juJv7n9HEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1550&vt=11&dtpt=784&dett=3&cstd=764&cisv=r20220822.47102&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lu-pei-pian-tai-ren-ai-bai-bai-zou-chun-xiang-fang-chang-jia.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://1658cca735c76dfbd679764915247b41.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 28 Aug 2022 21:19:24 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
generate_204
tpc.googlesyndication.com/ Frame B350 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?PTgCqw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lu-pei-pian-tai-ren-ai-bai-bai-zou-chun-xiang-fang-chang-jia.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 21:19:24 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
Disclaimer.svg
s0.2mdn.net/sadbundle/8198994083416997216/ Frame A099 		225 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8198994083416997216/Disclaimer.svg
Requested by
Host: 1658cca735c76dfbd679764915247b41.safeframe.googlesyndication.com
URL: https://1658cca735c76dfbd679764915247b41.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f149.1e100.net
Software
sffe /
Resource Hash
6537b8025364bd8ab573b927a3033a905eb3c7241f8c65ffcbde71db76cd73d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8198994083416997216/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 20:18:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
262842
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29254
x-xss-protection
0
last-modified
Fri, 13 May 2022 01:12:51 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 25 Aug 2023 20:18:42 GMT
sam_img1.png
s0.2mdn.net/sadbundle/8198994083416997216/ Frame A099 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8198994083416997216/sam_img1.png
Requested by
Host: 1658cca735c76dfbd679764915247b41.safeframe.googlesyndication.com
URL: https://1658cca735c76dfbd679764915247b41.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f149.1e100.net
Software
sffe /
Resource Hash
11e824e773da306f35ebfbc341f1437af0eed1167dbe4053c6e68dfc0bbf1beb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8198994083416997216/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 22:53:01 GMT
x-content-type-options
nosniff
age
512783
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49740
x-xss-protection
0
last-modified
Fri, 13 May 2022 01:12:51 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 22 Aug 2023 22:53:01 GMT
sam_img2.png
s0.2mdn.net/sadbundle/8198994083416997216/ Frame A099 		51 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8198994083416997216/sam_img2.png
Requested by
Host: 1658cca735c76dfbd679764915247b41.safeframe.googlesyndication.com
URL: https://1658cca735c76dfbd679764915247b41.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f149.1e100.net
Software
sffe /
Resource Hash
5f8947828d20f8ab59e7c5e277ded685a0b701d5578ef9a969baeba8ed66415a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8198994083416997216/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 11:10:03 GMT
x-content-type-options
nosniff
age
122961
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52382
x-xss-protection
0
last-modified
Fri, 13 May 2022 01:12:51 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 27 Aug 2023 11:10:03 GMT
Samuel_1.svg
s0.2mdn.net/sadbundle/8198994083416997216/ Frame A099 		44 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8198994083416997216/Samuel_1.svg
Requested by
Host: 1658cca735c76dfbd679764915247b41.safeframe.googlesyndication.com
URL: https://1658cca735c76dfbd679764915247b41.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f149.1e100.net
Software
sffe /
Resource Hash
e218093a3e8d994d337993a3f5243d26eaecbce21b7aaed2a8eb10c88b309e36
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8198994083416997216/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 15:42:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
20237
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12052
x-xss-protection
0
last-modified
Fri, 13 May 2022 01:12:51 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 28 Aug 2023 15:42:07 GMT
Samuel2.svg
s0.2mdn.net/sadbundle/8198994083416997216/ Frame A099 		40 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8198994083416997216/Samuel2.svg
Requested by
Host: 1658cca735c76dfbd679764915247b41.safeframe.googlesyndication.com
URL: https://1658cca735c76dfbd679764915247b41.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f149.1e100.net
Software
sffe /
Resource Hash
344e02c0e49e58ad7c4726c954b00243760f2301e49f004d008f494a89510710
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8198994083416997216/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 13:19:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
374388
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12860
x-xss-protection
0
last-modified
Fri, 13 May 2022 01:12:51 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 24 Aug 2023 13:19:36 GMT
CTA.svg
s0.2mdn.net/sadbundle/8198994083416997216/ Frame A099 		9 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8198994083416997216/CTA.svg
Requested by
Host: 1658cca735c76dfbd679764915247b41.safeframe.googlesyndication.com
URL: https://1658cca735c76dfbd679764915247b41.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f149.1e100.net
Software
sffe /
Resource Hash
7e52b222c0ab53848fd101f8f256bdd34822fc1cd04659e29235b186f9d58b59
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8198994083416997216/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 14:58:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
541283
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3171
x-xss-protection
0
last-modified
Fri, 13 May 2022 01:12:51 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 22 Aug 2023 14:58:01 GMT
Frame3.svg
s0.2mdn.net/sadbundle/8198994083416997216/ Frame A099 		34 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8198994083416997216/Frame3.svg
Requested by
Host: 1658cca735c76dfbd679764915247b41.safeframe.googlesyndication.com
URL: https://1658cca735c76dfbd679764915247b41.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f149.1e100.net
Software
sffe /
Resource Hash
4bf603ca4ee21ca9b766ccc5a6ebe86ac1c591f489fa03e2eac26a432c0c96f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8198994083416997216/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 15:42:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
20237
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10826
x-xss-protection
0
last-modified
Fri, 13 May 2022 01:12:51 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 28 Aug 2023 15:42:07 GMT
disclaimer_common.svg
s0.2mdn.net/sadbundle/8148161235429666024/ Frame 1D64 		224 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8148161235429666024/disclaimer_common.svg
Requested by
Host: 1658cca735c76dfbd679764915247b41.safeframe.googlesyndication.com
URL: https://1658cca735c76dfbd679764915247b41.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f149.1e100.net
Software
sffe /
Resource Hash
81f5a7091558670bff70c3e80511e3f24f1b2e377b89531966bcd6cde6e3362d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8148161235429666024/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 23:23:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
510945
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36700
x-xss-protection
0
last-modified
Fri, 13 May 2022 01:13:19 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 22 Aug 2023 23:23:39 GMT
kirsty_img1.png
s0.2mdn.net/sadbundle/8148161235429666024/ Frame 1D64 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8148161235429666024/kirsty_img1.png
Requested by
Host: 1658cca735c76dfbd679764915247b41.safeframe.googlesyndication.com
URL: https://1658cca735c76dfbd679764915247b41.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f149.1e100.net
Software
sffe /
Resource Hash
2fe5625677ac8e3068db3ad3677e9602b1860bfd1a0b3bf70ef4e99393c61cd4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8148161235429666024/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 23:52:51 GMT
x-content-type-options
nosniff
age
595593
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25896
x-xss-protection
0
last-modified
Fri, 13 May 2022 01:13:19 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 21 Aug 2023 23:52:51 GMT
kirsty_img2.png
s0.2mdn.net/sadbundle/8148161235429666024/ Frame 1D64 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8148161235429666024/kirsty_img2.png
Requested by
Host: 1658cca735c76dfbd679764915247b41.safeframe.googlesyndication.com
URL: https://1658cca735c76dfbd679764915247b41.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f149.1e100.net
Software
sffe /
Resource Hash
8031a6c0961c64b7850ea0e16c7796f497c59d17549e0d344f1c761f40fc7901
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8148161235429666024/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 23:28:48 GMT
x-content-type-options
nosniff
age
78636
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29609
x-xss-protection
0
last-modified
Fri, 13 May 2022 01:13:19 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 27 Aug 2023 23:28:48 GMT
kirsty1.svg
s0.2mdn.net/sadbundle/8148161235429666024/ Frame 1D64 		47 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8148161235429666024/kirsty1.svg
Requested by
Host: 1658cca735c76dfbd679764915247b41.safeframe.googlesyndication.com
URL: https://1658cca735c76dfbd679764915247b41.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f149.1e100.net
Software
sffe /
Resource Hash
fb2a105fede5295b783c3e6b82b27fae666d35df69fe6a7938e9294fe9b0785b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8148161235429666024/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 21:19:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11942
x-xss-protection
0
last-modified
Fri, 13 May 2022 01:13:19 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 28 Aug 2023 21:19:25 GMT
kirsty2.svg
s0.2mdn.net/sadbundle/8148161235429666024/ Frame 1D64 		42 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8148161235429666024/kirsty2.svg
Requested by
Host: 1658cca735c76dfbd679764915247b41.safeframe.googlesyndication.com
URL: https://1658cca735c76dfbd679764915247b41.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f149.1e100.net
Software
sffe /
Resource Hash
e4dac7f7d8fb8b32430c5da6fa8ff20ba0623088207c0e6026353eaac9eb1fee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8148161235429666024/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 21:19:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13079
x-xss-protection
0
last-modified
Fri, 13 May 2022 01:13:19 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 28 Aug 2023 21:19:25 GMT
cta_common.svg
s0.2mdn.net/sadbundle/8148161235429666024/ Frame 1D64 		9 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8148161235429666024/cta_common.svg
Requested by
Host: 1658cca735c76dfbd679764915247b41.safeframe.googlesyndication.com
URL: https://1658cca735c76dfbd679764915247b41.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f149.1e100.net
Software
sffe /
Resource Hash
e840d901c827ce3644d87e5bd6ed2a7e020c06ceec7cb516ef2e1b78f3e669f0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8148161235429666024/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 26 Aug 2022 00:23:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
248176
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3188
x-xss-protection
0
last-modified
Fri, 13 May 2022 01:13:19 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 26 Aug 2023 00:23:08 GMT
frame3_common.svg
s0.2mdn.net/sadbundle/8148161235429666024/ Frame 1D64 		34 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8148161235429666024/frame3_common.svg
Requested by
Host: 1658cca735c76dfbd679764915247b41.safeframe.googlesyndication.com
URL: https://1658cca735c76dfbd679764915247b41.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f149.1e100.net
Software
sffe /
Resource Hash
857e2ebcfaa681528084788a9e20e6d2da80ba89854199301c1124d4e0d823ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8148161235429666024/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 08:24:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
305708
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10443
x-xss-protection
0
last-modified
Fri, 13 May 2022 01:13:19 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 25 Aug 2023 08:24:16 GMT
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.bg3.co
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Sun, 28 Aug 2022 21:19:24 GMT
expires
0
pragma
no-cache
server-processing-duration-in-ticks
1110
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
json
gum.criteo.com/sid/ 		316 B
605 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&cw=1&pbt=1&lsw=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1661278076254.v6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
/
Resource Hash
81442e6c23e46451d5031a7044fa9cb67b6009dde837c7591e3e052b38299123
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Sun, 28 Aug 2022 21:19:25 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2904
strict-transport-security
max-age=31536000; preload;
expires
0
rid
match.adsrvr.org/track/ 		108 B
671 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1661278076254.v6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
1bdf91c9f73e62f2a0499e2efe66e957221ecf73088494743ed7772d11544334

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 28 Aug 2022 21:19:24 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
108
expires
Tue, 27 Sep 2022 21:19:24 GMT
ixmatch.html
js-sec.indexww.com/um/ Frame A726 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1661278076254.v6.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.180.246 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-180-246.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1387
Content-Type
text/html; charset=UTF-8
Date
Sun, 28 Aug 2022 21:19:25 GMT
ETag
"e20015-b68-5e4a60c97afb7"
Last-Modified
Mon, 25 Jul 2022 19:18:30 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server
Apache
Vary
Accept-Encoding
checksync.php
contextual.media.net/ Frame D8EC 		36 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1661278076254.v6.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.207.180.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-180-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
f7062c98fda4d3b0023264ee0eeb56825e6ad1154ca6f7c399b1219ba65cc82e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
max-age=137702
content-encoding
gzip
content-length
11782
content-type
text/html; charset=UTF-8
date
Sun, 28 Aug 2022 21:19:25 GMT
expires
Tue, 30 Aug 2022 11:34:27 GMT
p3p
CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
sync
eb2.3lift.com/ Frame FB83
Redirect Chain
  • https://eb2.3lift.com/sync?
  • https://eb2.3lift.com/sync?&ld=1
1 KB
1023 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?&ld=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1661278076254.v6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
4af74786749085c54d8a69ac0890c09a52a238b14d5708734b3b907e796bbed8

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-length
454
content-type
text/html; charset=utf-8
date
Sun, 28 Aug 2022 21:19:25 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Sun, 28 Aug 2022 21:19:25 GMT
location
/sync?&ld=1
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pd
u.openx.net/w/1.0/ Frame 9965 		532 B
638 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1661278076254.v6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
70bf692e0c5e4895f38852bacda3c81c52e85f0655e6fd004b1f5a76bb89dd0e

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
326
content-type
text/html
date
Sun, 28 Aug 2022 21:19:24 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
async_usersync.html
acdn.adnxs.com/dmp/ Frame EB56 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1661278076254.v6.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.72.44.183 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-72-44-183.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sun, 28 Aug 2022 21:19:25 GMT
ETag
"623de86a-cf34"
Expires
Mon, 29 Aug 2022 21:19:27 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Unused62
8096267
Vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame CBF5 		2 KB
863 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1661721559792
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1661278076254.v6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.79.234.101 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-51-79-234.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
usync.html
eus.rubiconproject.com/ Frame CB76 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1661278076254.v6.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.9.185.218 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-9-185-218.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 28 Aug 2022 21:19:25 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
sync.html
public.servenobid.com/ Frame C869 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://public.servenobid.com/sync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1661278076254.v6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.161.111.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-161-111-41.mrs52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7efdca1ce8a8ee4fb50887d9f88bdace1026e0f76ea1e64a802b97402d825a79

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
49403
cache-control
max-age=86400
content-encoding
br
content-type
text/html
date
Sun, 28 Aug 2022 07:36:03 GMT
etag
W/"3b058e9cd661ca6990301a82cf5d448f"
last-modified
Wed, 17 Aug 2022 23:23:08 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 ba846255b240e8319a67d7e11dc11506.cloudfront.net (CloudFront)
x-amz-cf-id
HAxN56LxFs0CSj-xzM14HcuVqC_Cz3rOIP1Tnw19y5ey_U8Q3Jqf1A==
x-amz-cf-pop
MRS52-P4
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:us-east-1:559734745816:build/adserver-public-prod:049b4e88-3480-44ce-bc71-9207efe847a1
x-amz-meta-codebuild-content-md5
77e8f986028c7819a018b65a51e4d1c5
x-amz-meta-codebuild-content-sha256
4cf0411e60b9185dacd3ae0196e3adabe45eed1b64ea27e89ed58c43c33d4297
x-cache
Hit from cloudfront
sd
us-u.openx.net/w/1.0/ Frame 9965
Redirect Chain
  • https://ad.turn.com/r/cs?pid=9&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=3369155634498770692&gdpr=0&gdpr_consent=&us_privacy=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073061&val=3369155634498770692&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Aug 2022 21:19:25 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537073061&val=3369155634498770692&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Sun, 28 Aug 2022 21:19:24 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
sd
us-u.openx.net/w/1.0/ Frame 9965
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=e3cd95fb-b833-7c5c-c57b-05d5d512f28e&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=6e62aa03-1100-4557-a9b0-7c8160baab44&ttd_puid=e3cd95fb-b833-7c5c-c57b-05d5d512f28e&gdpr=0&gdpr_consent=
43 B
62 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=6e62aa03-1100-4557-a9b0-7c8160baab44&ttd_puid=e3cd95fb-b833-7c5c-c57b-05d5d512f28e&gdpr=0&gdpr_consent=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Aug 2022 21:19:25 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 28 Aug 2022 21:19:25 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=6e62aa03-1100-4557-a9b0-7c8160baab44&ttd_puid=e3cd95fb-b833-7c5c-c57b-05d5d512f28e&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
335
sd
jp-u.openx.net/w/1.0/ Frame 9965
Redirect Chain
  • https://tg.socdm.com/rtb/sync_before?proto=openx
  • https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Ywvb3cCo8YMAALh8bV8AAAAA
43 B
114 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Ywvb3cCo8YMAALh8bV8AAAAA
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Aug 2022 21:19:25 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

