urlscan.io logo urlscan.io
SecurityTrails logo

www.bg3.co Open in urlscan Pro
84.17.37.44  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.bg3.co/a/hai-jun-xin-yi-pi-sheng-chang-qi-ban-fei-xing-xue-yuan-jie-ye-you-ge-xin-tu-po.html
Submission: On October 21 via manual from US — Scanned from AU
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 103 IPs in 10 countries across 109 domains to perform 514 HTTP transactions. The main IP is 84.17.37.44, located in Central, Hong Kong and belongs to CDN77 ^_^, GB. The main domain is www.bg3.co. The Cisco Umbrella rank of the primary domain is 643495.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G2 on May 20th 2022. Valid for: a year.
This is the only time www.bg3.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 84.17.37.44 60068 (CDN77 ^_^)
10 74.125.24.132 15169 (GOOGLE)
1 3 103.254.153.160 59253 (LEASEWEB-...)
4 104.26.4.103 13335 (CLOUDFLAR...)
2 42.99.140.144 4637 (ASN-TELST...)
5 42.99.140.161 4637 (ASN-TELST...)
2 69.16.175.42 20446 (STACKPATH...)
21 172.67.72.16 13335 (CLOUDFLAR...)
54 74.125.24.154 15169 (GOOGLE)
3 209.58.188.181 133752 (LEASEWEB-...)
20 69 142.250.4.155 15169 (GOOGLE)
2 142.251.10.97 15169 (GOOGLE)
3 74.125.24.113 15169 (GOOGLE)
7 13.76.45.37 8075 (MICROSOFT...)
11 142.251.10.154 15169 (GOOGLE)
5 172.217.194.132 15169 (GOOGLE)
4 7 103.229.10.211 16509 (AMAZON-02)
1 104.16.85.20 13335 (CLOUDFLAR...)
1 7 104.18.19.126 13335 (CLOUDFLAR...)
3 51.79.234.101 16276 (OVH)
13 54.73.238.20 16509 (AMAZON-02)
3 54.249.121.116 16509 (AMAZON-02)
1 69.173.158.65 26667 (RUBICONPR...)
1 54.203.144.13 16509 (AMAZON-02)
1 35.213.117.18 15169 (GOOGLE)
11 16 104.254.151.120 29990 (ASN-APPNEX)
1 52.77.151.123 16509 (AMAZON-02)
1 34.107.148.139 396982 (GOOGLE-CL...)
3 7 145.40.89.200 54825 (PACKET)
2 12 35.244.159.8 15169 (GOOGLE)
1 182.161.73.145 55569 (CRITEO-AS...)
1 23.195.153.54 16625 (AKAMAI-AS)
28 142.250.4.132 15169 (GOOGLE)
1 172.253.118.94 15169 (GOOGLE)
8 74.125.24.99 15169 (GOOGLE)
5 172.253.118.155 15169 (GOOGLE)
6 19 139.5.84.243 27381 (CASALE-MEDIA)
1 13.227.254.36 16509 (AMAZON-02)
24 74.125.200.148 15169 (GOOGLE)
2 104.211.156.162 8075 (MICROSOFT...)
4 4 89.207.22.73 399104 (CNVR-APAC)
1 1 18.177.254.176 16509 (AMAZON-02)
2 3 34.96.105.8 396982 (GOOGLE-CL...)
16 16 35.213.12.39 15169 (GOOGLE)
6 6 35.227.202.26 15169 (GOOGLE)
3 3 107.178.244.193 15169 (GOOGLE)
2 2 13.224.250.18 16509 (AMAZON-02)
2 3 23.36.252.26 16625 (AKAMAI-AS)
2 4 23.106.127.165 59253 (LEASEWEB-...)
5 7 50.116.239.135 6336 (TURN-US-ASN)
3 4 13.107.42.14 8068 (MICROSOFT...)
2 5 103.231.98.196 62713 (AS-PUBMATIC)
1 1 174.137.133.49 27257 (WEBAIR-IN...)
1 1 13.230.2.255 16509 (AMAZON-02)
7 7 52.74.162.2 16509 (AMAZON-02)
4 10 151.101.2.49 54113 (FASTLY)