X-SO-Cluster-ID
0
Date
Sun, 28 Aug 2022 21:19:25 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync_before?proto=openx","cluster_id":0,"gdpr":false,"ipv4":"103.209.254.23","key":"Ywvb3cCo8YMAALh8bV8AAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad320"}
X-SO-Ads-Time
3
X-SO-Key
Ywvb3cCo8YMAALh8bV8AAAAA
Server
nginx
X-SO-Upstream-ID
m-ad320
P3P
CP="See also http://www.scaleout.jp/privacy/"
Location
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Ywvb3cCo8YMAALh8bV8AAAAA
Cache-Control
private
X-SO-HostName
m-ad320.dc4p.scaleout.jp
Connection
keep-alive
Content-Length
0
X-SO-LB-Hostname
m-tgng31.dc4p.scaleout.jp
X-SO-IP
103.209.254.23
sd
jp-u.openx.net/w/1.0/ Frame 9965
Redirect Chain
  • https://cr-p3.ladsp.jp/cookiesender/3
  • https://cr-pall.ladsp.com/cookiesender/3
  • https://cr-pall.ladsp.com/cookiesender/3?cr=true
  • https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AYwMgQAJ_KB0ks8ADsWuDgxPnc8AAAGC5lLctw
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AYwMgQAJ_KB0ks8ADsWuDgxPnc8AAAGC5lLctw
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Aug 2022 21:19:26 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 28 Aug 2022 21:19:26 GMT
via
1.1 87c4d73b5ac2faa4ca336ce968e1aa1a.cloudfront.net (CloudFront)
server
Logicad
x-amz-cf-pop
SIN2-P2
x-cache
Miss from cloudfront
p3p
CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
location
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AYwMgQAJ_KB0ks8ADsWuDgxPnc8AAAGC5lLctw
cache-control
no-cache
content-length
0
x-amz-cf-id
eCgPJI1MG_D0OBjhb7FYKA44VWZg3DG5E3zQGhTzVQ-0xMbeDjF4pg==
expires
-1
pixel
cm.g.doubleclick.net/ Frame 9965 		170 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=Y2ZhMjQ2MzEtNzE0NC0yMmY4LWQwOWItNWY2YzFmZjAzY2Vl
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Aug 2022 21:19:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 9965
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEP16w3iIWrYD9fImq9j_zb0&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEP16w3iIWrYD9fImq9j_zb0&google_cver=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Aug 2022 21:19:25 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 28 Aug 2022 21:19:25 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEP16w3iIWrYD9fImq9j_zb0&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 0D92 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220822&jk=1139310003802546&bg=!PzylPHjNAAYUOm8VNDo7ACkAdvg8Wss0DmZPbK5ISpf20XBQ1Ri3AZboeiCmYNL2oweTn6MNurpqMQIAAADnUgAAAAFoAQeZAtI6QkTHj8zI_naPZ1CloRXaqRf6ki8z1Sk1O_Luh8nqZpCZVdZfkcqeo3tg1rGubxpUOyd0sXatDxmJFkUbHlntKDNgLblg63Abi-EVnMWfSFpt-M5QOd39WZCoFFY-nWsd8Rtv5fxoljsEd4PxVA1vnmrhIaE4vTzLEAMfJoNmyfwS1bsimK5Q8yhF9kOYil_LGU_4BWw_hh5pZHwSmXOecDUSm3fuMs6V6jJV3H0xMzGxdT3uVvjOyFSP2eA1_mtahPE6ciDA1Z-ha7MnmrnGRYy4foeFZdxgqDvcoq2lXSoihgmlUr078x0AGM9F86TWdhfko_ch2kAvtue0p02cLZnngA3h8mU74A9j36cHinpQf5D6ziavW_DRW4VsZ_1OVQlkL20WMYwkKhFHedmq-VcgkJ76rSVZdplSNJ70INr0DGpH7woVRjLS-1fuwaZpK3VAhoeF1EcbNS2I3i-R7YCQK4UzZ3VJEZ7oyiDdDNK0hr5GNZbux06L1xM8py0RZnLLiQLvwNjlZtAYPRj9diDgBJS8hoDZoOV-WxC1CKqZ4DH5ywP36AWdkmfAfxtRfv6wgYJkRCwTIeiq-dOY6aaTjSHvzNdotERcbOJ49lzitV8GjIEIpjVe2JikybmTgBL8M6WQRovfy3URGiMVodi3R0x5MqxVu6T4cNQ5ZvV7WIStwKoPsI2BmEHeXG2IPOw2JzOmdGkuypiamesDtUi1JBf-3QjgVQEGdse2XepHYSdc8ojafAN3yP5Mh8Xr8j4VPVcA0qQsn9zQzZJGNxfHU59Chw8DYPo0c0f9owWs79wYZ-Myb90DE6T6t5_sxR4WZJKBmc60X2_D50Ax5kNAkmxggG77CocpFXXIL_HOKzwyEEq0m91Xa6YHKeWDyLJOclXs1WelvdEztl1RhhD1RHNrxR8I5aNSeSRR_PyYauZC74nIiluYZFYSSd3CvQ
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lu-pei-pian-tai-ren-ai-bai-bai-zou-chun-xiang-fang-chang-jia.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 6033 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220822&jk=300050850714559&bg=!mZqlmt7NAAYUOm8VNDo7ACkAdvg8WtiCx1v_ZdwGzOnlb-wsz02TD7mitaydWeEeKD4Yfwe9yqBVqwIAAAEUUgAAAAJoAQcKAA_OzQghiuQDGwS_Y6rtdhOZArqXXzc-ADEpVU70uClsKIMBxV4FnhU-63nVnYMwPrg6SXOeT-ppZAvf0jiirFSHN7nIt1xDFp6Wy1_P7oXUarOAqAG8jC3rg7Vw_4saY0EscCQuwM939Vh18Taji8wVByrQaNBhqM2mEBRJjMqxA6ZT6FB_d1Bg3qVvmMFtZ8jO1kKWtOaKdkvVquKDs_WydBJiUNu0trWm8g0wfTlQZx4jpoOcvgLtOZ4tqtnxzy_s5onsbvya8AnRq4yzisPZh4dhEhv3cQm_XC9j-Hal2As5udbglJD1dg853HNBAxfTXWl9A0sQ2wF2tivGKSYuAwfbxLalB6_HxkFbmefeSlKKN6Pj5aOEhFQk6uyBjeuNM8EI41hsR6q_cOHTXuqOzVNL8KOCz11nq8NglMyMw6_nJGf1pSlLww_lr5qFZbnO_ik8SpcNXGYpZctlZEnO6RH2QulUsrrJSKKiw_-mVJN8b6rZ-HihZu1RF6J8agi1wDwjSNnGN-Gf4efSwpgeIY_C8c770pQp6kq7bxd5i1Yh7rTFo_wXrTw9_-5wjdowGTlghIq3ygtJCc-StFRsbcUlKW0f4F-F6gSl4UErA-dVdUVLLnk9QOuxbko3F3o8h3ydCwWnTVXsxn9A8-5U85rEgkMKt0Wec0dL7_jA0dgjmHNgm7f8XchTTgy0bHBq38RZgPkj2jeRmr-JRzTrxanj8cAkFKfq5SGJFUN-aMU3Fe6LHf8BXlfo4Tr9JqM5_zVhJugOWz09GoDFEPv6-77S2nFlR3ORTSEkPOsPjM2FSA8faT9NDWyRDhx55KCvI-Ko772TVTO5bPYC3ztX3pNFlcuZBHxHvPSegQeGUfrMf2pFn-b_-waM5FwwAKM7iPkRQarqybrI4WJvj8GopFg42DDUCVkQYzaH203l3LtaffrpVsNnGGOFRw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lu-pei-pian-tai-ren-ai-bai-bai-zou-chun-xiang-fang-chang-jia.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame F8D2 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220822&jk=4299496234072682&bg=!dXaldjLNAAYUOm8VNDo7ACkAdvg8Wk9FNFE5oJKKxR3vOkobgHPN1eqS__VNyG0ZyQ5YLWVS5OwbPgIAAAD-UgAAAAJoAQeZAs8bzsBOJmEhjHBX6toIdV7ENaSIedkl0V7xn_64H36cs5NGBOrg1MEJFTsd5VFEAmJDjigAPMPu_f1NVlKVZAmkG6fCv952yekIYIyjsu273oIpkyQn0X03NrwNqoXQP9kdVhwE9TW3ps-xB-3T9PIsA41nKdUzROUpe5ZcWUsOnb8wFUodSXnJaZczYkp4cY_YqQ293UUw7Pz3NcxOBKBen3c8M5bCi_7iEBETGHDMIxAV4VC8wCq-FnlwWQD2anRapgJBajLjOTIjVJmwKG01MhXd0bIpi7qau-CllPfPxox3HQ33eF_9ek_FGen0iKpKXdQbJwPAPmqKU5JqwYMdK-rlrSjij3JYCZ_dre3rvmXJFipZQ9WfoZOBSMW9ctFkOl87YJuXGailIO2D_x-B1rrJZg42i9ftgsZ26bV7uVoof2lHAfAc5cckYJHHbhXw4uxfle3zmUNbvPD2D7BB3xPmC6zGM_oZHoy6uIK9-5ksPWlm35nzLmXSWr3p-EnRIEx2lPJZciSEEOiDsqlcbkzg7ct9Tv9-qsoy5OjM8NJ3WWHGxsSZj63yvyedouijULodIuer_9G6wI14d_FN_fBuQK_yYIfcvAY1Ilf5G0Xgky7WfournOvmstgGUGX1hVmV0Sx8zK6LvccPE10MeN3HZ9MDh4xT0VFhgEjkgUF6ZF4rewJMwHPlY9dP841jVRqazzTx7EvgedR9jAPgFOjFrv3kPYOQ8GrLnzd9dLs1YhomJE1nhDdqNz5rEoTs-AWayHaD32iGzcvQk3KIQidSIn7lC-PqzhMftQIYkI59inmaHbhSG1LUzqDX_WWRjjfGPfU8z9XPodhiu1Xz45MEFyLgAx4EZlDdS2jUT9ehU-jt9BYYK7tEsbX7iM-kWCkTaPh6oYlEdiM11GtFyxGqqk753cn0pLVCQVOC52beTeJfeuOKUUD2W1vUYQ
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lu-pei-pian-tai-ren-ai-bai-bai-zou-chun-xiang-fang-chang-jia.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame FB0E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220822&jk=3438147721141787&bg=!YGOlYyfNAAYUOm8VNDo7ACkAdvg8WrXcw59qY_NZO_2PVy_XSxvqrwhOaSBEfMKqiVZQy2Ivd9R20wIAAADcUgAAAAJoAQeZAr2nRP17w-pTzsTCgXZv4090GX5ImOPWtp8h7VLi7sYGssTcD9dPVErLOAxHWsXDf3XDwn7dg2xmu8fqEWzUGAydQcOsOdez4wYXuunzgJHt4r0eukPm3IC4KkejO1OVZ_dVXFAspmS2KMlDcL0AkYNhLoII3HuORuokKC0hQZV3O1Bznc77A48-3dTLoZ-iKj5Ome_qpH2H4vX4Vd1c6SbtaHYuSwORtDb9wtcAicYF4IDD4MTqRWLCAVd9kr2Q1IfFZIYeCYc-KtzYc8fFHcEPEQdfS171b4yCNKgoz0lV0dsWo9lVhua9_rlBFvZz1buGmOIjAYz6lovuuI2T6mCzcxp20SD0YMDPrsUWPdy7S2197xsQkuJbG7kkWJ4RabbylXdE536Wdh5elJWBDOPHSNO_MjUTRFl4iU1DlxWK6bhxXFXtWQKVlH3BB_J5pHstthN-YqNejtBQ2I9EyEWGX9WGJA6U1Y9V_NTej8yKKCABhMHtL90nWo-dbDHxWKXZ97x-0KT6MxwHk_-QtIv-GLyfvP2ql6Db-urBjmQNPJRtoQ8YxvctCoi_oD7mHNE3AxsswHq_vC_ZevCUcr49OfXX6bXDdF0proUxnAbjORaAyU-iOH7RGAmkCa5jMeNdwcYT-wnTKn5Q5UZOuzD5jVwQMI0Hac2W-sumJWaInBsrVVb-pe-71-GWkQrTXqyTkSUULaD2Ta9t4C2odf4eF41LemC49wLE5J8-s_-K9jfM2xU5K_MSkJGpQkOswRs9zT5c0LButdHseQivxX8roHmLdWrDXKYprL3t46qJkYoazkrklsMHAdA6BNfZm7HW2bEF0A7lt7VRsU8ori94qtOcRq6I4siihD7UJJns9bSThU991wYqOF_RAlVgEuNVkVwn9jTbBiN_isIVx8fUkW14r2It8_lOgCJYWA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lu-pei-pian-tai-ren-ai-bai-bai-zou-chun-xiang-fang-chang-jia.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
usync.js
eus.rubiconproject.com/ Frame CB76 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.9.185.218 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-9-185-218.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
8a8759ea2c2da380bbc3dba74c7d8719e2371bab649692a0b8639cecadde1943

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 28 Aug 2022 21:19:25 GMT
Content-Encoding
gzip
Last-Modified
Wed, 24 Aug 2022 20:46:19 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=11561
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9377
Expires
Mon, 29 Aug 2022 00:32:06 GMT
usermatch
ssum-sec.casalemedia.com/ Frame BAA7 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa88875d5f2978f315dd728eca2dc2f1590d238f7b95c6c462237b7b36e34714

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
742015c94a693772-MEL
content-encoding
br
content-type
text/html
date
Sun, 28 Aug 2022 21:19:25 GMT
dropped-udsids
230|241|39|73|195|41|130|156
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9f6C24V9LJG%2BLSyG%2BeNxAaCwwBrv4daLoUg5IfdJpR5KdwHNxzm5UsIaFNlj2%2Biwak8sOHMSn70Utu7KLymO7vFPP5C1NdvAzMloAAUQ15w6XaIcH4OpPOQDsEYt2dOHC8ax8b4CNfZ%2FgA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Is-Traffic-Usersync, Accept-Encoding
xuid
eb2.3lift.com/ Frame FB83
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3658&xuid=6e62aa03-1100-4557-a9b0-7c8160baab44&dongle=0cfd
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3658&xuid=6e62aa03-1100-4557-a9b0-7c8160baab44&dongle=0cfd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 21:19:25 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Sun, 28 Aug 2022 21:19:25 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://eb2.3lift.com/xuid?mid=3658&xuid=6e62aa03-1100-4557-a9b0-7c8160baab44&dongle=0cfd
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
209
ebda
eb2.3lift.com/ Frame FB83
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDE1MzI3MDIxOTY5NDExNzYyNzAyOQ%3D%3D
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 21:19:26 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sun, 28 Aug 2022 21:19:25 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
248
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame FB83
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEMDqGdTwe6vPvJST5ZeBHcY&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEMDqGdTwe6vPvJST5ZeBHcY&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 21:19:25 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Sun, 28 Aug 2022 21:19:25 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEMDqGdTwe6vPvJST5ZeBHcY&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame FB83
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDE1MzI3MDIxOTY5NDExNzYyNzAyOQ%3D%3D
170 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDE1MzI3MDIxOTY5NDExNzYyNzAyOQ%3D%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H3
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Aug 2022 21:19:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDE1MzI3MDIxOTY5NDExNzYyNzAyOQ%3D%3D
date
Sun, 28 Aug 2022 21:19:25 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
p.adsymptotic.com/d/px/ Frame FB83
Redirect Chain
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=4153270219694117627029&dbredirect=true&gdpr=0&consent=
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=4153270219694117627029&dbredirect=true&gdpr=0&consent=&cookiesTest=true
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=87a0bead-f911-49bf-83b1-edbb79239dad&_noobservation=1
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=87a0bead-f911-49bf-83b1-edbb79239dad&_noobservation=1&_expected_cookie=00927e8...
43 B
142 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=87a0bead-f911-49bf-83b1-edbb79239dad&_noobservation=1&_expected_cookie=00927e8535f8c4f45a8088709c0b6201
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
104.18.98.194 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 21:19:26 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
742015d05f8617ce-MEL
p3p
CP='NON DSP COR CONi OUR BUS CNT'
content-type
image/gif
content-length
43

Redirect headers

location
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=87a0bead-f911-49bf-83b1-edbb79239dad&_noobservation=1&_expected_cookie=00927e8535f8c4f45a8088709c0b6201
date
Sun, 28 Aug 2022 21:19:26 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
742015cf3e8a17ce-MEL
content-length
0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
xuid
eb2.3lift.com/ Frame FB83
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=4153270219694117627029&gdpr=0&gdpr_consent=
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=a1cd311a-9479-45b8-8de4-b816fbc2c133&ssp=triplelift
  • https://eb2.3lift.com/xuid?mid=2409&xuid=f114f8fa-a65c-4aa6-ad4c-32818ddf1088&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2409&xuid=f114f8fa-a65c-4aa6-ad4c-32818ddf1088&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 21:19:27 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
//eb2.3lift.com/xuid?mid=2409&xuid=f114f8fa-a65c-4aa6-ad4c-32818ddf1088&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Date
Sun, 28 Aug 2022 21:19:27 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
c.gif
c.bing.com/ Frame FB83 		42 B
668 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=4153270219694117627029&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.21.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Aug 2022 21:19:25 GMT
etag
"6fa9befc56b2d81:0"
last-modified
Wed, 17 Aug 2022 16:32:48 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 9EECA5BCBD1248B18F47EFCBC17ACBC1 Ref B: MEL01EDGE0716 Ref C: 2022-08-28T21:19:25Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42
xuid
eb2.3lift.com/ Frame FB83
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/4153270219694117627029?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-JuZYFUZE2oTz2hcaT8VVHg15iPcd8a2qXCw30KkM.w--~A&dongle=0883
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-JuZYFUZE2oTz2hcaT8VVHg15iPcd8a2qXCw30KkM.w--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 21:19:25 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Sun, 28 Aug 2022 21:19:25 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-JuZYFUZE2oTz2hcaT8VVHg15iPcd8a2qXCw30KkM.w--~A&dongle=0883
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
iu3
s.amazon-adsystem.com/ Frame FB83
Redirect Chain
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=4153270219694117627029
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=4153270219694117627029&dcc=t
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=4153270219694117627029&dcc=t
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
HTTP/1.1
Server
52.46.128.147 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
Date
Sun, 28 Aug 2022 21:19:26 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
MHV076R6KC2PV7SR2H4X
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=4153270219694117627029&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
xuid
eb2.3lift.com/ Frame FB83
Redirect Chain
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent=
  • https://stags.bluekai.com/site/23178?id=xPAoIsCgnUhcN9G38svy&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLE...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5PBIEC32JONBWO...
  • https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=xPAoIsCgnUhcN9G38svy
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=xPAoIsCgnUhcN9G38svy
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 21:19:27 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma
no-cache
Date
Sun, 28 Aug 2022 21:19:27 GMT
P3p
CP="We do not support P3P header."
Location
https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=xPAoIsCgnUhcN9G38svy
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
115
Expires
Thu, 01 Dec 1994 16:00:00 GMT
sync
gum.criteo.com/ Frame D8EC 		61 B
383 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?r=2&c=321&gdpr=0&gdpr_pd=0&gdpr_consent=&us_privacy=&j=window.advBidxc.mnetRtusId
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
/
Resource Hash
f77f47058428a1c21dad5a75ac13fbfdeb9858947218fee2112fded5972a0b5d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 21:19:25 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
1384
strict-transport-security
max-age=31536000; preload;
content-length
175
expires
60
usync.html
eus.rubiconproject.com/ Frame 3696
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=medianet
  • https://eus.rubiconproject.com/usync.html?p=medianet
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=medianet
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.9.185.218 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-9-185-218.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 28 Aug 2022 21:19:26 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sun, 28 Aug 2022 21:19:26 GMT
location
https://eus.rubiconproject.com/usync.html?p=medianet
server
AkamaiGHost
cksync.html
contextual.media.net/ Frame C12C
Redirect Chain
  • https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3047231651531946000V10%26type%3Drkt%26refUrl%3D%26vid%3D172156561830472316515319460...
  • https://contextual.media.net/cksync.html?cs=8&vsid=3047231651531946000V10&type=rkt&refUrl=&vid=17215656183047231651531946000V10&ovsid=1972084067056602999
219 B
651 B 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/cksync.html?cs=8&vsid=3047231651531946000V10&type=rkt&refUrl=&vid=17215656183047231651531946000V10&ovsid=1972084067056602999
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.207.180.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-180-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
85af3052d288ffd9157258dfe4daf5309f0b64d0067ab8221cd0c62909c18419
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-length
219
content-type
text/html;charset=UTF-8
date
Sun, 28 Aug 2022 21:19:27 GMT
expires
Sun, 28 Aug 2022 21:19:27 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
pragma
no-cache
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E

Redirect headers

Content-Length
0
Date
Sun, 28 Aug 2022 21:19:27 GMT
Location
https://contextual.media.net/cksync.html?cs=8&vsid=3047231651531946000V10&type=rkt&refUrl=&vid=17215656183047231651531946000V10&ovsid=1972084067056602999
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.3.29.v20201019)
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 78C4 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3047231651531946000V10%26type%3Dpba%26refUrl%3D%26vid%3D17215656183047231651531946000V10%26ovsid%3DPM_UID
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.180.199 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-180-199.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=113852
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Sun, 28 Aug 2022 21:19:26 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Tue, 30 Aug 2022 04:56:58 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
cksync.php
contextual.media.net/ Frame D8EC
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3047231651531946000V10%26type%3Dapx%26refUrl%3D%26vid%3D17215656183047231651531946000V10%26ovsid%3D%24UID
  • https://contextual.media.net/cksync.php?cs=8&vsid=3047231651531946000V10&type=apx&refUrl=&vid=17215656183047231651531946000V10&ovsid=3612964200180168013
45 B
452 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3047231651531946000V10&type=apx&refUrl=&vid=17215656183047231651531946000V10&ovsid=3612964200180168013
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.207.180.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-180-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
server
Apache
date
Sun, 28 Aug 2022 21:19:25 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Sun, 28 Aug 2022 21:19:25 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 28 Aug 2022 21:19:25 GMT
X-Proxy-Origin
103.209.254.23; 103.209.254.23; 908.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid
3cb98d6d-0381-4752-b6b7-fb37ec31dab8
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://contextual.media.net/cksync.php?cs=8&vsid=3047231651531946000V10&type=apx&refUrl=&vid=17215656183047231651531946000V10&ovsid=3612964200180168013
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cksync.html
contextual.media.net/ Frame D8EC
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3047231651531946...
  • https://contextual.media.net/cksync.html?cs=8&vsid=3047231651531946000V10&type=opx&refUrl=&vid=17215656183047231651531946000V10&ovsid=2be1fc64-1333-46bc-a634-7bbb67fd6052
219 B
219 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.html?cs=8&vsid=3047231651531946000V10&type=opx&refUrl=&vid=17215656183047231651531946000V10&ovsid=2be1fc64-1333-46bc-a634-7bbb67fd6052
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.207.180.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-180-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
server
Apache
date
Sun, 28 Aug 2022 21:19:25 GMT
vary
Accept-Encoding
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
text/html;charset=UTF-8
content-length
219
x-mnet-hl2
E
expires
Sun, 28 Aug 2022 21:19:25 GMT

Redirect headers

date
Sun, 28 Aug 2022 21:19:25 GMT
content-encoding
gzip
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://contextual.media.net/cksync.html?cs=8&vsid=3047231651531946000V10&type=opx&refUrl=&vid=17215656183047231651531946000V10&ovsid=2be1fc64-1333-46bc-a634-7bbb67fd6052
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
usersync
usersync.gumgum.com/ Frame D8EC
Redirect Chain
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3047231651531946000V10%26type%3Dr1%26refUrl%3D%26vid%3D17215656183047231651...
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&zcc=1&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3047231651531946000V10%26type%3Dr1%26refUrl%3D%26vid%3D17215656183047...
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8243816866
  • https://sync.1rx.io/usersync/tradedesk/6e62aa03-1100-4557-a9b0-7c8160baab44
  • https://sync.targeting.unrulymedia.com/csync/RX-e5a3c33b-e27c-4690-bcbb-2a21b8ec33b8-004?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-e5a3c33b-e27c-4690-bcbb-2a21b8ec33b8-004
  • https://usersync.gumgum.com/usersync?b=rhy&i=RX-e5a3c33b-e27c-4690-bcbb-2a21b8ec33b8-004
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=rhy&i=RX-e5a3c33b-e27c-4690-bcbb-2a21b8ec33b8-004
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 28 Aug 2022 21:19:29 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=rhy&i=RX-e5a3c33b-e27c-4690-bcbb-2a21b8ec33b8-004
date
Sun, 28 Aug 2022 21:19:29 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXe5a3c33be27c4690bcbb2a21b8ec33b8004
content-type
text/html
cksync
cs.media.net/ Frame D8EC
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?cs=8&google_nid=media&google_cm=1&google_hm=MzA0NzIzMTY1MTUzMTk0NjAwMFYxMA%3D%3D&google_sc=1
  • https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEKgiKj8ayvo_mjAFpsg5utE&google_cver=1
45 B
610 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEKgiKj8ayvo_mjAFpsg5utE&google_cver=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Server
23.213.140.31 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 28 Aug 2022 21:19:26 GMT
Server
Apache
P3P
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
45
X-MNET-HL2
E
Expires
Sun, 28 Aug 2022 21:19:26 GMT

Redirect headers

pragma
no-cache
date
Sun, 28 Aug 2022 21:19:25 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEKgiKj8ayvo_mjAFpsg5utE&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync.php
contextual.media.net/ Frame D8EC
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3047231651531946000V10%26type%3Ddxu%26refUrl%3D%26vid%3D17215656183047231651531...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3047231651531946000V10%26type%3Ddxu%26refUrl%3D%26vid%3D17215656183047231...
  • https://contextual.media.net/cksync.php?cs=8&vsid=3047231651531946000V10&type=dxu&refUrl=&vid=17215656183047231651531946000V10&ovsid=Pr3JOiBj1OspGK5
45 B
452 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3047231651531946000V10&type=dxu&refUrl=&vid=17215656183047231651531946000V10&ovsid=Pr3JOiBj1OspGK5
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.207.180.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-180-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
server
Apache
date
Sun, 28 Aug 2022 21:19:26 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Sun, 28 Aug 2022 21:19:26 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 28 Aug 2022 21:19:25 GMT
Server
PingMatch/9853e75#9853e75792b29505864c0b7c23889ef441e21f3f i-0cf8f9c17275f6f13@ap-southeast-1a@dxedge-app-ap-southeast-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Location
https://contextual.media.net/cksync.php?cs=8&vsid=3047231651531946000V10&type=dxu&refUrl=&vid=17215656183047231651531946000V10&ovsid=Pr3JOiBj1OspGK5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync.php
contextual.media.net/ Frame D8EC
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=115&p=259&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40
  • https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=0069af59-2f00-44bb-bc06-080891483741
45 B
615 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=0069af59-2f00-44bb-bc06-080891483741
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.207.180.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-180-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
server
Apache
date
Sun, 28 Aug 2022 21:19:26 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Sun, 28 Aug 2022 21:19:26 GMT

Redirect headers

pragma
no-cache
date
Sun, 28 Aug 2022 21:19:25 GMT
server
Kestrel
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=0069af59-2f00-44bb-bc06-080891483741
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1811794
content-length
0
expires
Sun, 28 Aug 2022 00:00:00 GMT
cksync.php
contextual.media.net/ Frame D8EC
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1
  • https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Dmedianet%26bsw_param%3Df114f8fa-a65c-4aa6-ad4c-32818ddf10...
  • https://x.bidswitch.net/sync?dsp_id=80&user_id=84fa630b-dbd9-4d00-b5d5-397227d1a460&expires=30&ssp=medianet&bsw_param=f114f8fa-a65c-4aa6-ad4c-32818ddf1088&gdpr=0&gdpr_consent=
  • https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=f114f8fa-a65c-4aa6-ad4c-32818ddf1088&gdpr=0&gdpr_consent=&gdpr_pd=
45 B
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=f114f8fa-a65c-4aa6-ad4c-32818ddf1088&gdpr=0&gdpr_consent=&gdpr_pd=
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.207.180.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-180-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
server
Apache
date
Sun, 28 Aug 2022 21:19:26 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Sun, 28 Aug 2022 21:19:26 GMT

Redirect headers

Location
//contextual.media.net/cksync.php?cs=1&type=bs&ovsid=f114f8fa-a65c-4aa6-ad4c-32818ddf1088&gdpr=0&gdpr_consent=&gdpr_pd=
Date
Sun, 28 Aug 2022 21:19:26 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
cksync.php
contextual.media.net/ Frame D8EC
Redirect Chain
  • https://b1sync.zemanta.com/usersync/medianet/?cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3047231651531946000V10%26type%3Dzem%26refUrl%3D%26vid%3D17215656183047231651531946...
  • https://stags.bluekai.com/site/23178?id=xPAoIsCgnUhcN9G38svy&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TD...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPLYKBAW6SLTINTW4VLIMNHDSRZTHBZXM...
  • https://contextual.media.net/cksync.php?cs=8&ovsid=xPAoIsCgnUhcN9G38svy&refUrl=&type=zem&vid=17215656183047231651531946000V10&vsid=3047231651531946000V10
45 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&ovsid=xPAoIsCgnUhcN9G38svy&refUrl=&type=zem&vid=17215656183047231651531946000V10&vsid=3047231651531946000V10
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.207.180.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-180-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
server
Apache
date
Sun, 28 Aug 2022 21:19:27 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Sun, 28 Aug 2022 21:19:27 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 28 Aug 2022 21:19:26 GMT
P3p
CP="We do not support P3P header."
Location
https://contextual.media.net/cksync.php?cs=8&ovsid=xPAoIsCgnUhcN9G38svy&refUrl=&type=zem&vid=17215656183047231651531946000V10&vsid=3047231651531946000V10
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
196
Expires
Thu, 01 Dec 1994 16:00:00 GMT
cksync.php
contextual.media.net/ Frame D8EC
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=3047231651531946000V10
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=medianet&ssp_user_id=3047231651531946000V10
  • https://contextual.media.net/cksync.php?type=mf&ovsid=e8569581-5318-4780-946c-2d4219110e28&cs=1
45 B
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?type=mf&ovsid=e8569581-5318-4780-946c-2d4219110e28&cs=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.207.180.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-180-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
server
Apache
date
Sun, 28 Aug 2022 21:19:27 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Sun, 28 Aug 2022 21:19:27 GMT

Redirect headers

Location
//contextual.media.net/cksync.php?type=mf&ovsid=e8569581-5318-4780-946c-2d4219110e28&cs=1
Date
Sun, 28 Aug 2022 21:19:27 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
um
cs.emxdgt.com/ Frame D8EC 		0
67 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.emxdgt.com/um?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3047231651531946000V10%26type%3Demx%26refUrl%3D%26vid%3D17215656183047231651531946000V10%26ovsid%3D%24UID
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.204.58.250 -, , ASN (),
Reverse DNS
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 21:19:26 GMT
server
awselb/2.0
content-length
0
content-type
text/plain; charset=utf-8
cksync
cs.media.net/ Frame D8EC
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=6e62aa03-1100-4557-a9b0-7c8160baab44
45 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=6e62aa03-1100-4557-a9b0-7c8160baab44
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Server
23.213.140.31 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 28 Aug 2022 21:19:26 GMT
Server
Apache
P3P
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
45
X-MNET-HL2
E
Expires
Sun, 28 Aug 2022 21:19:26 GMT

Redirect headers

pragma
no-cache
date
Sun, 28 Aug 2022 21:19:25 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=6e62aa03-1100-4557-a9b0-7c8160baab44
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
199
v1
ads.yahoo.com/cms/ Frame CB76
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L7DU41EK-1I-GX9S&sigv=1&esig=2~c4d20b1ec7182b8747215cf34221cc0b2d30a587
0
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L7DU41EK-1I-GX9S&sigv=1&esig=2~c4d20b1ec7182b8747215cf34221cc0b2d30a587
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lu-pei-pian-tai-ren-ai-bai-bai-zou-chun-xiang-fang-chang-jia.html
Protocol
H2
Server
119.161.10.11 -, , ASN (),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 21:19:27 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block

Redirect headers

Location
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L7DU41EK-1I-GX9S&sigv=1&esig=2~c4d20b1ec7182b8747215cf34221cc0b2d30a587
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
38ddff6a66d3988dfd0c6ea3be81c5f1
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
aax-eu.amazon-adsystem.com/s/ Frame CB76
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=nBzg17TKQHa5i1ub8rzn4Q&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=nBzg17TKQHa5i1ub8rzn4Q
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=nBzg17TKQHa5i1ub8rzn4Q
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lu-pei-pian-tai-ren-ai-bai-bai-zou-chun-xiang-fang-chang-jia.html
Protocol
HTTP/1.1
Server
52.95.122.74 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 28 Aug 2022 21:19:27 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
MR817AH0TXA46PJ8SQMH
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=nBzg17TKQHa5i1ub8rzn4Q
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
beb52df1a5a4b2f2cb3f37642c514298
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame CB76
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/ItXldLEKbRdJh5UjVZWU_Mn5EUdSAgOZEtemQ7w0kco?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=3419413765746984040
42 B
679 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=3419413765746984040
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lu-pei-pian-tai-ren-ai-bai-bai-zou-chun-xiang-fang-chang-jia.html
Protocol
HTTP/1.1
Server
69.173.158.64 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
d264e84c9dc1a645a3048554992c5d82
Content-Type
image/gif

Redirect headers

date
Sun, 28 Aug 2022 21:19:26 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=3419413765746984040
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
tap.php
pixel.rubiconproject.com/ Frame CB76
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=6e62aa03-1100-4557-a9b0-7c8160baab44&gdpr=0&gdpr_consent=&expires=30
42 B
679 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=6e62aa03-1100-4557-a9b0-7c8160baab44&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lu-pei-pian-tai-ren-ai-bai-bai-zou-chun-xiang-fang-chang-jia.html
Protocol
HTTP/1.1
Server
69.173.158.64 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
808ed95536e7f55d8adbcb9fc76d309d
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Sun, 28 Aug 2022 21:19:25 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=6e62aa03-1100-4557-a9b0-7c8160baab44&gdpr=0&gdpr_consent=&expires=30
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
289
tap.php
pixel.rubiconproject.com/ Frame CB76
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEIYrZ1Ohp7LVcNya4OVaqO8&google_cver=1
42 B
679 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEIYrZ1Ohp7LVcNya4OVaqO8&google_cver=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lu-pei-pian-tai-ren-ai-bai-bai-zou-chun-xiang-fang-chang-jia.html
Protocol
HTTP/1.1
Server
69.173.158.64 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
d335433bbbe0efeac67146df47932f6f
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Sun, 28 Aug 2022 21:19:25 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEIYrZ1Ohp7LVcNya4OVaqO8&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame CB76
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=zGvJMriARI2RtgM1RblDFw&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=zGvJMriARI2RtgM1RblDFw
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=zGvJMriARI2RtgM1RblDFw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lu-pei-pian-tai-ren-ai-bai-bai-zou-chun-xiang-fang-chang-jia.html
Protocol
HTTP/1.1
Server
52.46.128.147 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 28 Aug 2022 21:19:27 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
832QSEG9X3JGDBWPS7W7
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=zGvJMriARI2RtgM1RblDFw
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
548ddf114c6f6bfbb66a4cdeb6a219f4
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame CB76
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDdEVTQxRUstMUktR1g5Uw==
170 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDdEVTQxRUstMUktR1g5Uw==
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lu-pei-pian-tai-ren-ai-bai-bai-zou-chun-xiang-fang-chang-jia.html
Protocol
H3
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Aug 2022 21:19:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDdEVTQxRUstMUktR1g5Uw==
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
0ed95c36ed1932be3ba76fc523a6e179
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame CB76
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OWE1NmZkZGE4OWU4NGFmN2M5NGYzZTg5Njc0YmI3NzBmZmZiYTQyOA
170 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OWE1NmZkZGE4OWU4NGFmN2M5NGYzZTg5Njc0YmI3NzBmZmZiYTQyOA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lu-pei-pian-tai-ren-ai-bai-bai-zou-chun-xiang-fang-chang-jia.html
Protocol
H3
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Aug 2022 21:19:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OWE1NmZkZGE4OWU4NGFmN2M5NGYzZTg5Njc0YmI3NzBmZmZiYTQyOA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
0ed95c36ed1932be3ba76fc523a6e179
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
async_usersync
ib.adnxs.com/ Frame EB56 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.151.120 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
908.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 28 Aug 2022 21:19:25 GMT
X-Proxy-Origin
103.209.254.23; 103.209.254.23; 908.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid
d3fa01f2-44ff-4d81-a677-6860e88d7b41
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame BAA7
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Ywvb2fifO9Odw-d0VttCDwAAA14AAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEGkES_KrYMaPxv3at8uvlkU&google_cver=1
43 B
910 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEGkES_KrYMaPxv3at8uvlkU&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
742015cbfcf73772-MEL
pragma
no-cache
date
Sun, 28 Aug 2022 21:19:26 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bWHkq7DT2yN0rCWXg5Uc%2F9XeWbFF0%2FBWjBbZfO8ZRp%2B9CA%2B5uC487U0IhN0aXFIOq7VNhxLFHfEmoSPVa2n9g3qouGi59AiEGpHOCjeExr3bhgoP8VX%2Bdx6j98wIeEKJqzbTs1nN8beqRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sun, 28 Aug 2022 21:19:25 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEGkES_KrYMaPxv3at8uvlkU&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame BAA7
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Ywvb2fifO9Odw-d0VttCDwAAA14AAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Ywvb2fifO9Odw-d0VttCDwAAA14AAAAB&dcc=t
43 B
932 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Ywvb2fifO9Odw-d0VttCDwAAA14AAAAB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
52.46.128.147 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 28 Aug 2022 21:19:27 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
0HS8WJ565KNQ95JG3K56
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 28 Aug 2022 21:19:26 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
JKYZGPFXZMA04PTF5GNK
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Ywvb2fifO9Odw-d0VttCDwAAA14AAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame BAA7
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=6e62aa03-1100-4557-a9b0-7c8160baab44&expiration=1664313565&gdpr=0&gdpr_consent=
43 B
906 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=6e62aa03-1100-4557-a9b0-7c8160baab44&expiration=1664313565&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
742015cb8fa55a7f-MEL
pragma
no-cache
date
Sun, 28 Aug 2022 21:19:26 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2AWWsKI1KAOAF%2FX0B1F%2FuCWRlUIAF0kfCl41gtbCrRjmlKLYp5jZo4SxIkYh9KYki89XoTKf2GMWLiA5BhTQXIqPm6XFEVyAfHZ9F1kDU48CfDC4yJqlTQNO0bNutWCfSAbasoo%2FxYb4qg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sun, 28 Aug 2022 21:19:25 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=6e62aa03-1100-4557-a9b0-7c8160baab44&expiration=1664313565&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
323
Ywvb2fifO9Odw-d0VttCDwAAA14AAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame BAA7 		43 B
991 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Ywvb2fifO9Odw-d0VttCDwAAA14AAAAB?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.221.138.76 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-221-138-76.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 21:19:25 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
crum
dsum-sec.casalemedia.com/ Frame BAA7
Redirect Chain
  • https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-63c69843-30ba-4deb-bd91-84f0af7ed1c2
43 B
910 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-63c69843-30ba-4deb-bd91-84f0af7ed1c2
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
742015d09e445a7f-MEL
pragma
no-cache
date
Sun, 28 Aug 2022 21:19:26 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hiBNjwnqHlhxBVHwXps%2Bwd%2B6zRqZ9dP85yXwEJg9YZhIdzzhBpYfWo4US%2FvfUQFGB06CFWk7609Auk1p0X%2BKbDg2cQ7gE0cUjjh2duhPK7yBHZ9nxiYZVe5pxJxMXxOSzBAuurtuZy9dAg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-63c69843-30ba-4deb-bd91-84f0af7ed1c2
date
Sun, 28 Aug 2022 21:19:26 GMT
server
Apache-Coyote/1.1
content-length
0
crum
dsum-sec.casalemedia.com/ Frame BAA7
Redirect Chain
  • https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE
  • https://cm.adgrx.com/bridge.gif?AG_PID=casale
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=41&external_user_id=186419c4-2717-11ed-81cb-cf971f131576
43 B
909 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=41&external_user_id=186419c4-2717-11ed-81cb-cf971f131576
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
742015d0be755a7f-MEL
pragma
no-cache
date
Sun, 28 Aug 2022 21:19:26 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F5ZxdJnbHQT%2Blb6E7zs0ehUY3993uPt%2Bbc3CRqCcoEIKUwMpzbWCPlYEkt8FvWquhQgEj72KX5VMnYJJx5UKQE3iUc7D2rAKuYRJTbBv%2FT9WphzL9IcsRKmXnfg7pfEuoVaSM5JSCNRiYA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Pragma
no-cache
Date
Sun, 28 Aug 2022 21:19:26 GMT
server
Cowboy
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=41&external_user_id=186419c4-2717-11ed-81cb-cf971f131576
P3P
CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Connection
keep-alive
Content-Type
image/gif
X-RealServer-NX
aws-apsoutheast1a-delivery-1
Content-Length
0
Expires
Thu, 23 Sep 2004 17:42:04 GMT
crum
dsum-sec.casalemedia.com/ Frame BAA7
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie
  • https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAKsKE7GF7gAAA6mr2G1sQ&expiration=1662931167
43 B
907 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAKsKE7GF7gAAA6mr2G1sQ&expiration=1662931167
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
742015d2d9535a7f-MEL
pragma
no-cache
date
Sun, 28 Aug 2022 21:19:27 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EI%2B82X989EXXUgkNXfNRnMx6M9kSONDAveaFq%2F5fMhz2WoOAXALwslMC55iUN9sK6VMmXyXPvd62BeW9DOK06h7u5wW1gFVQYcYSRTerOWDVIIUnEVPi%2Fa4AEhqSMuAn396U2AWLnuvgZA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAKsKE7GF7gAAA6mr2G1sQ&expiration=1662931167
Date
Sun, 28 Aug 2022 21:19:27 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
crum
dsum.casalemedia.com/ Frame BAA7
Redirect Chain
  • https://bttrack.com/pixel/cookiesync?source=67e94f23-25d6-4008-8236-375d1743c2e0&secure=1
  • https://dsum.casalemedia.com/crum?cm_dsp_id=156&external_user_id=eef0d3f2-0416-40f0-9dc1-f143305712f3
43 B
946 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=156&external_user_id=eef0d3f2-0416-40f0-9dc1-f143305712f3
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
742015d20ab9fe99-MEL
pragma
no-cache
date
Sun, 28 Aug 2022 21:19:27 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FpfJTitY9ZvHyvxc9J5n4NqcSJxI5QCta1mvk%2BI19j5KakbbjNIjNcKehMGszUpZzDHoaXbt%2Fm%2BIBAzrB3c5ZVsZV58BTZd%2FmjnR7ZS71izBPZ9tgt5R%2F6qj7uXzO1m%2FwifwlO1K"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

X-ServerName
track007-sjc
Pragma
no-cache
Date
Sun, 28 Aug 2022 21:19:15 GMT
X-AspNetMvc-Version
5.2
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
P3P
CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Location
https://dsum.casalemedia.com/crum?cm_dsp_id=156&external_user_id=eef0d3f2-0416-40f0-9dc1-f143305712f3
Cache-Control
private,no-cache
Content-Type
text/html; charset=utf-8
Content-Length
222
Expires
-1
htw-pixel.gif
cdn.indexww.com/ht/ Frame BAA7 		43 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?Ywvb2fifO9Odw.d0VttCDwAA%26862
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.12.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 21:19:26 GMT
cf-cache-status
HIT
age
49
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
content-length
43
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
etag
"da1f1d-2b-546dc3a097100"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
742015cc0f3d5a8b-MEL
expires
Mon, 29 Aug 2022 01:19:26 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame BAD0 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.180.199 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-180-199.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=113852
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Sun, 28 Aug 2022 21:19:26 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Tue, 30 Aug 2022 04:56:58 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
13926
g2.gumgum.com/usync/ Frame 9B6F 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.199.197.118 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
94dbd185aea4c93bcfd6037b0f6eda7bb7fc1dbb633ecc723193c7f51e7bf840

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Sun, 28 Aug 2022 21:19:26 GMT
etag
W/"0a6b4468b66a75328cd804c7b4fcb6a00"
server
nginx
timing-allow-origin
*
/
onetag-sys.com/usync/ Frame 7D85 		2 KB
863 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.79.234.101 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-51-79-234.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
sync
ssbsync.smartadserver.com/api/ Frame 63FF 		694 B
944 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.106.127.52 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
60ad1b1530db8f11d65e335b21054c27bfef9b2915b6d3ae173c7a2ea182c88b

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

content-length
694
content-type
text/html
date
Sun, 28 Aug 2022 21:19:25 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 4185 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3854b3bc27286bb7a89116ef81e054423018136296cb2e867e24042e81ced13a

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
742015cb2c173772-MEL
content-encoding
br
content-type
text/html
date
Sun, 28 Aug 2022 21:19:26 GMT
dropped-udsids
46|3|4|206|130|90|241|176
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v87y3WhnnxU5MRWBTDV7l2twMlHHKoTkFyCuHCc2k3xKcuPm747O%2BoQ%2Bx1QDa0oZe3H%2BHMInSkvmYRSdrPq3OW%2FHIM2GYgDTDQE2PyaUWPMsJ5lzwkYR4sdd1IXfgs5tYuJcfxXHXUZa7w%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Is-Traffic-Usersync, Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame E16E
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
281 B
410 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.9.185.218 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-9-185-218.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Sun, 28 Aug 2022 21:19:26 GMT
etag
"402b2-119-5d32342a551c0"
last-modified
Tue, 14 Dec 2021 23:07:59 GMT
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sun, 28 Aug 2022 21:19:26 GMT
location
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
server
AkamaiGHost
setuid
x.yieldlift.com/ Frame C869
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=13702&gdpr=0&gdpr_consent=&us_privacy=1YN-&
  • https://x.yieldlift.com/setuid?bidder=rubicon&uid=L7DU41EK-1I-GX9S&gdpr=0&us_privacy=1YN-
0
570 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.yieldlift.com/setuid?bidder=rubicon&uid=L7DU41EK-1I-GX9S&gdpr=0&us_privacy=1YN-
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Server
3.229.251.39 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Accept
application/json
Pragma
no-cache
Expires
0
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Content-Type
application/json;charset=utf-8

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://x.yieldlift.com/setuid?bidder=rubicon&uid=L7DU41EK-1I-GX9S&gdpr=0&us_privacy=1YN-
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
d264e84c9dc1a645a3048554992c5d82
Expires
0
sync
ads.servenobid.com/ Frame C869
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID
  • https://ads.servenobid.com/sync?pid=312&uid=3612964200180168013
0
343 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=312&uid=3612964200180168013
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.18.151.34 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-151-34.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 21:19:26 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
Date
Sun, 28 Aug 2022 21:19:26 GMT
X-Proxy-Origin
103.209.254.23; 103.209.254.23; 908.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid
18b39e7e-c141-4fda-bc26-950caaf20ffc
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ads.servenobid.com/sync?pid=312&uid=3612964200180168013
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ads.servenobid.com/ Frame C869
Redirect Chain
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1
  • https://ads.servenobid.com/sync?pid=310&uid=FOS_DRZHV9dqWrtqShi1abO6
0
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=310&uid=FOS_DRZHV9dqWrtqShi1abO6
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.18.151.34 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-151-34.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 21:19:27 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
Date
Sun, 28 Aug 2022 21:19:26 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ads.servenobid.com/sync?pid=310&uid=FOS_DRZHV9dqWrtqShi1abO6
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3sfo1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
sync
ads.servenobid.com/ Frame C869
Redirect Chain
  • https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID
  • https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID&sovrn_retry=true
  • https://ads.servenobid.com/sync?pid=310&uid=FOS_DLZHM4q9jnWASeyi_Dzw
0
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=310&uid=FOS_DLZHM4q9jnWASeyi_Dzw
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.18.151.34 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-151-34.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 21:19:27 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Date
Sun, 28 Aug 2022 21:19:26 GMT
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://ads.servenobid.com/sync?pid=310&uid=FOS_DLZHM4q9jnWASeyi_Dzw
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap3sfo1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
sync
ads.servenobid.com/ Frame C869
Redirect Chain
  • https://x.yieldlift.com/getuid?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D314%26uid%3D%24UID
  • https://ads.servenobid.com/sync?pid=314&uid=eyJ4dWlkIjoiY2ZkOGUyZjUtMzY3MC00ZWQwLWIzMzYtMGNmM2IwM2ZhODk3IiwiZHAiOnt9LCJiZGF5IjoiMjAyMi0wOC0yOFQyMToxOToyNi45NTA1MThaIn0=
0
432 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=314&uid=eyJ4dWlkIjoiY2ZkOGUyZjUtMzY3MC00ZWQwLWIzMzYtMGNmM2IwM2ZhODk3IiwiZHAiOnt9LCJiZGF5IjoiMjAyMi0wOC0yOFQyMToxOToyNi45NTA1MThaIn0=
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.18.151.34 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-151-34.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 21:19:27 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Location
https://ads.servenobid.com/sync?pid=314&uid=eyJ4dWlkIjoiY2ZkOGUyZjUtMzY3MC00ZWQwLWIzMzYtMGNmM2IwM2ZhODk3IiwiZHAiOnt9LCJiZGF5IjoiMjAyMi0wOC0yOFQyMToxOToyNi45NTA1MThaIn0=
Pragma
no-cache
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
0
usersync
usersync.gumgum.com/ Frame C869
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1661721566715
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8248891708
  • https://sync.1rx.io/usersync/tradedesk/6e62aa03-1100-4557-a9b0-7c8160baab44
  • https://sync.targeting.unrulymedia.com/csync/RX-e5a3c33b-e27c-4690-bcbb-2a21b8ec33b8-004?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-e5a3c33b-e27c-4690-bcbb-2a21b8ec33b8-004
  • https://usersync.gumgum.com/usersync?b=rhy&i=RX-e5a3c33b-e27c-4690-bcbb-2a21b8ec33b8-004
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=rhy&i=RX-e5a3c33b-e27c-4690-bcbb-2a21b8ec33b8-004
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 28 Aug 2022 21:19:29 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=rhy&i=RX-e5a3c33b-e27c-4690-bcbb-2a21b8ec33b8-004
date
Sun, 28 Aug 2022 21:19:29 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXe5a3c33be27c4690bcbb2a21b8ec33b8004
content-type
text/html
sync
ads.servenobid.com/ Frame C869
Redirect Chain
  • https://p.rfihub.com/cm?pub=44007&in=1
  • https://ads.servenobid.com/sync?pid=324&uid=1921700045503418964
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=324&uid=1921700045503418964
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.18.151.34 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-151-34.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 21:19:27 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Location
https://ads.servenobid.com/sync?pid=324&uid=1921700045503418964
Date
Sun, 28 Aug 2022 21:19:27 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sync
ads.servenobid.com/ Frame C869
Redirect Chain
  • https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D
  • https://ads.servenobid.com/sync?pid=332&uid=7fd949bf-675e-4dde-95b0-2bdab49806f3
0
357 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=332&uid=7fd949bf-675e-4dde-95b0-2bdab49806f3
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.18.151.34 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-151-34.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 21:19:27 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
Date
Sun, 28 Aug 2022 21:19:26 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-lax-1-5-40
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://ads.servenobid.com/sync?pid=332&uid=7fd949bf-675e-4dde-95b0-2bdab49806f3
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
ImgSync
image8.pubmatic.com/AdServer/ Frame C869
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D
  • https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=1&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-mo....
0
42 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=1&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-mo.net%252Fcchain%252F0%252F473%253Fgdpr%253D0%2526gdpr_consent%253D%2526us_privacy%253D1YN-%2526A%253Dc020465a-5a4e-4adb-a4ac-6bead996d320%2526bidder%253Dpubmatic%2526cbx%253DaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%25253D%2526uid%253D%2523PMUID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
103.231.98.197 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 21:19:26 GMT
content-length
0

Redirect headers

location
https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=1&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-mo.net%252Fcchain%252F0%252F473%253Fgdpr%253D0%2526gdpr_consent%253D%2526us_privacy%253D1YN-%2526A%253Dc020465a-5a4e-4adb-a4ac-6bead996d320%2526bidder%253Dpubmatic%2526cbx%253DaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%25253D%2526uid%253D%2523PMUID
date
Sun, 28 Aug 2022 21:19:25 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
2
server
envoy
content-length
0
sync
ads.servenobid.com/ Frame C869
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58559/occ
  • https://ads.servenobid.com/sync?pid=337&uid=y-45yQxPdE2uEC.boVpA307e6Lte0NaMdNEklPESk-~A
0
366 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=337&uid=y-45yQxPdE2uEC.boVpA307e6Lte0NaMdNEklPESk-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.18.151.34 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-151-34.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 21:19:26 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=337&uid=y-45yQxPdE2uEC.boVpA307e6Lte0NaMdNEklPESk-~A
date
Sun, 28 Aug 2022 21:19:26 GMT
server
ATS/9.1.10.25
age
1
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
cookie
cm.adform.net/ Frame C869
Redirect Chain
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID
  • https://prebid.a-mo.net/cchain/0?cb=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D6%26r%3DCid1YS1hYjljNTYyNS05MmNhLTNjMDEtYThhNy0zNWE5MGJiZDUxZTcqU2h0dHBzOi8vYWRzLnNlcnZlbm9iaWQuY29tL3N5bmM_cGlkP...
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F6%3Fgdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26A%3Dc020465a-5a4e-4adb-a4ac-6bead996d320%26bidder%3Dappnexus%26cbx%3DaHR0cHM...
  • https://prebid.a-mo.net/cchain/0/6?gdpr=&gdpr_consent=&us_privacy=&A=c020465a-5a4e-4adb-a4ac-6bead996d320&bidder=appnexus&cbx=aHR0cHM6Ly9zc3AuZGlzcXVzLmNvbS9tYXRjaD9iaWRkZXI9NiZyPUNpZDFZUzFoWWpsak5...
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%2F6%3Fgdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26A%3Dc020465a-5a4e-4adb-a4ac-6bead996d3...
  • https://prebid.a-mo.net/cchain/1/6?gdpr=&gdpr_consent=&us_privacy=&A=c020465a-5a4e-4adb-a4ac-6bead996d320&bidder=sovrn&cbx=aHR0cHM6Ly9zc3AuZGlzcXVzLmNvbS9tYXRjaD9iaWRkZXI9NiZyPUNpZDFZUzFoWWpsak5UWX...
  • https://ssum.casalemedia.com/usermatchredir?s=191503&gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F3%2F6%3Fgdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26A%3Dc020465a-5a...
  • https://prebid.a-mo.net/cchain/3/6?gdpr=&gdpr_consent=&us_privacy=&A=c020465a-5a4e-4adb-a4ac-6bead996d320&bidder=index_rtb&cbx=aHR0cHM6Ly9zc3AuZGlzcXVzLmNvbS9tYXRjaD9iaWRkZXI9NiZyPUNpZDFZUzFoWWpsak...
  • https://cm.adform.net/cookie?gdpr=0&gdpr_consent=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F5%2F6%3Fgdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26A%3Dc020465a-5a4e-4adb-a4ac-6bead996d320%...
0
0
sync
ads.servenobid.com/ Frame C869
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58632/occ
  • https://ads.servenobid.com/sync?pid=339&uid=y-45yQxPdE2uEC.boVpA307e6Lte0NaMdNEklPESk-~A
0
366 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=339&uid=y-45yQxPdE2uEC.boVpA307e6Lte0NaMdNEklPESk-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.18.151.34 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-151-34.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 21:19:26 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=339&uid=y-45yQxPdE2uEC.boVpA307e6Lte0NaMdNEklPESk-~A
date
Sun, 28 Aug 2022 21:19:26 GMT
server
ATS/9.1.10.25
age
1
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
crum
dsum-sec.casalemedia.com/ Frame 4185
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=3612964200180168013
43 B
908 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=3612964200180168013
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
742015d36a655a7f-MEL
pragma
no-cache
date
Sun, 28 Aug 2022 21:19:27 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5RBVTnpALbKpKItHTxkG6Fs48lXxc133gMqZhSmdp4zDk7uUwHhVCuDtLJAuZNdiZqGTh59yDhoc3EBNV7%2FvjF8NfcQYklxU850XYM0hF8hIhjb4mY0RkROXDKjt%2FVr6uB5ZLAa93%2F535Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Pragma
no-cache
Date
Sun, 28 Aug 2022 21:19:27 GMT
X-Proxy-Origin
103.209.254.23; 103.209.254.23; 904.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid
830b58d0-f966-4369-891b-451a2b6018c5
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=3612964200180168013
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 4185
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=84fa630b-dbd9-4d00-b5d5-397227d1a460
43 B
907 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=84fa630b-dbd9-4d00-b5d5-397227d1a460
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
742015ce0aa45a7f-MEL
pragma
no-cache
date
Sun, 28 Aug 2022 21:19:26 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QyCg3BnMqf447JNRmHJLasFJGuwiDKYrH%2B9UeB9gGmg89k9jt8XA36uIPxYT3OqT7getXZJ2UySO81Y21imt%2FzbNPbz7SMzA4uZCHSE4kC8hQjKdRl%2BOHC55AD9XtQjgRq7ygerdeXHDhA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Date
Sun, 28 Aug 2022 21:19:26 GMT
Server
MT3 4505 5b23575 master hkg-pixel-x20 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=84fa630b-dbd9-4d00-b5d5-397227d1a460
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 28 Aug 2022 21:19:25 GMT
rum
dsum-sec.casalemedia.com/ Frame 4185
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3369155634498770692
43 B
911 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3369155634498770692
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
742015ce0ab15a7f-MEL
pragma
no-cache
date
Sun, 28 Aug 2022 21:19:26 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oZ4Uf5MFC%2FXdZfyPHDT5rcaPmCSUd%2BQZVkcjjzpCFy0kDKNxslSn50mGowoQuYCvlrZZToWmYTtC43qGnKu7Qp6cfMlMQ%2Fgktqe3Ya1xdfdF%2BPto62k4A%2BGGmVEiZNFwxRfxXhjNWYQ%2FNg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3369155634498770692
pragma
no-cache
date
Sun, 28 Aug 2022 21:19:25 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Ywvb2fifO9Odw-d0VttCDwAAA14AAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 4185
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Ywvb2fifO9Odw-d0VttCDwAAA14AAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://pr-bh.ybp.yahoo.com/sync/casale/Ywvb2fifO9Odw-d0VttCDwAAA14AAAAB
43 B
991 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Ywvb2fifO9Odw-d0VttCDwAAA14AAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Server
52.221.138.76 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-221-138-76.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 21:19:26 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/Ywvb2fifO9Odw-d0VttCDwAAA14AAAAB
date
Sun, 28 Aug 2022 21:19:26 GMT
server
ATS/9.1.10.25
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
crum
dsum-sec.casalemedia.com/ Frame 4185
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie
  • https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAAg8E7GF7gAAA8KvkJmxw&expiration=1662931167
43 B
909 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAAg8E7GF7gAAA8KvkJmxw&expiration=1662931167
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
742015d33a165a7f-MEL
pragma
no-cache
date
Sun, 28 Aug 2022 21:19:27 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u7LhREN8WoLD%2F8C7jgIqQSbh3ZedSfR6Z0Y2Pr7OG%2BYfg9kKnujcXLM10GChLMEoWciHfEoobmoAA2ujDeqC2b%2Ba%2BRH1IW1GKZYz7o%2BeumHyIMwCFuRNK53BCja4D576gYMHB9a%2Fh4H2uQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAAg8E7GF7gAAA8KvkJmxw&expiration=1662931167
Date
Sun, 28 Aug 2022 21:19:27 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
crum
dsum-sec.casalemedia.com/ Frame 4185
Redirect Chain
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=44CD1B8CE5F8492FB0A28F9ECD8170E7
43 B
904 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=44CD1B8CE5F8492FB0A28F9ECD8170E7
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
742015ce4b105a7f-MEL
pragma
no-cache
date
Sun, 28 Aug 2022 21:19:26 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KN0GcoFgGgLCX9xvQvdkepf1lVRn6pbLpP3spor3I4ATIV1wdNXhxpcCb244eQk9wsiyE9ugKoPC8bPk0igXcv%2F%2F5feAFqBRxuBfYkYfOcsLX2dE%2FTR8WEsOiGV65P1hzJ7Px266VHn1HQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Sun, 28 Aug 2022 21:19:26 GMT
x-content-type-options
nosniff
server
nginx
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=44CD1B8CE5F8492FB0A28F9ECD8170E7
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
138
expires
Sat, 27 Aug 2022 21:19:26 GMT
dcm
s.amazon-adsystem.com/ Frame 4185
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Ywvb2fifO9Odw-d0VttCDwAAA14AAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Ywvb2fifO9Odw-d0VttCDwAAA14AAAAB&dcc=t
43 B
932 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Ywvb2fifO9Odw-d0VttCDwAAA14AAAAB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
52.46.128.147 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 28 Aug 2022 21:19:27 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
EQF71TP3TP0DH7QJD14T
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 28 Aug 2022 21:19:26 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
1FJHM2XYDH03WEJ59VRN
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Ywvb2fifO9Odw-d0VttCDwAAA14AAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
113
match.deepintent.com/usersync/ Frame 4185 		0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/113
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 -, , ASN (),
Reverse DNS
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 21:19:26 GMT
content-length
0
server
b
sync
ads.servenobid.com/ Frame 4185 		0
355 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=333&uid=Ywvb2fifO9Odw-d0VttCDwAAA14AAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.151.34 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-151-34.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 21:19:26 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
PugMaster
image6.pubmatic.com/AdServer/ Frame 78C4 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=19179594&p=159463&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3047231651531946000V10%26type%3Dpba%26refUrl%3D%26vid%3D17215656183047231651531946000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.81 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
5ecfe41d684fa6bc2fffae2f04dab34b864b00445a7ce048034f5f9f38f14e55

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 21:19:27 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
usync.js
eus.rubiconproject.com/ Frame 3696 		31 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=medianet
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.9.185.218 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-9-185-218.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
8a8759ea2c2da380bbc3dba74c7d8719e2371bab649692a0b8639cecadde1943

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=medianet
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 21:19:26 GMT
content-encoding
gzip
last-modified
Wed, 24 Aug 2022 20:46:19 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=11560
content-type
text/html; charset=UTF-8
content-length
9377
expires
Mon, 29 Aug 2022 00:32:06 GMT
usync.js
eus.rubiconproject.com/ Frame E16E 		31 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.9.185.218 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-9-185-218.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
8a8759ea2c2da380bbc3dba74c7d8719e2371bab649692a0b8639cecadde1943

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 21:19:26 GMT
content-encoding
gzip
last-modified
Wed, 24 Aug 2022 20:46:19 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=11560
content-type
text/html; charset=UTF-8
content-length
9377
expires
Mon, 29 Aug 2022 00:32:06 GMT
sync
ads.servenobid.com/ Frame 63FF 		0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=317&uid=6836486443982208980&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.151.34 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-151-34.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 21:19:26 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
/
rtb-csync.smartadserver.com/redir/ Frame 63FF
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=560288&ev=1&rurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D92%26partneruserid%3D%25%25VGUID%25%25&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=92&partneruserid=DTxuxCwAw4iZ&ev=1&pid=560288&gdpr_consent=&gdpr=0
43 B
401 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=92&partneruserid=DTxuxCwAw4iZ&ev=1&pid=560288&gdpr_consent=&gdpr=0
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
23.106.127.53 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Aug 2022 21:19:27 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-AU
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=92&partneruserid=DTxuxCwAw4iZ&ev=1&pid=560288&gdpr_consent=&gdpr=0
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-stage-0
expires
-1
redir
rtb-csync.smartadserver.com/ Frame 63FF
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/sas?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/sas?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAAg8U7GF7gAAA8KvkJmxw&gdpr=0
43 B
412 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAAg8U7GF7gAAA8KvkJmxw&gdpr=0
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
23.106.127.53 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Aug 2022 21:19:26 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAAg8U7GF7gAAA8KvkJmxw&gdpr=0
Date
Sun, 28 Aug 2022 21:19:27 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
/
rtb-csync.smartadserver.com/redir/ Frame 63FF
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-EtBqU4Lj3YbAv.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?partnerid=80&gdpr=0&partneruserid=d1el1iUG8YxsVfPSdwC4jHRco4VsBfHWJVXl2pP_
43 B
429 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=80&gdpr=0&partneruserid=d1el1iUG8YxsVfPSdwC4jHRco4VsBfHWJVXl2pP_
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
23.106.127.53 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Aug 2022 21:19:26 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Sun, 28 Aug 2022 21:19:26 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://rtb-csync.smartadserver.com/redir/?partnerid=80&gdpr=0&partneruserid=d1el1iUG8YxsVfPSdwC4jHRco4VsBfHWJVXl2pP_
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
1000.gif
id.rlcdn.com/ Frame 63FF
Redirect Chain
  • https://id.rlcdn.com/711890.gif?credir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D136%26partneruserid%3D&gdpr=0&gdpr_consent=
  • https://id.rlcdn.com/1000.gif?memo=CNK5KxoNCN-3r5gGEgUI6AcQAEJOaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2k9MSZwYXJ0bmVyaWQ9MTM2JnBhcnRuZXJ1c2VyaWQ9SgA
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/1000.gif?memo=CNK5KxoNCN-3r5gGEgUI6AcQAEJOaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2k9MSZwYXJ0bmVyaWQ9MTM2JnBhcnRuZXJ1c2VyaWQ9SgA
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H3
Server
35.190.60.146 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 28 Aug 2022 21:19:27 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

date
Sun, 28 Aug 2022 21:19:27 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://id.rlcdn.com/1000.gif?memo=CNK5KxoNCN-3r5gGEgUI6AcQAEJOaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2k9MSZwYXJ0bmVyaWQ9MTM2JnBhcnRuZXJ1c2VyaWQ9SgA
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cksync.php
contextual.media.net/ Frame 3696
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=medianet&khaos=L7DU41EK-1I-GX9S
  • https://contextual.media.net/cksync.php?type=rbcn&ovsid=L7DU41EK-1I-GX9S
45 B
452 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?type=rbcn&ovsid=L7DU41EK-1I-GX9S
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=medianet
Protocol
H2
Server
23.207.180.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-180-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
server
Apache
date
Sun, 28 Aug 2022 21:19:26 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Sun, 28 Aug 2022 21:19:26 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://contextual.media.net/cksync.php?type=rbcn&ovsid=L7DU41EK-1I-GX9S
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
550b0c1400f70e56269f7c1848fb3166
Expires
0
sync
ads.servenobid.com/ Frame E16E
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=duration_media&khaos=L7DU41EK-1I-GX9S
  • https://ads.servenobid.com/sync?pid=323&uid=L7DU41EK-1I-GX9S
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=323&uid=L7DU41EK-1I-GX9S
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
H2
Server
52.18.151.34 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-151-34.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 21:19:27 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://ads.servenobid.com/sync?pid=323&uid=L7DU41EK-1I-GX9S
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
87d839cc3e00ba41df3f5dd9eab06282
Expires
0
usersync
usersync.gumgum.com/ Frame 9B6F
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=3612964200180168013
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=3612964200180168013
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 28 Aug 2022 21:19:27 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Sun, 28 Aug 2022 21:19:27 GMT
X-Proxy-Origin
103.209.254.23; 103.209.254.23; 904.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid
e93c6458-571f-4e79-8f83-24dd9dda42ad
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://usersync.gumgum.com/usersync?b=apn&i=3612964200180168013
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame 9B6F
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=a_610e5759-624d-4c39-8408-9ef5916d0fe0&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=f114f8fa-a65c-4aa6-ad4c-32818ddf1088&ssp=gumgum2&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10528852980564319547&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.vi...
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2910&partner_device_id=10528852980564319547&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26...
  • https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=1a130944-7064-46ff-ad28-4a4d716baf58&ssp=gumgum2&gdpr_consent=&gdpr=0
  • https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=10528852980564319547&ssp=gumgum2&gdpr=0&gdpr_consent=
  • https://odr.mookie1.com/t/v2?tagid=V2_785409&src.visitorId=209500804257005052207&ssp=gumgum2&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10528852980564319547&ssp=gumgum2&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=bsw&i=f114f8fa-a65c-4aa6-ad4c-32818ddf1088
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=bsw&i=f114f8fa-a65c-4aa6-ad4c-32818ddf1088
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 28 Aug 2022 21:19:29 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

Location
//usersync.gumgum.com/usersync?b=bsw&i=f114f8fa-a65c-4aa6-ad4c-32818ddf1088
Date
Sun, 28 Aug 2022 21:19:29 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
cookie-sync
sync.outbrain.com/ Frame 9B6F
Redirect Chain
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobR...
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28xorzk6B3lHFuTMjZMwZw5TEBmXWyEI9K0uVLZcFHlNxT54_03950f5JHXGgD8X_L%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%...
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=a_610e5759-624d-4c39-8408-9ef5916d0fe0&obuid=ENC(xorzk6B3lHFuTMjZMwZw5TEBmXWyEI9K0uVLZcFHlNxT54_03950f5JHXGgD8X_L)
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=icco6m5&ttd_tpi=1$CMP
  • https://sync.outbrain.com/cookie-sync?p=ttd&uid=6e62aa03-1100-4557-a9b0-7c8160baab44
0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=ttd&uid=6e62aa03-1100-4557-a9b0-7c8160baab44
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
66.225.223.63 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 28 Aug 2022 21:19:29 GMT
Cache-Control
no-cache
X-TraceId
64e220fe8aef1665dd0b9181810d8dd7
Content-Length
0

Redirect headers

pragma
no-cache
date
Sun, 28 Aug 2022 21:19:28 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://sync.outbrain.com/cookie-sync?p=ttd&uid=6e62aa03-1100-4557-a9b0-7c8160baab44
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
199
usersync
usersync.gumgum.com/ Frame 9B6F
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=14f0318b-9026-440a-a200-15381d42f3c8
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=opx&i=14f0318b-9026-440a-a200-15381d42f3c8
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 28 Aug 2022 21:19:27 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

date
Sun, 28 Aug 2022 21:19:26 GMT
content-encoding
gzip
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://usersync.gumgum.com/usersync?b=opx&i=14f0318b-9026-440a-a200-15381d42f3c8
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
usersync
usersync.gumgum.com/ Frame 9B6F
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-bd816307-0492-490d-74d6-e68aa26e95a6$ip$103.209.254.23
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-bd816307-0492-490d-74d6-e68aa26e95a6$ip$103.209.254.23
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 28 Aug 2022 21:19:27 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-bd816307-0492-490d-74d6-e68aa26e95a6$ip$103.209.254.23
Date
Sun, 28 Aug 2022 21:19:26 GMT
Connection
keep-alive
Content-Length
128
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame 9B6F
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=oth&i=y-JhD7RNFE2pf0I9laIvpqaPxIVabllvSVmIRV~A
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=oth&i=y-JhD7RNFE2pf0I9laIvpqaPxIVabllvSVmIRV~A
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 28 Aug 2022 21:19:27 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

date
Sun, 28 Aug 2022 21:19:26 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://usersync.gumgum.com/usersync?b=oth&i=y-JhD7RNFE2pf0I9laIvpqaPxIVabllvSVmIRV~A
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
usersync
usersync.gumgum.com/ Frame 9B6F
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fuser...
  • https://usersync.gumgum.com/usersync?b=vnt&i=a346ca98-1097-4cf9-85bd-0b31f9131484
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=vnt&i=a346ca98-1097-4cf9-85bd-0b31f9131484
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 28 Aug 2022 21:19:28 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=vnt&i=a346ca98-1097-4cf9-85bd-0b31f9131484
Date
Sun, 28 Aug 2022 21:19:27 GMT
X-CI-RTID
0e4f0f33-af6e-49f5-b69a-c3adb0adb1a6
Connection
keep-alive
Content-Length
108
Content-Type
text/html; charset=utf-8
services
sync.technoratimedia.com/ Frame 9B6F 		0
293 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
132.226.63.138 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 21:19:27 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
950367221
access-control-allow-origin
https://g2.gumgum.com/
access-control-allow-credentials
true
142
match.deepintent.com/usersync/ Frame 9B6F 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 -, , ASN (),
Reverse DNS
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 21:19:26 GMT
content-length
0
server
b
usersync
usersync.gumgum.com/ Frame 9B6F
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=a_610e5759-624d-4c39-8408-9ef5916d0fe0&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
  • https://stags.bluekai.com/site/23178?id=xPAoIsCgnUhcN9G38svy&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LO...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT26CQIFXUS42DM5XFK2DDJY4UOMZYON3HS...
  • https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=xPAoIsCgnUhcN9G38svy&us_privacy=1---
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=xPAoIsCgnUhcN9G38svy&us_privacy=1---
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 28 Aug 2022 21:19:28 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Sun, 28 Aug 2022 21:19:27 GMT
P3p
CP="We do not support P3P header."
Location
https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=xPAoIsCgnUhcN9G38svy&us_privacy=1---
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
123
Expires
Thu, 01 Dec 1994 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame 9B6F
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://usersync.gumgum.com/usersync?b=idi&i=189553ca-d53d-49b6-a12c-9f8ff48b699e
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=idi&i=189553ca-d53d-49b6-a12c-9f8ff48b699e
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 28 Aug 2022 21:19:27 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=idi&i=189553ca-d53d-49b6-a12c-9f8ff48b699e
date
Sun, 28 Aug 2022 21:19:27 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
usersync
usersync.gumgum.com/ Frame 9B6F
Redirect Chain
  • https://sync.1rx.io/usersync2/floor6?gdpr=0&gdpr_consent=&dspret=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D
  • https://sync.1rx.io/usersync2/floor6?zcc=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D&cb=1661721566814
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8261123244
  • https://sync.1rx.io/usersync/tradedesk/6e62aa03-1100-4557-a9b0-7c8160baab44
  • https://sync.targeting.unrulymedia.com/csync/RX-e5a3c33b-e27c-4690-bcbb-2a21b8ec33b8-004?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-e5a3c33b-e27c-4690-bcbb-2a21b8ec33b8-004
  • https://usersync.gumgum.com/usersync?b=rhy&i=RX-e5a3c33b-e27c-4690-bcbb-2a21b8ec33b8-004
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=rhy&i=RX-e5a3c33b-e27c-4690-bcbb-2a21b8ec33b8-004
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 28 Aug 2022 21:19:29 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=rhy&i=RX-e5a3c33b-e27c-4690-bcbb-2a21b8ec33b8-004
date
Sun, 28 Aug 2022 21:19:29 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXe5a3c33be27c4690bcbb2a21b8ec33b8004
content-type
text/html
usersync
usersync.gumgum.com/ Frame 9B6F
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://usersync.gumgum.com/usersync?b=pln&i=Xu9LgtoR4mMk&ev=1&pid=558355
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=pln&i=Xu9LgtoR4mMk&ev=1&pid=558355
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 28 Aug 2022 21:19:27 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-AU
location
https://usersync.gumgum.com/usersync?b=pln&i=Xu9LgtoR4mMk&ev=1&pid=558355
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-757659594-5pd8p
expires
-1
usersync
usersync.gumgum.com/ Frame 9B6F
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sad&i=6836486443982208980
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sad&i=6836486443982208980
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 28 Aug 2022 21:19:27 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=sad&i=6836486443982208980
date
Sun, 28 Aug 2022 21:19:26 GMT
content-length
0
sync
ads.servenobid.com/ Frame 9B6F 		0
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=309&uid=a_610e5759-624d-4c39-8408-9ef5916d0fe0
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.151.34 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-151-34.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 21:19:26 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
usersync
usersync.gumgum.com/ Frame 7BF6
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
  • https://usersync.gumgum.com/usersync?b=mmh&i=84fa630b-dbd9-4d00-b5d5-397227d1a460&gdpr=0&gdpr_consent=
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=mmh&i=84fa630b-dbd9-4d00-b5d5-397227d1a460&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sun, 28 Aug 2022 21:19:27 GMT
Expires
0
Pragma
no-cache

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Sun, 28 Aug 2022 21:19:26 GMT
Expires
Sun, 28 Aug 2022 21:19:25 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 4505 5b23575 master hkg-pixel-x8 config:1.0.0
location
https://usersync.gumgum.com/usersync?b=mmh&i=84fa630b-dbd9-4d00-b5d5-397227d1a460&gdpr=0&gdpr_consent=
usersync
usersync.gumgum.com/ Frame 6F11
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=Ywvb3wAJ1ZmpyAAK
  • https://usersync.gumgum.com/usersync?b=atm&i=Ywvb3wAJ1ZmpyAAK&gdpr=0&gdpr_consent=&_test=Ywvb3wAJ1ZmpyAAK
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=atm&i=Ywvb3wAJ1ZmpyAAK&gdpr=0&gdpr_consent=&_test=Ywvb3wAJ1ZmpyAAK
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sun, 28 Aug 2022 21:19:27 GMT
Expires
0
Pragma
no-cache

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Sun, 28 Aug 2022 21:19:27 GMT
location
https://usersync.gumgum.com/usersync?b=atm&i=Ywvb3wAJ1ZmpyAAK&gdpr=0&gdpr_consent=&_test=Ywvb3wAJ1ZmpyAAK
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-mel11236-MEL
x-timer
S1661721567.363200,VS0,VE0
pixel
cm.g.doubleclick.net/ Frame 4D33 		170 B
194 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=YV82MTBlNTc1OS02MjRkLTRjMzktODQwOC05ZWY1OTE2ZDBmZTA=&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Sun, 28 Aug 2022 21:19:26 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 534D 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.180.199 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-180-199.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=113852
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Sun, 28 Aug 2022 21:19:26 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Tue, 30 Aug 2022 04:56:58 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usersync
usersync.gumgum.com/ Frame 0359
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=ttd&i=6e62aa03-1100-4557-a9b0-7c8160baab44
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=ttd&i=6e62aa03-1100-4557-a9b0-7c8160baab44
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sun, 28 Aug 2022 21:19:27 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
private,no-cache, must-revalidate
content-length
193
content-type
text/html
date
Sun, 28 Aug 2022 21:19:26 GMT
location
https://usersync.gumgum.com/usersync?b=ttd&i=6e62aa03-1100-4557-a9b0-7c8160baab44
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
um
cs.emxdgt.com/ Frame EFC6 		0
66 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.204.58.250 -, , ASN (),
Reverse DNS
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

content-length
0
content-type
text/plain; charset=utf-8
date
Sun, 28 Aug 2022 21:19:26 GMT
server
awselb/2.0
usersync
usersync.gumgum.com/ Frame 42E8
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=Ywvb3sCo8YMAALh8bYIAAAAA
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=sus&i=Ywvb3sCo8YMAALh8bYIAAAAA
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sun, 28 Aug 2022 21:19:27 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Sun, 28 Aug 2022 21:19:26 GMT
Location
https://usersync.gumgum.com/usersync?b=sus&i=Ywvb3sCo8YMAALh8bYIAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
4
X-SO-Cluster-ID
52
X-SO-HostName
a-ad40166.dc2p.scaleout.jp
X-SO-IP
103.209.254.23
X-SO-Key
Ywvb3sCo8YMAALh8bYIAAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":52,"gdpr":false,"ipv4":"103.209.254.23","key":"Ywvb3sCo8YMAALh8bYIAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"a-ad40166"}
X-SO-LB-Hostname
m-tgng31.dc4p.scaleout.jp
X-SO-Upstream-ID
a-ad40166
usersync
usersync.gumgum.com/ Frame 1049
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D
  • https://usersync.gumgum.com/usersync?b=iex&i=Ywvb2fifO9Odw.d0VttCDwAA%26862
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=iex&i=Ywvb2fifO9Odw.d0VttCDwAA%26862
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sun, 28 Aug 2022 21:19:27 GMT
Expires
0
Pragma
no-cache

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
742015cfb8bd3772-MEL
content-length
0
date
Sun, 28 Aug 2022 21:19:26 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
0
location
https://usersync.gumgum.com/usersync?b=iex&i=Ywvb2fifO9Odw.d0VttCDwAA%26862
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3V999Z7w%2B3ep1CQU%2ByiPtu5CVSWKX2MkJ0LiH8tYtbXFzKun4XV1rHuFoaK01a1xBfAEw%2BzFcf0l5FTxlz4cal1XxjinypzPiGKRElhL9TAVBz9bdqZx83fX1IYG1ACrbzo6gpwXItpUYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usersync
usersync.gumgum.com/ Frame 7B8A
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://usersync.gumgum.com/usersync?b=rth&i=DgIEBdIPGLXZXQUL9gIE&pi=gumgum&tc=1
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=DgIEBdIPGLXZXQUL9gIE&pi=gumgum&tc=1
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sun, 28 Aug 2022 21:19:28 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Sun, 28 Aug 2022 21:19:27 GMT Sun, 28 Aug 2022 21:19:27 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=DgIEBdIPGLXZXQUL9gIE&pi=gumgum&tc=1
pragma
no-cache
usync.html
eus.rubiconproject.com/ Frame 2A38
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
410 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.9.185.218 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-9-185-218.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Sun, 28 Aug 2022 21:19:27 GMT
etag
"402b2-119-5d32342a551c0"
last-modified
Tue, 14 Dec 2021 23:07:59 GMT
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sun, 28 Aug 2022 21:19:26 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
event.png
tpsc-sgc.doubleverify.com/ Frame 3DF8 		0
210 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tpsc-sgc.doubleverify.com/event.png?impid=cab5b940058a4bea841f3bca7ee603c5&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&vdur=2103&eoid=11&msrjs=2986&sdf=2&vit=2&isvelg=1&rmi=16&tltms=555&tetms=8&msltms=565&vltms=2103&sei=290&vetms=6&engms=1&engisel=1&dvp_dtcov=4&msrcanlm=392&msrcannum=3&ismms=36&isumms=35&nvr=6&elmtp=6&isbxdms=4242&b0=229&b11=4310&adhgt=250&adwdth=300&norwdth=300&norhgt=250&vsos=4&dvp_vsosnmr=16&lftb=4539&sftb=4539&msrdp=8&naral=128&vct=512&vphgt=1200&vpwdth=1600&chgt=280&cwdth=336&invcs=false&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&isiabvms=1036&isuiabvms=1036&ispmxpms=1036&engalms=34&dvp_dpr=1&ttfurm=5134&cbust=1661721566716420
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements2986.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.174.120.107 Avondale, United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Pragma
no-cache
Date
Sun, 28 Aug 2022 21:19:27 GMT
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Expires
08/27/2022 21:19:27
event.png
tpsc-sgc.doubleverify.com/ Frame 95A1 		0
210 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tpsc-sgc.doubleverify.com/event.png?impid=a8d58201fe14463b854198002381e76d&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&vdur=1958&eoid=11&msrjs=2986&sdf=2&vit=2&isvelg=1&rmi=16&tltms=514&tetms=6&msltms=568&vltms=1958&sei=290&vetms=17&engms=1&engisel=1&dvp_dtcov=4&msrcanlm=392&msrcannum=3&ismms=11&isumms=11&nvr=2&elmtp=6&isbxdms=4033&b0=4236&adhgt=250&adwdth=300&norwdth=300&norhgt=250&dvp_vsosnmr=1&lftb=4236&sftb=4236&msrdp=8&naral=128&vct=512&vphgt=1200&vpwdth=1600&chgt=280&cwdth=336&invcs=false&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&engalms=10&dvp_dpr=1&ttfurm=4982&cbust=1661721566733471
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements2986.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.174.120.107 Avondale, United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Pragma
no-cache
Date
Sun, 28 Aug 2022 21:19:27 GMT
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Expires
08/27/2022 21:19:27
activeview
pagead2.googlesyndication.com/pcs/ Frame 3E07 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsutqhcvZuJaaNWbgIXVVh2VeBjBW4wCmrrzzIA9jUwAN3osrILSw4vC0d4np9-D0rTJ8C1GFAPDcB5paNFlYMpIG_ZRjRyCAF-cRA0OMQURp1iIAR1kFfjuFh5WeC_COtGEPT4&sai=AMfl-YQC1TxM_osOzYbOi0OTKHpy9wQt_dAbuuUT3sq75RA3NT8GLaw-xV698yplTN_mSNgC2ERC_Ccc6gWWEtal2d0LGSGnzpIZdERojdEU9IL58aNzGKJ5z0RCBXE&sig=Cg0ArKJSzO9aDM4p9EGmEAE&cid=CAASJORodyFabnU5M-vMKFc8a3aYSnA9rRAle823Xcgiy3cuy5mDVw&id=lidar2&mcvt=1000&p=60,450,310,750&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220824&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1420297610&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1661721562525&rpt=3238&isd=0&lsd=0&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://1658cca735c76dfbd679764915247b41.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Aug 2022 21:19:26 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 49A3 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstZf5AVHWEstlIY4LZCtuqFVgJNVrNuNiuN_i2ot3OrvYEl0tKl77Slqd3MC9eJmSJQgy3xzFcABjTL-OFw-Dynq9a9LFj4TBqe2LHRlC-vrX2IOFa2BF1Zk_Jrc56N_5msGxM&sai=AMfl-YQAU1Y-hykuLCqTBFsXnkdJPgHh0ik7G0u8m9-HRQO6GVV77HSWqfdjKIFhvBAWjHhoXKtWqgvkkNKwHzeYtQMOBK56QQWB9aYd68zE7XgeP3_m1mr1nqHMyfE&sig=Cg0ArKJSzMOv5caoFj2FEAE&cid=CAASJORowo78beLJNivx0mPfnCSVszv3lxoJ4FElidKDP73c94FZUQ&id=lidar2&mcvt=1000&p=1110,436,1200,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220824&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2857874404&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1661721562536&rpt=3245&isd=0&lsd=0&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://1658cca735c76dfbd679764915247b41.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Aug 2022 21:19:26 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
async_usersync
ib.adnxs.com/ Frame EB56 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.151.120 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
908.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 28 Aug 2022 21:19:26 GMT
X-Proxy-Origin
103.209.254.23; 103.209.254.23; 908.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid
2cc19e40-c7d8-4704-9f09-39a69a19f18e
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=2oe8o0&_p=5149&cid=31152529.1661721562&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=2&sid=1661721562&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Flu-pei-pian-tai-ren-ai-bai-bai-zou-chun-xiang-fang-chang-jia.html&dt=%E9%99%B8%E9%85%8D%E7%AF%87%EF%BC%8D%E8%87%BA%E4%BA%BA%E6%84%9B%E6%8B%9C%E6%8B%9C%E8%B5%B0%E6%98%A5%20%E5%83%8F%E6%94%BE%E9%95%B7%E5%81%87%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_failed&_et=2
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f139.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Aug 2022 21:19:27 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
match
c1.adform.net/serving/cookie/ Frame 2BEC 		35 B
467 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=2D90B5A0-E1E6-4867-B4F1-D1A01815D501
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3047231651531946000V10%26type%3Dpba%26refUrl%3D%26vid%3D17215656183047231651531946000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.84.60.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Sun, 28 Aug 2022 21:19:27 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 1C5B
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:84fa630b-dbd9-4d00-b5d5-397227d1a460&gdpr=0&gdpr_consent=
42 B
327 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:84fa630b-dbd9-4d00-b5d5-397227d1a460&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3047231651531946000V10%26type%3Dpba%26refUrl%3D%26vid%3D17215656183047231651531946000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.194 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 28 Aug 2022 21:19:27 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Sun, 28 Aug 2022 21:19:27 GMT
Expires
Sun, 28 Aug 2022 21:19:26 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 4505 5b23575 master hkg-pixel-x10 config:1.0.0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:84fa630b-dbd9-4d00-b5d5-397227d1a460&gdpr=0&gdpr_consent=
Pug
simage2.pubmatic.com/AdServer/ Frame 26AA
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Ywvb3wADGacWZABN&gdpr=0&gdpr_consent=&_test=Ywvb3wADGacWZABN
1 B
240 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Ywvb3wADGacWZABN&gdpr=0&gdpr_consent=&_test=Ywvb3wADGacWZABN
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3047231651531946000V10%26type%3Dpba%26refUrl%3D%26vid%3D17215656183047231651531946000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.194 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Sun, 28 Aug 2022 21:19:27 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Sun, 28 Aug 2022 21:19:27 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Ywvb3wADGacWZABN&gdpr=0&gdpr_consent=&_test=Ywvb3wADGacWZABN
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-mel11236-MEL
x-timer
S1661721568.541376,VS0,VE0
Pug
simage2.pubmatic.com/AdServer/ Frame FA25
Redirect Chain
  • https://cm.ambientdsp.com/cm/send?vc=pmj
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=wumor5sk1xl
1 B
148 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=wumor5sk1xl
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3047231651531946000V10%26type%3Dpba%26refUrl%3D%26vid%3D17215656183047231651531946000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.194 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Sun, 28 Aug 2022 21:19:27 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-encoding
utf-8
cache-control
no-store
content-length
0
date
Sun, 28 Aug 2022 21:19:28 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=wumor5sk1xl
lws
127.0.0.1
strict-transport-security
max-age=31536000; includeSubDomains
time-ms
0
send
sync-dsp.ad-m.asia/dsp/api/sync/ Frame 603A 		43 B
243 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=pubmatic&rd=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw%26piggybackCookie%3D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3047231651531946000V10%26type%3Dpba%26refUrl%3D%26vid%3D17215656183047231651531946000V10%26ovsid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
202.131.200.84 , Japan, ASN17941 (BIT-ISLE Equinix Japan Enterprise K.K., JP),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
no-store,no-cache
Connection
close
Content-Length
43
Content-Type
image/gif
Date
Sun, 28 Aug 2022 21:19:27 GMT
Pragma
no-cache
Server
nginx
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame 80F9
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
42 B
245 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3047231651531946000V10%26type%3Dpba%26refUrl%3D%26vid%3D17215656183047231651531946000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.194 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 28 Aug 2022 21:19:27 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache
content-length
0
cross-origin-resource-policy
cross-origin
date
Sun, 28 Aug 2022 21:19:26 GMT
expires
Sun, 28 Aug 2022 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
1942644
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
pxd
dps.jp.cinarra.com/ Frame 6C3B 		95 B
220 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dps.jp.cinarra.com/pxd?PLATFORM_ID=D&USER_ID=2D90B5A0-E1E6-4867-B4F1-D1A01815D501
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3047231651531946000V10%26type%3Dpba%26refUrl%3D%26vid%3D17215656183047231651531946000V10%26ovsid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.178.84.241 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Connection
keep-alive
Content-Length
95
Content-Type
image/png
Date
Sun, 28 Aug 2022 21:19:27 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame CCDB
Redirect Chain
  • https://ipac.ctnsnet.com/int/cm?exc=14&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA%3D%26piggybackCookie%3D%5Buser_id%5D
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=aac1720807414abc910ece0cfdfee7ad
42 B
283 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=aac1720807414abc910ece0cfdfee7ad
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3047231651531946000V10%26type%3Dpba%26refUrl%3D%26vid%3D17215656183047231651531946000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.194 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 28 Aug 2022 21:19:27 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html;charset=UTF-8
date
Sun, 28 Aug 2022 21:19:27 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=aac1720807414abc910ece0cfdfee7ad
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
status
302
via
1.1 google
x-xss-protection
1; mode=block
Pug
simage2.pubmatic.com/AdServer/ Frame C7A3
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:Pr3JOiBj1OspGK5&gdpr=0&gdpr_consent=
42 B
196 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:Pr3JOiBj1OspGK5&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3047231651531946000V10%26type%3Dpba%26refUrl%3D%26vid%3D17215656183047231651531946000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.194 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 28 Aug 2022 21:19:27 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Sun, 28 Aug 2022 21:19:26 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:Pr3JOiBj1OspGK5&gdpr=0&gdpr_consent=
Pragma
no-cache
Server
PingMatch/9853e75#9853e75792b29505864c0b7c23889ef441e21f3f i-06f4f2a63ede655a4@ap-southeast-1b@dxedge-app-ap-southeast-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Pug
image2.pubmatic.com/AdServer/ Frame 03F1
Redirect Chain
  • https://gocm.c.appier.net/pubmatic
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=IbFZEJ9cBFKSDhH239sLYw
42 B
228 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=IbFZEJ9cBFKSDhH239sLYw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3047231651531946000V10%26type%3Dpba%26refUrl%3D%26vid%3D17215656183047231651531946000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.86 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 28 Aug 2022 21:19:27 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-store
content-length
153
content-type
text/html; charset=utf-8
date
Sun, 28 Aug 2022 21:19:27 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=IbFZEJ9cBFKSDhH239sLYw
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
nginx
Pug
simage2.pubmatic.com/AdServer/ Frame 0817
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2469040282
  • https://sync.1rx.io/usersync/tradedesk/6e62aa03-1100-4557-a9b0-7c8160baab44
  • https://sync.targeting.unrulymedia.com/csync/RX-e5a3c33b-e27c-4690-bcbb-2a21b8ec33b8-004?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-e5a3c33b-e27c-4690-bcbb-2a21b8ec33b8-004
42 B
332 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-e5a3c33b-e27c-4690-bcbb-2a21b8ec33b8-004
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3047231651531946000V10%26type%3Dpba%26refUrl%3D%26vid%3D17215656183047231651531946000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.194 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 28 Aug 2022 21:19:29 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-type
text/html
date
Sun, 28 Aug 2022 21:19:29 GMT
etag
RXe5a3c33be27c4690bcbb2a21b8ec33b8004
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-e5a3c33b-e27c-4690-bcbb-2a21b8ec33b8-004
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Pug
simage2.pubmatic.com/AdServer/ Frame AC44
Redirect Chain
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=186419c4-2717-11ed-81cb-cf971f131576
42 B
243 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=186419c4-2717-11ed-81cb-cf971f131576
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3047231651531946000V10%26type%3Dpba%26refUrl%3D%26vid%3D17215656183047231651531946000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.194 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 28 Aug 2022 21:19:27 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Sun, 28 Aug 2022 21:19:27 GMT
Expires
Thu, 23 Sep 2004 17:42:04 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=186419c4-2717-11ed-81cb-cf971f131576
P3P
CP="NOI OTC OTP OUR NOR"
Pragma
no-cache
X-RealServer-NX
aws-apsoutheast1a-delivery-1
server
Cowboy
rtb-h
match.taboola.com/sg/pubmatic-ssp-network/1/ Frame 92CE
Redirect Chain
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=d1d7729d-16e1-4e2a-8cfb-37937b965e69-tucta05615f&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdSe...
0
54 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=d1d7729d-16e1-4e2a-8cfb-37937b965e69-tucta05615f&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3047231651531946000V10%26type%3Dpba%26refUrl%3D%26vid%3D17215656183047231651531946000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
content-length
0
date
Sun, 28 Aug 2022 21:19:27 GMT
server
nginx
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-mel11236-MEL
x-timer
S1661721568.602753,VS0,VE130

Redirect headers

accept-ranges
bytes
content-length
0
date
Sun, 28 Aug 2022 21:19:27 GMT
location
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=d1d7729d-16e1-4e2a-8cfb-37937b965e69-tucta05615f&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
server
nginx
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-mel11236-MEL
x-timer
S1661721567.409080,VS0,VE97
x-vcl-time-ms
97
Pug
simage2.pubmatic.com/AdServer/ Frame 8E2C
Redirect Chain
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={viewer_token}&gdpr=0
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={viewer_token}&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3047231651531946000V10%26type%3Dpba%26refUrl%3D%26vid%3D17215656183047231651531946000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.194 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sun, 28 Aug 2022 21:19:27 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
742015d44ed95a55-MEL
content-length
0
date
Sun, 28 Aug 2022 21:19:27 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={viewer_token}&gdpr=0
server
cloudflare
cookiesync
core.iprom.net/ Frame 9B86 		43 B
279 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3047231651531946000V10%26type%3Dpba%26refUrl%3D%26vid%3D17215656183047231651531946000V10%26ovsid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Sun, 28 Aug 2022 21:19:28 GMT
Vary
Accept-Encoding
X-adserver-worker
komodo-d65b62e6d3fe@version_1.522v2
X-core-time
0ms
X-server-arch
v2
i.match
a.tribalfusion.com/ Frame 75E8 		43 B
692 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3047231651531946000V10%26type%3Dpba%26refUrl%3D%26vid%3D17215656183047231651531946000V10%26ovsid%3DPM_UID
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.152.245 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
742015d32cf75ac8-MEL
content-length
43
content-type
image/gif; charset=utf-8
date
Sun, 28 Aug 2022 21:19:27 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302
141
match.deepintent.com/usersync/ Frame A525 		0
39 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3047231651531946000V10%26type%3Dpba%26refUrl%3D%26vid%3D17215656183047231651531946000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 -, , ASN (),
Reverse DNS
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

content-length
0
date
Sun, 28 Aug 2022 21:19:27 GMT
server
b
cksync.php
contextual.media.net/ Frame 969D 		45 B
467 B 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3047231651531946000V10&type=pba&refUrl=&vid=17215656183047231651531946000V10&ovsid=2D90B5A0-E1E6-4867-B4F1-D1A01815D501
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3047231651531946000V10%26type%3Dpba%26refUrl%3D%26vid%3D17215656183047231651531946000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.207.180.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-180-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-length
45
content-type
image/gif
date
Sun, 28 Aug 2022 21:19:27 GMT
expires
Sun, 28 Aug 2022 21:19:27 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
pragma
no-cache
server
Apache
strict-transport-security
max-age=31536000
x-mnet-hl2
E
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 78C4
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=LZC1oOHmSGe08dGgGBXVAQ%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3047231651531946000V10%26type%3Dpba%26refUrl%3D%26vid%3D17215656183047231651531946000V10%26ovsid%3DPM_UID
Protocol
H2
Server
23.207.180.199 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-180-199.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 21:19:27 GMT
content-encoding
gzip
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
server
Apache
etag
"1300708-3de4-5d6ef246ef4cf"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=113851
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
5549
expires
Tue, 30 Aug 2022 04:56:58 GMT

Redirect headers

pragma
no-cache
date
Sun, 28 Aug 2022 21:19:27 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
458249.gif
idsync.rlcdn.com/ Frame 78C4
Redirect Chain
  • https://idsync.rlcdn.com/420486.gif?partner_uid=2D90B5A0-E1E6-4867-B4F1-D1A01815D501
  • https://idsync.rlcdn.com/1000.gif?memo=CIbVGRIwCiwIARCMowEaJDJEOTBCNUEwLUUxRTYtNDg2Ny1CNEYxLUQxQTAxODE1RDUwMRAAGg0I37evmAYSBQjoBxAAQgBKAA
  • https://pippio.com/api/sync?pid=5324&it=1&iv=616937d12674ba6086d10bf1f2f0ad446a85742918fc897c068e9d83026897ef791426b5417dce21&_=2
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlA2MTY5MzdkMTI2NzRiYTYwODZkMTBiZjFmMmYwYWQ0NDZhODU3NDI5MThmYzg5N2MwNjhlOWQ4MzAyNjg5N2VmNzkxNDI2YjU...
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlA2MTY5MzdkMTI2NzRiYTYwODZkMTBiZjFmMmYwYWQ0NDZhODU3NDI5MThmYzg5N2MwNjhlOWQ4MzAyNjg5N2VmNzkxNDI2YjU0MTdkY2UyMRAAGgwI4LevmAYSBAgCEABCAEoA&goog...
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3=
  • https://idsync.rlcdn.com/458249.gif?partner_uid=ed277fbe-5e4a-4a99-9d1e-ee4a705c1d38
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/458249.gif?partner_uid=ed277fbe-5e4a-4a99-9d1e-ee4a705c1d38
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3047231651531946000V10%26type%3Dpba%26refUrl%3D%26vid%3D17215656183047231651531946000V10%26ovsid%3DPM_UID
Protocol
H3
Server
35.190.60.146 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 28 Aug 2022 21:19:29 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

location
https://idsync.rlcdn.com/458249.gif?partner_uid=ed277fbe-5e4a-4a99-9d1e-ee4a705c1d38
date
Sun, 28 Aug 2022 21:19:29 GMT
via
1.1 google
x-samesite
secure
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
111
content-type
text/html; charset=utf-8
SPug
image4.pubmatic.com/AdServer/ Frame 78C4
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=84fa630b-dbd9-4d00-b5d5-397227d1a460
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=84fa630b-dbd9-4d00-b5d5-397227d1a460
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3047231651531946000V10%26type%3Dpba%26refUrl%3D%26vid%3D17215656183047231651531946000V10%26ovsid%3DPM_UID
Protocol
H2
Server
103.231.98.195 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 21:19:43 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Sun, 28 Aug 2022 21:19:27 GMT
Server
MT3 4505 5b23575 master hkg-pixel-x5 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=84fa630b-dbd9-4d00-b5d5-397227d1a460
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 28 Aug 2022 21:19:26 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 78C4
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MkQ5MEI1QTAtRTFFNi00ODY3LUI0RjEtRDFBMDE4MTVENTAx&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3047231651531946000V10%26type%3Dpba%26refUrl%3D%26vid%3D17215656183047231651531946000V10%26ovsid%3DPM_UID
Protocol
H2
Server
67.199.150.86 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 21:19:27 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 28 Aug 2022 21:19:27 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 78C4
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEISttK5Zj2MYgIlvvMurd8o&google_cver=1
42 B
298 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEISttK5Zj2MYgIlvvMurd8o&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3047231651531946000V10%26type%3Dpba%26refUrl%3D%26vid%3D17215656183047231651531946000V10%26ovsid%3DPM_UID
Protocol
H2
Server
67.199.150.86 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 21:19:27 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 28 Aug 2022 21:19:27 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEISttK5Zj2MYgIlvvMurd8o&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 78C4
Redirect Chain
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:44CD1B8CE5F8492FB0A28F9ECD8170E7
42 B
209 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:44CD1B8CE5F8492FB0A28F9ECD8170E7
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3047231651531946000V10%26type%3Dpba%26refUrl%3D%26vid%3D17215656183047231651531946000V10%26ovsid%3DPM_UID
Protocol
H2
Server
67.199.150.86 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 21:19:27 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

date
Sun, 28 Aug 2022 21:19:27 GMT
x-content-type-options
nosniff
server
nginx
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:44CD1B8CE5F8492FB0A28F9ECD8170E7
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
138
expires
Sat, 27 Aug 2022 21:19:27 GMT
2D90B5A0-E1E6-4867-B4F1-D1A01815D501
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 78C4 		43 B
991 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/2D90B5A0-E1E6-4867-B4F1-D1A01815D501?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3047231651531946000V10%26type%3Dpba%26refUrl%3D%26vid%3D17215656183047231651531946000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.221.138.76 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-221-138-76.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 21:19:27 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
Pug
simage2.pubmatic.com/AdServer/ Frame 78C4
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=6e62aa03-1100-4557-a9b0-7c8160baab44
42 B
276 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=6e62aa03-1100-4557-a9b0-7c8160baab44
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3047231651531946000V10%26type%3Dpba%26refUrl%3D%26vid%3D17215656183047231651531946000V10%26ovsid%3DPM_UID
Protocol
H2
Server
103.231.98.194 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 21:19:27 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 28 Aug 2022 21:19:27 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=6e62aa03-1100-4557-a9b0-7c8160baab44
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
Pug
image2.pubmatic.com/AdServer/ Frame 78C4
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=wOuDEpK610jb6dUWwLyeSMPghUHbudcSkunPslhL
42 B
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=wOuDEpK610jb6dUWwLyeSMPghUHbudcSkunPslhL
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3047231651531946000V10%26type%3Dpba%26refUrl%3D%26vid%3D17215656183047231651531946000V10%26ovsid%3DPM_UID
Protocol
H2
Server
67.199.150.86 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 21:19:27 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 28 Aug 2022 21:19:27 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=wOuDEpK610jb6dUWwLyeSMPghUHbudcSkunPslhL
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame 78C4
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=2D90B5A0-E1E6-4867-B4F1-D1A01815D501&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-BUYzQPdE2uXavJhzjh_Ymgd_pOk3j5M-~A&gdpr=0&gdpr_consent=
0
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-BUYzQPdE2uXavJhzjh_Ymgd_pOk3j5M-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3047231651531946000V10%26type%3Dpba%26refUrl%3D%26vid%3D17215656183047231651531946000V10%26ovsid%3DPM_UID
Protocol
H2
Server
103.231.98.195 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 21:19:28 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-BUYzQPdE2uXavJhzjh_Ymgd_pOk3j5M-~A&gdpr=0&gdpr_consent=
date
Sun, 28 Aug 2022 21:19:27 GMT
server
ATS/9.1.10.25
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
x.bidswitch.net/ Frame 78C4
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=f114f8fa-a65c-4aa6-ad4c-32818ddf1088&ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10528852980564319547&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.vi...
  • https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=1a130944-7064-46ff-ad28-4a4d716baf58&ssp=pubmatic&gdpr_consent=&gdpr=0
  • https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=10528852980564319547&ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://odr.mookie1.com/t/v2?tagid=V2_785409&src.visitorId=207540804257005052388&ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10528852980564319547&ssp=pubmatic&gdpr=0&gdpr_consent=
0
0
Pug
image2.pubmatic.com/AdServer/ Frame 78C4
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3612964200180168013&gdpr=0&gdpr_consent=
42 B
446 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3612964200180168013&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3047231651531946000V10%26type%3Dpba%26refUrl%3D%26vid%3D17215656183047231651531946000V10%26ovsid%3DPM_UID
Protocol
H2
Server
67.199.150.86 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 21:19:27 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Sun, 28 Aug 2022 21:19:27 GMT
X-Proxy-Origin
103.209.254.23; 103.209.254.23; 908.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid
2e02e2b4-1803-4442-9f9e-997d870c67f2
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3612964200180168013&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 78C4
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8900026220164566207
42 B
217 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8900026220164566207
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3047231651531946000V10%26type%3Dpba%26refUrl%3D%26vid%3D17215656183047231651531946000V10%26ovsid%3DPM_UID
Protocol
H2
Server
103.231.98.194 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 21:19:27 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 28 Aug 2022 21:19:27 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8900026220164566207
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame 78C4
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3369155634498770692&gdpr=0&gdpr_consent=&us_privacy=
1 B
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3369155634498770692&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3047231651531946000V10%26type%3Dpba%26refUrl%3D%26vid%3D17215656183047231651531946000V10%26ovsid%3DPM_UID
Protocol
H2
Server
103.231.98.194 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 21:19:27 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3369155634498770692&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Sun, 28 Aug 2022 21:19:26 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame 78C4
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=3612964200180168013
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=3612964200180168013
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3047231651531946000V10%26type%3Dpba%26refUrl%3D%26vid%3D17215656183047231651531946000V10%26ovsid%3DPM_UID
Protocol
H2
Server
103.231.98.194 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 21:19:27 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Sun, 28 Aug 2022 21:19:27 GMT
X-Proxy-Origin
103.209.254.23; 103.209.254.23; 904.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid
9659c032-ee22-4ecc-94aa-6ac92613fcc0
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=3612964200180168013
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 78C4
Redirect Chain
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=2D90B5A0-E1E6-4867-B4F1-D1A01815D501&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=43a752b64b3f2261&is_secure=true&networkId=17100&version=1&nuid=2D90B5A0-E1E6-4867-B4F1-D1A01815D501&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAMNsRav5vpMwND4N8xAAAAAAA&expiration=1661807967&nuid=2D90B5A0-E1E6-4867-B4F1-D1A01815D501&...
42 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAMNsRav5vpMwND4N8xAAAAAAA&expiration=1661807967&nuid=2D90B5A0-E1E6-4867-B4F1-D1A01815D501&is_secure=true&gdpr_consent=&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3047231651531946000V10%26type%3Dpba%26refUrl%3D%26vid%3D17215656183047231651531946000V10%26ovsid%3DPM_UID
Protocol
H2
Server
103.231.98.194 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 21:19:27 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 28 Aug 2022 21:19:27 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAMNsRav5vpMwND4N8xAAAAAAA&expiration=1661807967&nuid=2D90B5A0-E1E6-4867-B4F1-D1A01815D501&is_secure=true&gdpr_consent=&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
d1ba4609
rtb.gumgum.com/getuid/ Frame 78C4 		35 B
209 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3047231651531946000V10%26type%3Dpba%26refUrl%3D%26vid%3D17215656183047231651531946000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.115.174.50 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Aug 2022 21:19:27 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0
usync.js
eus.rubiconproject.com/ Frame 2A38 		31 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.9.185.218 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-9-185-218.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
8a8759ea2c2da380bbc3dba74c7d8719e2371bab649692a0b8639cecadde1943

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 21:19:27 GMT
content-encoding
gzip
last-modified
Wed, 24 Aug 2022 20:46:19 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=11559
content-type
text/html; charset=UTF-8
content-length
9377
expires
Mon, 29 Aug 2022 00:32:06 GMT
usersync
usersync.gumgum.com/ Frame 2A38
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=L7DU41EK-1I-GX9S
  • https://usersync.gumgum.com/usersync?b=mag&i=L7DU41EK-1I-GX9S
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=mag&i=L7DU41EK-1I-GX9S
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 28 Aug 2022 21:19:28 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://usersync.gumgum.com/usersync?b=mag&i=L7DU41EK-1I-GX9S
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
f60a7260b0ebb7a40a81234af4a9e826
Expires
0
SPug
simage4.pubmatic.com/AdServer/ Frame 78C4 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=159463&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3047231651531946000V10%26type%3Dpba%26refUrl%3D%26vid%3D17215656183047231651531946000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.195 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 21:19:30 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
PugMaster
image6.pubmatic.com/AdServer/ Frame BAD0 		695 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=47644515&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.81 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
150bfac836b7233e6b0f9edc55cd319d2cdc47927d4fbe39dfd3bdd0602d0ae9

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 21:19:29 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
695
content-type
text/html; charset=UTF-8
pm_match
um.simpli.fi/ Frame F12A 		0
0
setuid
x.yieldlift.com/ Frame 07C2 		0
0
info
uipglob.semasio.net/pubmatic/1/ Frame BAD0 		0
0
qmap
sync.crwdcntrl.net/ Frame BAD0 		0
0
generic
match.adsrvr.org/track/cmf/ Frame BAD0
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=2D90B5A0-E1E6-4867-B4F1-D1A01815D501
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=1a130944-7064-46ff-ad28-4a4d716baf58%252C&gdpr=0&gdpr_consent=
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
hb-api.omnitagjs.com
URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Flu-pei-pian-tai-ren-ai-bai-bai-zou-chun-xiang-fang-chang-jia.html&CanonicalUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Flu-pei-pian-tai-ren-ai-bai-bai-zou-chun-xiang-fang-chang-jia.html&PublisherDomain=https%3A%2F%2Fbg3.co%2F
Domain
cm.adform.net
URL
https://cm.adform.net/cookie?gdpr=0&gdpr_consent=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F5%2F6%3Fgdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26A%3Dc020465a-5a4e-4adb-a4ac-6bead996d320%26bidder%3Dadform%26cbx%3DaHR0cHM6Ly9zc3AuZGlzcXVzLmNvbS9tYXRjaD9iaWRkZXI9NiZyPUNpZDFZUzFoWWpsak5UWXlOUzA1TW1OaExUTmpNREV0WVRoaE55MHpOV0U1TUdKaVpEVXhaVGNxVTJoMGRIQnpPaTh2WVdSekxuTmxjblpsYm05aWFXUXVZMjl0TDNONWJtTV9jR2xrUFRNME5pWjFhV1E5ZFdFdFlXSTVZelUyTWpVdE9USmpZUzB6WXpBeExXRTRZVGN0TXpWaE9UQmlZbVExTVdVM01nSUdFamdCJmJ1eWVydWlkPQ%253D%253D%26uid%3D%24UID
Domain
x.bidswitch.net
URL
https://x.bidswitch.net/sync?dsp_id=419&user_id=10528852980564319547&ssp=pubmatic&gdpr=0&gdpr_consent=
Domain
um.simpli.fi
URL
https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID
Domain
x.yieldlift.com
URL
https://x.yieldlift.com/setuid?bidder=pubmatic&gdpr=0&gdpr_consent=&us_privacy=1YN-&uid=2D90B5A0-E1E6-4867-B4F1-D1A01815D501
Domain
uipglob.semasio.net
URL
https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=2D90B5A0-E1E6-4867-B4F1-D1A01815D501&sInitiator=external&gdpr=0&gdpr_consent=
Domain
sync.crwdcntrl.net
URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=2D90B5A0-E1E6-4867-B4F1-D1A01815D501&gdpr=0&gdpr_consent=
Domain
match.adsrvr.org
URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=1a130944-7064-46ff-ad28-4a4d716baf58%252C&gdpr=0&gdpr_consent=

Verdicts & Comments Add Verdict or Comment

101 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| adpushup object| ucfad_async object| AMP object| ucf object| request string| paramsString object| AMP_CONFIG object| AMP_EXP object| __AMP_LOG function| HTMLElementOrig object| __AMP_ERRORS object| __AMP_MODE function| __AMP_REPORT_ERROR object| __AMP_TOP object| __AMP_SERVICES object| __AMP_URL_CACHE object| __AMP__EXPERIMENT_TOGGLES boolean| __AMP_TAG object| __AMP_EXTENDED_ELEMENTS function| __AMP_BASE_CE_CLASS object| adRecover number| ampAdSlotIdCounter function| setImmediate function| clearImmediate object| __AMP_EXPERIMENT_BRANCHES object| goog_identity_prom string| __AMP_DEFAULT_BOOTSTRAP_SUBDOMAIN number| ampAdGoogleIfiCounter undefined| $ undefined| jQuery function| jqAlias object| google_reactive_ads_global_state string| currentState object| gaGlobal number| ampAdPageCorrelator object| listeningFors number| 3pla object| google_ad_modifications number| google_global_correlator object| google_prev_clients object| googletag object| _apPbJs object| hbAnalytics object| adpTags object| ggeac object| google_tag_data object| google_js_reporting_queue object| _apPbJsChunk object| _pbjsGlobals object| mnet string| nobidVersion object| nobid object| _qevents object| Criteo undefined| google_measure_js_timing object| ap_link_preview_states object| apLinkPreviewUtils object| apEuCountries function| quantserve function| __qc object| ezt object| _qoptions function| qtrack boolean| descriptionPage object| dataLayer function| gtag object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| google_tag_manager function| onYouTubeIframeAPIReady object| criteo_pubtag object| criteo_pubtag_prebid_117 object| Criteo_prebid_117 object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager

99 Cookies

Domain/Path Name / Value
.3lift.com/sync Name: sync
Value: CgoIoQEQqLLLsq4wCgoIgQIQqLLLsq4wCgoI4gEQqLLLsq4wCgoI5gEQqLLLsq4wCgoIhwIQqLLLsq4wCgkICRCossuyrjAKCQg6EKiyy7KuMAoJCAsQqLLLsq4wCgoIjAIQqLLLsq4wCgkIXxCossuyrjA=
.aralego.com/ Name: sspid
Value: b1d33660-a84c-349a-86a8-147ce5e7e6a2
.aralego.com/ Name: euconsent-v2
Value:
.aralego.com/ Name: gdpr
Value: 1
.bg3.co/ Name: __gpi
Value: UID=0000092e96e42a41:T=1661721558:RT=1661721558:S=ALNI_MaNFV8HrbzSIXvLlBcdiTUBHrMkww
.doubleclick.net/ Name: IDE
Value: AHWqTUkFFIpA45g_6O1QKj671C8vv-EXu-1fOFnrAbEBOcuVdV7GSzAh1bDRdeOHagY
www.bg3.co/ Name: __AP_SESSION__
Value: 5fa3f647-3df0-40b9-bac3-f6713992a082
www.bg3.co/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.bg3.co/ Name: _pubcid
Value: 3061aaa2-11b4-43ab-9fad-cd3db135c173
.adpushup.com/ Name: ap_uid
Value: 13ed8e20-2717-11ed-8f59-000d3aa18564
.adpushup.com/ Name: ap_usid
Value: 13ed8e21-2717-11ed-8f59-000d3aa18564
.openx.net/ Name: i
Value: 3061aaa2-11b4-43ab-9fad-cd3db135c173|1661721559
.rubiconproject.com/ Name: khaos
Value: L7DU41EK-1I-GX9S
.prebid.a-mo.net/ Name: __amc
Value: 1_1661721559_1661721559
.a-mo.net/ Name: amuid2
Value: c020465a-5a4e-4adb-a4ac-6bead996d320
.prebid.a-mo.net/ Name: sd_amuid2
Value: c020465a-5a4e-4adb-a4ac-6bead996d320
.teads.tv/ Name: tt_viewer
Value: be5b9d1e-3da0-4297-82cb-42601bf5d8e5
www.bg3.co/ Name: qcSxc
Value: 1661721560039
.quantserve.com/ Name: mc
Value: 630bdbd8-1ff6d-85861-adbd1
.bg3.co/ Name: __qca
Value: P0-1516213821-1661721560036
.adnxs.com/ Name: uuid2
Value: 3612964200180168013
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2GVPwSn^(!]tbPl1M>e)ZlrFUfJ+tGXxo@AH5XD?5H!3cV*IrK$!Oe?:wx)]5-!Mq^!Js3If)y3KL9D3I?+S(2Nl[
.casalemedia.com/ Name: CMPS
Value: 862
.smaato.net/ Name: SCM
Value: 55d788a4
.smaato.net/ Name: SCMg
Value: 55d788a4
.yieldmo.com/ Name: yieldmo_id
Value: g3c5b9dec46552992868%7C1661721561331%7C0%7C
.adform.net/ Name: C
Value: 1
.ad-m.asia/ Name: uid
Value: rASpMYCE2U
.yahoo.co.jp/ Name: XA
Value: 7qfbhb5hgnmup&sd=B&t=1661721561&u=1661721561&v=1
.yahoo.co.jp/ Name: XB
Value: 7qfbhb5hgnmup&b=3&s=13
.casalemedia.com/ Name: CMID
Value: Ywvb2fifO9Odw.d0VttCDwAA
.casalemedia.com/ Name: CMPRO
Value: 862
.adform.net/ Name: uid
Value: 8900026220164566207
.mathtag.com/ Name: uuid
Value: 84fa630b-dbd9-4d00-b5d5-397227d1a460
.mathtag.com/ Name: mt_mop
Value: 4:1661721561
.zemanta.com/ Name: zuid
Value: xPAoIsCgnUhcN9G38svy
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-bd816307-0492-490d-74d6-e68aa26e95a6.pJV7mpMYJVobJp6mR67sSGNtnguQKdLyj76DMsGK8Hs
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AvYFjBwSSSQ101uaKom6VpmfR_hc.lcNFOdV%2FX%2BO7I%2BgKBGW27VpCbqvS21EncV8sfHh8GXA
.bg3.co/ Name: _ga_Z0TZ7TDHS1
Value: GS1.1.1661721562.1.0.1661721562.0.0.0
.bg3.co/ Name: _ga
Value: GA1.1.31152529.1661721562
.dotomi.com/ Name: DotomiTest
Value: 1603c0833113204e
.bg3.co/ Name: __gads
Value: ID=4bf5512d5143586a:T=1661721558:S=ALNI_Maz-1RGA5amZS_7p77cR_TEslV07w
.doubleclick.net/ Name: DSID
Value: NO_DATA
.adsrvr.org/ Name: TDID
Value: 6e62aa03-1100-4557-a9b0-7c8160baab44
ads.stickyadstv.com/ Name: UID
Value: f14bccb6c0bfaecd40724f5c93e3e25d
ads.stickyadstv.com/ Name: uid-bp-159
Value: CAESEGqDHjOuzNjlvNNtZ7iVa-c
ads.stickyadstv.com/ Name: sessionId
Value: 3be167e0cffc95623ba86238b084c69
.tribalfusion.com/ Name: ANON_ID
Value: abntmIxlqLknJVsPUm7OD5EjYFeZcZcDkLtyPWhlDcZdWjfj0sa6o9aJmumOVVeF0ftZayeEPW6HpZdQacwQ2fM6avpHj
.bidswitch.net/ Name: tuuid
Value: f114f8fa-a65c-4aa6-ad4c-32818ddf1088
.bidswitch.net/ Name: c
Value: 1661721564
.bidswitch.net/ Name: tuuid_lu
Value: 1661721564
.spotxchange.com/ Name: audience
Value: 16de88c4-2717-11ed-85ca-195d36af0507
.yahoo.com/ Name: A3
Value: d=AQABBNzbC2MCEBTBoJm_QhHBJ2wqTEIVtQsFEgEBAQEtDWMVYwAAAAAA_eMAAA&S=AQAAAvvByzrYtkwggzmmJascrHM
.simpli.fi/ Name: suid
Value: 44CD1B8CE5F8492FB0A28F9ECD8170E7
.bidswitch.net/ Name: google_push
Value: AehlK4BexsKOxsohF5WDRaeHsarBnDTbVwfFuGNo1MEuqegba2nofwkbpis_lYqLXFfDzli35hOdYGj7dFTgJuaMvM8s_A-mokOhmog7gwV-o3QYX7sSSb3_Vqtzod8hm9vk6bEyMi9txBLbcnMA6yfma64
.turn.com/ Name: uid
Value: 3369155634498770692
www.bg3.co/ Name: pbjs-unifiedid
Value: %7B%22TDID%22%3A%226e62aa03-1100-4557-a9b0-7c8160baab44%22%2C%22TDID_LOOKUP%22%3A%22TRUE%22%2C%22TDID_CREATED_AT%22%3A%222022-07-28T21%3A19%3A24%22%7D
.openx.net/ Name: pd
Value: v2|1661721564|jElYiuvOiahI
.openx.net/ Name: univ_id
Value: 537072971|6e62aa03-1100-4557-a9b0-7c8160baab44|1661721565274555
.3lift.com/ Name: tluid
Value: 4153270219694117627029
.media.net/ Name: visitor-id
Value: 3047231651531946000V10
.socdm.com/ Name: SOSYNC
Value: anNvbjp7Im9wZW54IjoxNjYxNzIxNTY1fQ
.bg3.co/ Name: cto_bundle
Value: Li4I2185ekRFS1lwTmR3T2lLa2daeHlVbjdhZU1HdUxPJTJCU0N2Zkpoc3JYT3hGbkRXdTclMkJWVGxFMzNtN3NLVGpzMWlReDl2SEdtSDBLVUhhYjJYU1klMkZ5czFaeThucnV1NU1uaVFzRm1MTG5JS1lScyUzRA
.bg3.co/ Name: cto_bidid
Value: 7RbhuV91bjFBdWNrWDlHV0cxODduWktrM05uUDdLbG1XYmVIdTVqempQU05qSnhVRWhmMnFZNWZ1Ukc1MkMydFVmMTBCM1pjUnFwZnh0SGdtdldzWFFNZFV2QSUzRCUzRA
.adsrvr.org/ Name: TDCPM
Value: CAESFQoGZ29vZ2xlEgsI8q_dtaDRhDsQBRIWCgdydWJpY29uEgsIsvPQyaDRhDsQBRIVCgZjYXNhbGUSCwjGk4TIoNGEOxAFGAEgAygCMgsIxqyE87bRhDsQBTgBWgc4bTMzems0YAI.
.bing.com/ Name: MUID
Value: 0A40587918A76A6E06B74A7719D46B24
.c.bing.com/ Name: MR
Value: 0
.media.net/ Name: data-o
Value: 2be1fc64-1333-46bc-a634-7bbb67fd6052~~8
.media.net/ Name: data-a
Value: 3612964200180168013~~8
pool.admedo.com/ Name: tuuid
Value: bd13a21d-2815-47ce-b65b-009cb57a9626
pool.admedo.com/ Name: c
Value: 1661721565
.linkedin.com/ Name: li_sugr
Value: 87a0bead-f911-49bf-83b1-edbb79239dad
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&89861356-8a78-46ff-8a0a-cbd4d9dcae4b"
.linkedin.com/ Name: lidc
Value: "b=OGST04:s=O:r=O:a=O:p=O:g=2701:u=1:x=1:i=1661721565:t=1661807965:v=2:sig=AQGZ8pmJvI-vyqOJQZlHDQbPKiWoQcdT"
.casalemedia.com/ Name: CMST
Value: Ywvb3WML294A
.casalemedia.com/ Name: CMRUM3
Value: 29630bdbdd05a00&b0630bdbde05a00&2d630bdbd905a0CAESEGHmZZCV-wEnZ1H6waHHmL8&82630bdbdea8c0&5a630bdbde05a0&c3630bdbdd05a00&9c630bdbdd05a00&49630bdbdd05a0&04630bdbde05a0&ce630bdbde05a0&e6630bdbdd2760&27630bdbdd0b40&f1630bdbde05a0&2e630bdbde05a0&03630bdbde05a0
.criteo.com/ Name: uid
Value: 0069af59-2f00-44bb-bc06-080891483741
.ads.pubmatic.com/ Name: KCCH
Value: YES
.prebid.a-mo.net/ Name: _sv3_4
Value: 1
.casalemedia.com/ Name: CMTS
Value: 834
.ladsp.com/ Name: cr
Value: 1
pool.admedo.com/ Name: tuuid_lu
Value: 1661721566
.analytics.yahoo.com/ Name: IDSYNC
Value: "18yl~26ul:198o~26ul:175w~26ul"
.w55c.net/ Name: wfivefivec
Value: Pr3JOiBj1OspGK5
.media.net/ Name: data-c
Value: 0069af59-2f00-44bb-bc06-080891483741~~1
.media.net/ Name: data-c-ts
Value: 1661721566
.servenobid.com/ Name: pid_337
Value: y-45yQxPdE2uEC.boVpA307e6Lte0NaMdNEklPESk-~A
.servenobid.com/ Name: pid_339
Value: y-45yQxPdE2uEC.boVpA307e6Lte0NaMdNEklPESk-~A
.rubiconproject.com/ Name: audit
Value: 1|WD0cx+9RTMLg7t05k8xb9yKB0+A8/5OaUbawGEgDJHc1qHS39cw+TitzQEqEF9Fp0EDmZOSFlB1gEJ9oO5p1Ev0exc+f0IZt
.smartadserver.com/ Name: pid
Value: 6836486443982208980
.media.net/ Name: data-ttd
Value: 6e62aa03-1100-4557-a9b0-7c8160baab44~~1
.media.net/ Name: data-bs
Value: f114f8fa-a65c-4aa6-ad4c-32818ddf1088~~1
.media.net/ Name: data-g
Value: CAESEKgiKj8ayvo_mjAFpsg5utE~~8
.servenobid.com/ Name: pid_312
Value: 3612964200180168013
.ladsp.com/ Name: smn_uid
Value: YN9h2OrX7XHR_A9C704RHw7Frg4MT50
.ladsp.com/ Name: lum
Value: CLe5y7KuMBIFCAMQ0AU
.servenobid.com/ Name: pid_333
Value: Ywvb2fifO9Odw-d0VttCDwAAA14AAAAB
.w55c.net/ Name: matchmedianet
Value: 5

5 Console Messages

Source Level URL
Text
network error URL: https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Flu-pei-pian-tai-ren-ai-bai-bai-zou-chun-xiang-fang-chang-jia.html&CanonicalUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Flu-pei-pian-tai-ren-ai-bai-bai-zou-chun-xiang-fang-chang-jia.html&PublisherDomain=https%3A%2F%2Fbg3.co%2F
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://cdn.adpushup.com/42753/L2EvbHUtcGVpLXBpYW4tdGFpLXJlbi1haS1iYWktYmFpLXpvdS1jaHVuLXhpYW5nLWZhbmctY2hhbmctamlhLmh0bWw=.json
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://cksync.yahoo.co.jp/sspsync?ptr=12703&google_gid=CAESEOW2vOg_jlMzQ1XL8vXTNhE&google_cver=1&google_push=AehlK4CsamMEM-omVlEqI8liV6lNVK6CducYJTDPUQH0TX6VJVW9Br9FqIKGnARkQcqme6dKaNDXGeRoi-j0C-F5wPvtvkMEXDSfNrp7XvZkfjRKDRBJVkQnAikUGyX4DtJYYuUlS9fgiXVl
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://rtb.adxpremium.services/openrtb2/auction
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
other warning URL: https://cdn.ampproject.org/rtv/012208081650000/v0/amp-ad-exit-0.1.mjs(Line 1)
Message:
Unrecognized feature: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1658cca735c76dfbd679764915247b41.safeframe.googlesyndication.com
416221ae6b3c2437353cf534d3966fec.safeframe.googlesyndication.com
67f98774e159b14d066cf03f174c923b.safeframe.googlesyndication.com
a.sportradarserving.com
a.teads.tv
a.tribalfusion.com
aa.agkn.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.360yield.com
ad.turn.com
adpushup-d.openx.net
ads.aralego.com
ads.playground.xyz
ads.pubmatic.com
ads.servenobid.com
ads.stickyadstv.com
ads.yahoo.com
ads.yieldmo.com
adservice.google.com
adservice.google.com.au
adx.holmesmind.com
ap.lijit.com
aplogger.adpushup.com
b1sync.zemanta.com
bh.contextweb.com
bidder.criteo.com
bttrack.com
c.bing.com
c1.adform.net
cdn.adpushup.com
cdn.ampproject.org
cdn.aralego.net
cdn.doubleverify.com
cdn.indexww.com
cdn.jsdelivr.net
ce.lijit.com
cksync.yahoo.co.jp
cm.adform.net
cm.adgrx.com
cm.ambientdsp.com
cm.g.doubleclick.net
code.jquery.com
contextual.media.net
core.iprom.net
cr-p3.ladsp.jp
cr-pall.ladsp.com
creativecdn.com
cs.emxdgt.com
cs.media.net
csync.loopme.me
d-42268595762681362673.ampproject.net
dclk-match.dotomi.com
delivery.adrecover.com
dis.criteo.com
dps.jp.cinarra.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
e3.adpushup.com
eb2.3lift.com
eus.rubiconproject.com
fastlane.rubiconproject.com
feedback.adrecover.com
g2.gumgum.com
gocm.c.appier.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hb-api.omnitagjs.com
htlb.casalemedia.com
ib.adnxs.com
id.rlcdn.com
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
ipac.ctnsnet.com
jp-u.openx.net
js-sec.indexww.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.taboola.com
nep.advangelists.com
odr.mookie1.com
onetag-sys.com
p.adsymptotic.com
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
partners.tremorhub.com
pippio.com
pixel-us-east.rubiconproject.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
pm.w55c.net
pool.admedo.com
pr-bh.ybp.yahoo.com
prebid-server.rubiconproject.com
prebid.a-mo.net
prebid.media.net
public.servenobid.com
pubmatic-match.dotomi.com
px.ads.linkedin.com
pxl.qccerttest.com
r.turn.com
rtb-csync.smartadserver.com
rtb.adxpremium.services
rtb.gumgum.com
rtb.mfadsrvr.com
rules.quantcount.com
s.ad.smaato.net
s.amazon-adsystem.com
s.tribalfusion.com
s0.2mdn.net
secure-assets.rubiconproject.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
stags.bluekai.com
static.bg3.co
static.criteo.net
sync-dsp.ad-m.asia
sync-tm.everesttech.net
sync.1rx.io
sync.aralego.com
sync.crwdcntrl.net
sync.go.sonobi.com
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.search.spotxchange.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.teads.tv
sync.technoratimedia.com
tags.mathtag.com
tags.rd.linksynergy.com
tg.socdm.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
tps.doubleverify.com
tpsc-sgc.doubleverify.com
trc.taboola.com
u.openx.net
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
usersync.gumgum.com
www.bg3.co
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
x.yieldlift.com
y.one.impact-ad.jp
cm.adform.net
hb-api.omnitagjs.com
match.adsrvr.org
sync.crwdcntrl.net
uipglob.semasio.net
um.simpli.fi
x.bidswitch.net
x.yieldlift.com
103.229.10.211
103.229.206.240
103.229.206.241
103.231.98.194
103.231.98.195
103.231.98.197
103.71.26.125
104.16.88.20
104.18.12.76
104.18.18.126
104.18.19.126
104.18.98.194
104.19.173.108
104.211.156.162
104.254.151.120
104.254.151.68
104.26.3.91
104.69.148.168
107.178.244.193
107.178.254.65
119.161.10.11
124.146.215.50
13.107.21.200
13.107.42.14
13.115.216.134
13.227.254.11
13.250.207.233
13.251.132.205
13.251.219.40
13.33.33.86
13.33.33.91
13.33.88.20
13.33.88.29
13.33.88.36
13.76.45.37
132.226.63.138
139.162.23.100
142.250.4.155
142.251.10.154
142.251.10.157
142.251.12.103
142.251.12.132
142.251.12.94
142.251.12.97
145.40.89.200
151.101.130.49
151.101.193.44
169.197.150.7
169.44.180.92
172.217.194.132
172.217.194.139
172.217.194.154
172.217.194.156
172.217.194.157
172.64.152.245
172.67.71.254
18.138.18.111
18.155.68.53
18.161.111.41
18.180.125.109
182.161.73.129
182.161.73.136
182.161.73.145
182.161.73.146
183.79.249.252
185.184.8.90
185.84.60.29
195.5.165.20
198.8.71.128
202.131.200.84
209.191.163.209
209.58.171.197
23.106.127.52
23.106.127.53
23.207.180.199
23.207.180.23
23.207.180.246
23.207.181.47
23.213.140.31
23.213.140.75
23.213.141.184
23.52.171.154
23.72.44.183
23.9.185.218
3.115.174.50
3.121.135.16
3.229.251.39
3.33.220.150
34.102.253.54
34.107.148.139
34.204.58.250
34.239.50.221
34.98.64.218
34.98.67.3
35.186.193.173
35.190.60.146
35.213.109.249
35.213.12.39
35.213.93.179
35.227.202.26
42.99.140.144
42.99.140.161
50.116.239.135
51.79.234.101
52.18.151.34
52.203.149.43
52.220.84.85
52.221.138.76
52.223.2.229
52.46.128.147
52.54.63.203
52.74.162.2
52.95.122.74
54.174.78.62
54.178.84.241
54.179.176.90
54.199.197.118
54.238.120.71
54.238.123.46
54.36.238.155
64.120.88.131
64.202.112.31
64.38.119.27
66.225.223.63
67.199.150.81
67.199.150.86
69.16.175.42
69.173.158.64
69.173.158.65
69.174.120.107
72.34.250.75
74.118.186.45
74.125.200.132
74.125.200.156
74.125.24.149
74.125.24.154
74.214.196.131
8.43.72.97
84.17.37.44
89.207.22.140
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
068394cc3c525fb851a17d0fd9fb980de631f29b323b0bf02409e34ce3dd24cb
06862d2bc2da67d85f660972bbb8cae05483b97c21ef9bfc1f44d675a8dfc78c
07572f31a00b1843fc6d9a1eb3155eaf2a46089213d6740f302cf34f83738040
0962992388017b566b3a129965a7dcd3da217015293874236154b9d4613f176e
0a05de643ac8c608138f3eda57b0efb0d59285892f4e2f26840f50abdc26fd8f
0a6653a907abc53275d34c1e2cbb235f289aed2f40d2d8cf7e5339ae00336f70
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d3c323830d360b2f92810a1dbe5f027c8bb39dbc5780c98bee9c348d1bddf6b
11e824e773da306f35ebfbc341f1437af0eed1167dbe4053c6e68dfc0bbf1beb
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1291438ee9166d9d7254827f8fdae6554411feda8025cf2d2abbed5315c18fdc
12b15a212021f57ae89bb223050732081156290c7aa7a0d5cbb5d9f93cffb9e2
136afffe89161266192c90c57591e40302f28d3f47eee53e83166a7432fb7cff
14aa6cd910470c45e7bef34a3d30697ac933bb897720960ae3a7972ed1bf1e50
14cfb5058acaf3af2f07088f1582f29941d7a4cc74fd1cea5050cecad862d154
150bfac836b7233e6b0f9edc55cd319d2cdc47927d4fbe39dfd3bdd0602d0ae9
16ddaec8fa914389399e7cdb920faf6124aa4690ec3184b0aca04d5721dba960
17d2a9596b37d5d8c0e8b46eda67f51c04e05703e5619deff979d5ef50563e91
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1bdf91c9f73e62f2a0499e2efe66e957221ecf73088494743ed7772d11544334
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced
1c877b4b7e75bf2c8432415bb762ed9bfc73830abf68497eff686fcc9fa44f9f
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1e14ddde632bad66a3f79d6dc2c6a212d3b1b5cd8100cb6b73984b8797c5ed86
21902e4026c2f774fbd13f64845d6fd3a823c1ea64ee93e76a9fe06a49a74711
21c037c88e7067307dd090bcd71acd5e8da13006e7a2af8eaa01654c1cb54de9
249a58bca9bdf418fbce36b5483f6958aeba464b74335e29c355dde3e02af60d
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16
28234f5e3d21f705cd93f3b663661c4b6150bbd2a389a860ea3583c47fb5c3e2
2a86660bfa468d88b3d443f578874c69527e0b7f9124604d39c167ac37b61460
2ad0664b179d3514a9a01ab6b828140af6fb877def8104fab6027fd3ce49b89d
2c66c520d3192a771af6d41215a228381c2b6cb5ec7e44a51d748144edfee798
2fe5625677ac8e3068db3ad3677e9602b1860bfd1a0b3bf70ef4e99393c61cd4
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3392a6ecf1271f7cba01119876184bacccc18766eb46b6c96cadf9837a5977e8
344e02c0e49e58ad7c4726c954b00243760f2301e49f004d008f494a89510710
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
36df198b5853cb6a659189147fadeb7e4a8939bce04a509d7cc8c8d77327ff17
371531d632510a9865c53ffe297c476b1e6a71423f21f913747932c72999a43b
3766c12d01684796a9e19d102a9697d212c63a61f756a16b4b14e93705847443
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
3854b3bc27286bb7a89116ef81e054423018136296cb2e867e24042e81ced13a
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3d4cd398ffe3825f7dcd8dbb39d2ed4e4a6a7cab0903b86e70d8dd334a6e22ad
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e934bee240423c68eaa69829f612e231955b5fc9eba2ed94cbb36137e07f581
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f3e54649083a54427fb6ec72d1935e15035bbdaa6e30f122bf70131eca494b1
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40b5f6acfe971488e28b4570d0b485406d6a56cbdf45e86f0df9b1f040eb6d0d
41f36457d5ec5bd7d115c29bea53e0d1ff77de7418837ef39e897f3b7d497e8a
420aa7c1d96c4bec5287b97f5de519aed454b232b4fa2253cdab4eb5d081dc27
437827253be9aae724d5934271ebd00ef1307e13e5c5487b59a74d0cb098b7ab
457a533b7b4cb3bf5b4351eb231b5604ada74c8c2f571f768c2639b6150b265a
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4af74786749085c54d8a69ac0890c09a52a238b14d5708734b3b907e796bbed8
4b42045831eaf4d6ab1b08bc1955fca173e96cca218693f1adc3d4bb25f02510
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bf603ca4ee21ca9b766ccc5a6ebe86ac1c591f489fa03e2eac26a432c0c96f5
4dc189b45c6485c80edecc3b8b60fdd033b1408ec6e11fa940f4ac977a8d8904
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4f55b782e0d266e744eaeabd954db9e0221284265c264097206f7bcef361c1e6
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5279582c53093402180b85ad5d8f02980c6f6fc41a0c523d446b3c3362898bc4
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
54ef1989cbb78a9ad68eed6ed7c2b4ba93c087812d1d17111513219ec497e8df
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
57ba9c79273602051bd0fa9f6dcd52a3f199dc59f134308efeeaad35424b8311
584bf0f0deea2e87ea7403a1e90d82cea34d44a0df87c84bf2622afcd90549ba
59a8fe87c26e8ecbd54a5a4bb5c5d55702a9da3b821d1254f12efb9ddcf05dd1
5b116cfe12df589b52bd78e7b2213f2bdb575d73be0dcc19738840700f824b41
5c1130fc2214e244090aac5c8702112d7bcc3b55a3f162de33c02b52b6e4ef91
5c6e81664d4eceb22dec97dcfdf650d9043fe61c43c6a0bcfb8cb545a3bb6317
5caddb72b6758964e28f80f32ee62aeef3256b213580211dcd00db96021ba6eb
5d6b864869c19ea1f500174a8dc3f327fd5fdc7e8f92f569788a6744341e4f27
5ecfe41d684fa6bc2fffae2f04dab34b864b00445a7ce048034f5f9f38f14e55
5f8947828d20f8ab59e7c5e277ded685a0b701d5578ef9a969baeba8ed66415a
5f8d71069d619040e5ea451d199616bf459fb1ebc73e2e5a5ade04b3c0f6d405
60ad1b1530db8f11d65e335b21054c27bfef9b2915b6d3ae173c7a2ea182c88b
61b86c2e52c7823c24186ad10b90e606014e5224f138f5f01a644c89548a188d
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6537b8025364bd8ab573b927a3033a905eb3c7241f8c65ffcbde71db76cd73d8
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
6830f1891c68ef50ff7256cc940cf152f6f8c48565d2dc56193b3091c6f46151
6908c32c745a63c87a7d98587ee1e002e3e2f108bb21054d36d050fc276c8709
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088
6dd09c80d743e5c5e9bd8ab6ceed8f1a48d40e914681043e0cacd30f584ec1df
70bf692e0c5e4895f38852bacda3c81c52e85f0655e6fd004b1f5a76bb89dd0e
70d89accbde6aa4a19cf84a6b4dc3ac8bf681919402ebc0fea8ca9f3950e744f
70fa25d0cd4744b6b91054ad55e3e931dad31cc85915b13e33e4e674426c7cc1
7165e1b780f7e3f7da7a2404aa85d81e01950cb5fb40b604873785624fe2379c
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658
73cebcd1f01c0af24cf0b3dfdc4989de4feed5f04fc5d399f6096d5194201400
740ffa5ffc4ed6a504bcc5f6f9fe5bcd3af393bf1a3d621944bac18722075553
7599e0a5ce1ba2a12f036e998e19e60b6e982178e4363d4630ab3a91ca73bf62
7756d206dc3ead613edcff96d9a65e380e24c1dd9c973425762d0628bfc3faaf
77c88679ccd0e7ad85e6d08bef7c30d5d29beb85558d7069c7f292218169ee95
7d676ba25f25bf00b2c640eb8db188103719675eaf32ec37a36931762a39ac00
7d9c576df3f052533a576f70e2dc96d7e2d4c531aa9b0c744debb2905b449978
7e52b222c0ab53848fd101f8f256bdd34822fc1cd04659e29235b186f9d58b59
7efdca1ce8a8ee4fb50887d9f88bdace1026e0f76ea1e64a802b97402d825a79
8031a6c0961c64b7850ea0e16c7796f497c59d17549e0d344f1c761f40fc7901
81442e6c23e46451d5031a7044fa9cb67b6009dde837c7591e3e052b38299123
815ff5873860156c9bc36d61bbca9442a9a7fac954f99bbca0815ce137408362
81f5a7091558670bff70c3e80511e3f24f1b2e377b89531966bcd6cde6e3362d
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
830bd3a65c5fa4dc529188918c4a616169f852392de329eb2f2ad97d8260e15b
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8492f3fc13f89700f09e8a96308911979a6289be084af2c497ea54dbd7dd7f5f
857e2ebcfaa681528084788a9e20e6d2da80ba89854199301c1124d4e0d823ea
85af3052d288ffd9157258dfe4daf5309f0b64d0067ab8221cd0c62909c18419
86f990ecc6f910b3c0fad186ee3b59f1a62760a1d2602a23cc687dc25fe5c4bd
891623026676b69428e5c164ffb30db9031c6f37496b37a94e1b6a9e9718c054
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a8759ea2c2da380bbc3dba74c7d8719e2371bab649692a0b8639cecadde1943
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8ae78cfe6ee6192120b022cb3c00d586542309c4b88076fe6f12c0f7ef65f015
8bac9c023fad9d6721b69f7fe5cfbd0da812fd66ec2c428ae4a141cc44f2e4e9
8c3e4212ee9220a27adbeba6bc1ee1af2d56a31526ae4b88ba835b4ef1fece10
8d200dc372fb333c0ca488fba2a569a686cbf5f1ba0cc0544a4a8c96a4f91de3
8f87f61acb42d66fd796022d01078051089ba84090cdcdef8394099e2749c35f
8fe8f524ceb9fd63bbe6b3c1aa9d05c0c709b0f523a7a288c05e686da549d499
9072e23185fc321b7686ab6eef3ec49d6cbc088102bd320050c886a1160688c7
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
91a8ea37de90c116390b167dfc281ce0ed7e8f324ff1fd834bb27aca9db191db
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5
94dbd185aea4c93bcfd6037b0f6eda7bb7fc1dbb633ecc723193c7f51e7bf840
9597416f5c3f7d86e624826db697705d7db39b22e19b19cf2ee15a29d5b69401
968012b3a49390a10d31c6d36b2aab796ec167a83378b5f9787756ee7cb035c5
96ee24d7663a687fdc56a25bd030c0f39488914a1a3af94df7fd28cb7e4846d7
97b2bcaf3eb778e01a8624052fa2b837c14fa872cc10b30eaae9d967f315d2d2
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9af8a29c37a486fd0cff8de977b2129449daa74a24408268d8c57fc929ad113d
9b7b84c4056c9e0bca51d528ac9d64e0fbd34efd7de4b9f003fa6157de9d300e
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0959a3ef0c2403f6026292415a5ecd2f9eabf8d11ff040609eb8c5d88734810
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e46d0eff446c60d926ab68094e9951ad61d82539991999a5379124cc74ff95
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5b4a374a869f6f1eb6ebc94f5c7990f061908367fd6ba886e49e4ca2b5bbc43
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a8993772c9eb591474f38d257bebc8c4286703e1af72d04c8c294be5fff7b649
a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87
aa446b1f105b20f07c49f55c8ea00ef9bc42d7f0c5f747319823f00a480ff7f6
aa88875d5f2978f315dd728eca2dc2f1590d238f7b95c6c462237b7b36e34714
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b681a6ea36b6f48b933abac49e4179b99d27432e077a71f2490ec03bfce50a77
b964062fc8555da54b12b17ab64255ce69492054baeeeb8d72a6d8eb77f50780
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb838be53e8ff5dcda24c1d497e6fd775cef21061407443ae3485ff9fb122147
bc37aa2c8d068f29f940e74240cda654beb3bd14be88b70bf0ba891ceab3b76e
bee0a78912f0d29818f02dd83a58edb8e48c3e8f51212225c7b47530f3bec208
bfa2161c14f3c7ce96e241c5c94b2aface7d798d74652d1d95dae7f8225dce6f
c0d0b5ecf5aa2cd5475929aefcb44d67c5d5cc8cbcdb3991e45f0944f0344619
c0e5c7c417a89afb60e547ba7eb92e0f07894636ba97355ad61d5559e081e7e6
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c448f62438d6bcb5cf41b244bb9064705171680c836d8e0dbbe4ccdd965d76a9
c49059b3a9527be204f905008679875a336cc6900cc202200c9dbf384a3b93ad
c804096e699cf6e252622ece238e1d7249dd3feab8a85157af6901a593863da5
c9499ea51a2956fd2c1600591ae117fe9ad81065d625b1b2c593c7720e5b228f
cbcdb4c75801db2fc6e6686038fd68c3512f262c3e256ef1df50978975a699e5
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d1555f710e3e03e1b2a96c77e01a8d363d3d2617884e6a42f2dd7211c1b4dc07
d2e5722cf0b8d8df31200550801d755733c56d9ca2758b7041fbed009e0c9d08
dc13d656d3dc1ca95c55c42d609c29c8bf6bf2cd439687471542f5f639abf4a2
ddeadaba89d6948bea2ed014428639effa349263d434d0a881d5a11faaa162a1
df51e9d66f6bbab45e034312d2ff4234a97120089317df52a14c71271bcb6da5
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32
e0d4c0f954d12e3f48a2aec627e29b4d077b05442730c783f37a642dfb1849cf
e144e8b6ee619780391596ee29839469ce3f0914740edf0a6e42e109ab003f21
e218093a3e8d994d337993a3f5243d26eaecbce21b7aaed2a8eb10c88b309e36
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e4dac7f7d8fb8b32430c5da6fa8ff20ba0623088207c0e6026353eaac9eb1fee
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e813a8d8d41c0dbdc33020ad6ef27d16afd2b590ceeb998e267409c8f666b829
e840d901c827ce3644d87e5bd6ed2a7e020c06ceec7cb516ef2e1b78f3e669f0
eb7849fb8f270fb2aa552964f91861bb8074315681567af89fdb76b45dd0df3a
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ec61d9fd1b3609a3a53f377ed07059c3dc7d2cb1502022e0623b4ebc1ea0f35e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f483654d82a51341507becf99599d4e93c33f60a35154c1ae4c5a402d4ff02af
f4e7a93b6983a24369a1f1f35d51810941e3019d20da3788cf7e671b1b410cc5
f7062c98fda4d3b0023264ee0eeb56825e6ad1154ca6f7c399b1219ba65cc82e
f77f47058428a1c21dad5a75ac13fbfdeb9858947218fee2112fded5972a0b5d
f953ee4acc5761d6d82c5fa349afcc8ac2504508f605fc145828e55207514105
fb2a105fede5295b783c3e6b82b27fae666d35df69fe6a7938e9294fe9b0785b
fbb779a7370a139fb31695b848086c585e83ce2ee4f4633d6a47d8020ed39edd
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e