1 151.101.1.108 54113 (FASTLY)
3 7 104.254.148.251 29990 (ASN-APPNEX)
2 117.18.232.64 15133 (EDGECAST)
1 142.250.4.95 15169 (GOOGLE)
1 142.251.10.94 15169 (GOOGLE)
1 182.161.74.19 55569 (CRITEO-AS...)
1 182.161.73.148 55569 (CRITEO-AS...)
5 5 18.142.141.82 16509 (AMAZON-02)
7 7 103.229.205.242 30419 (MEDIAMATH...)
3 3 35.230.38.116 396982 (GOOGLE-CL...)
11 12 3.33.220.150 16509 (AMAZON-02)
10 10 64.202.112.159 22075 (AS-OUTBRAIN)
13 182.161.73.129 55569 (CRITEO-AS...)
8 3.0.26.188 16509 (AMAZON-02)
1 3 18.139.5.162 16509 (AMAZON-02)
2 2 35.186.193.173 15169 (GOOGLE)
3 3 34.237.81.207 14618 (AMAZON-AES)
2 3 213.180.193.90 208722 (GLOBAL_DC)
1 172.217.194.94 15169 (GOOGLE)
1 182.161.73.132 55569 (CRITEO-AS...)
1 104.17.25.14 13335 (CLOUDFLAR...)
6 182.161.73.135 55569 (CRITEO-AS...)
2 182.161.73.142 55569 (CRITEO-AS...)
3 182.161.73.136 55569 (CRITEO-AS...)
1 23.44.0.183 16625 (AKAMAI-AS)
3 10 35.71.178.8 16509 (AMAZON-02)
2 104.18.13.76 13335 (CLOUDFLAR...)
1 52.222.158.43 16509 (AMAZON-02)
3 11 23.9.185.218 16625 (AKAMAI-AS)
12 23.195.152.23 16625 (AKAMAI-AS)
2 3 209.191.163.210 ()
10 13 69.173.158.64 26667 (RUBICONPR...)
2 2 124.146.215.44 2514 (INFOSPHER...)
2 2 13.227.254.129 16509 (AMAZON-02)
1 2 104.18.100.194 ()
2 2 35.213.93.179 ()
3 6 52.74.172.143 16509 (AMAZON-02)
5 9 52.46.143.56 ()
1 13.107.21.200 8068 (MICROSOFT...)
3 3 23.73.13.201 ()
2 2 13.115.138.242 ()
1 2 54.148.107.193 ()
2 2 198.8.71.131 ()
5 23.44.0.196 16625 (AKAMAI-AS)
13 14 74.118.186.44 26120 (RHYTHMONE)
2 182.161.73.146 55569 (CRITEO-AS...)
1 2 47.252.78.131 ()
2 2 35.156.131.180 ()
2 34.236.45.231 ()
1 52.193.151.12 ()
1 2 138.197.50.103 ()
2 2 209.191.163.208 ()
1 1 72.34.250.75 ()
1 1 54.225.103.119 ()
1 37.157.6.253 ()
2 3 54.239.38.253 ()
1 1 175.41.189.179 ()
2 35.214.174.31 ()
1 1 34.111.151.213 ()
3 4 185.84.60.21 ()
19 67.199.150.86 ()
1 1 18.138.18.111 ()
1 202.131.200.84 ()
1 1 103.3.63.48 ()
1 18.182.122.24 ()
2 2 3.1.14.27 ()
1 19 54.238.120.71 ()
1 2 151.101.129.44 ()
1 2 104.18.24.173 ()
1 195.5.165.20 ()
2 3 35.190.60.146 ()
2 2 107.178.254.65 ()
1 1 34.98.67.3 ()
2 103.231.98.195 ()
2 2 51.68.39.188 ()
1 1 34.102.253.54 ()
1 35.79.63.55 ()
3 4 38.133.127.127 ()
1 1 54.164.39.11 ()
1 193.122.128.135 ()
1 169.197.150.7 ()
2 2 13.251.241.69 ()
1 1 74.214.196.131 ()
2 2 185.184.8.90 ()
1 1 69.173.151.100 ()
514 103
1    84.17.37.44 (Central, Hong Kong)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-84-17-37-44.cdn77.com
www.bg3.co
10    74.125.24.132 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f132.1e100.net
cdn.ampproject.org
3    103.254.153.160 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
ads.aralego.com
4    104.26.4.103 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.aralego.net
2    42.99.140.144 (Japan)

ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK)
PTR: ip-42-99-140-144.pacnet.net
delivery.adrecover.com
5    42.99.140.161 (Japan)

ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK)
PTR: ip-42-99-140-161.pacnet.net
cdn.adpushup.com
2    69.16.175.42 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: tlb.hwcdn.net
code.jquery.com
21    172.67.72.16 (United States)

ASN13335 (CLOUDFLARENET, US)
static.bg3.co
54    74.125.24.154 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f154.1e100.net
pagead2.googlesyndication.com
partner.googleadservices.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
3    209.58.188.181 (Central, Hong Kong)

ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK)
sync.aralego.com
69    142.250.4.155 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f155.1e100.net
securepubads.g.doubleclick.net
cm.g.doubleclick.net
2    142.251.10.97 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f97.1e100.net
www.googletagmanager.com
3    74.125.24.113 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f113.1e100.net
www.google-analytics.com
7    13.76.45.37 (Singapore, Singapore)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
e3.adpushup.com
11    142.251.10.154 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f154.1e100.net
adservice.google.com.au
adservice.google.com
5    172.217.194.132 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f132.1e100.net
4ac4850c21c18d152dec82a4f4b546ba.safeframe.googlesyndication.com
aeda70c3d9f8ebee0b4cc653358b610c.safeframe.googlesyndication.com
4d6f72d0e14a2586548118fd7cc8457d.safeframe.googlesyndication.com
7    103.229.10.211 (Singapore)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
cms.quantserve.com
1    104.16.85.20 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
7    104.18.19.126 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
ssum-sec.casalemedia.com
3    51.79.234.101 (Singapore, Singapore)

ASN16276 (OVH, FR)
PTR: ip101.ip-51-79-234.net
onetag-sys.com
13    54.73.238.20 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-73-238-20.eu-west-1.compute.amazonaws.com
ads.servenobid.com
3    54.249.121.116 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-249-121-116.ap-northeast-1.compute.amazonaws.com
prebid-server.rubiconproject.com
1    69.173.158.65 (Ashburn, United States)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
1    54.203.144.13 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-203-144-13.us-west-2.compute.amazonaws.com
hb-api.omnitagjs.com
1    35.213.117.18 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 18.117.213.35.bc.googleusercontent.com
grid.bidswitch.net
16    104.254.151.120 (Los Angeles, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 908.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
ib.adnxs.com
1    52.77.151.123 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-77-151-123.ap-southeast-1.compute.amazonaws.com
tlx.3lift.com
1    34.107.148.139 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 139.148.107.34.bc.googleusercontent.com
prebid.media.net
7    145.40.89.200 (Ashburn, United States)

ASN54825 (PACKET, US)
prebid.a-mo.net
12    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
adpushup-d.openx.net
u.openx.net
us-u.openx.net
jp-u.openx.net
1    182.161.73.145 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
bidder.criteo.com
1    23.195.153.54 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-195-153-54.deploy.static.akamaitechnologies.com
a.teads.tv
28    142.250.4.132 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f132.1e100.net
tpc.googlesyndication.com
1    172.253.118.94 (United States)

ASN15169 (GOOGLE, US)
PTR: sl-in-f94.1e100.net
d-535395998747397289.ampproject.net
8    74.125.24.99 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f99.1e100.net
www.google.com
5    172.253.118.155 (United States)

ASN15169 (GOOGLE, US)
PTR: sl-in-f155.1e100.net
www.googletagservices.com
19    139.5.84.243 (Canada)

ASN27381 (CASALE-MEDIA, CA)
dsum-sec.casalemedia.com
dsum.casalemedia.com
1    13.227.254.36 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-254-36.sin52.r.cloudfront.net
rules.quantcount.com
24    74.125.200.148 (United States)

ASN15169 (GOOGLE, US)
PTR: sa-in-f148.1e100.net
s0.2mdn.net
2    104.211.156.162 (Mumbai, India)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
aplogger.adpushup.com
4    89.207.22.73 (Singapore, Singapore)

ASN399104 (CNVR-APAC, US)
PTR: sin01-usadmm-ds.dotomi.com
dclk-match.dotomi.com
pubmatic-match.dotomi.com
1    18.177.254.176 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-177-254-176.ap-northeast-1.compute.amazonaws.com
v9999.adv.admeme.net
3    34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com
tr.blismedia.com
16    35.213.12.39 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 39.12.213.35.bc.googleusercontent.com
x.bidswitch.net
6    35.227.202.26 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 26.202.227.35.bc.googleusercontent.com
odr.mookie1.com
3    107.178.244.193 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 193.244.178.107.bc.googleusercontent.com
pixel.tapad.com
2    13.224.250.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-250-18.sin52.r.cloudfront.net
aa.agkn.com
3    23.36.252.26 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-36-252-26.deploy.static.akamaitechnologies.com
cs.media.net
4    23.106.127.165 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
ssbsync.smartadserver.com
rtb-csync.smartadserver.com
7    50.116.239.135 (United States)

ASN6336 (TURN-US-ASN, US)
ad.turn.com
r.turn.com
4    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
5    103.231.98.196 (Japan)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
1    174.137.133.49 (United States)

ASN27257 (WEBAIR-INTERNET, US)
dsp.adkernel.com
1    13.230.2.255 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-230-2-255.ap-northeast-1.compute.amazonaws.com
ds.uncn.jp
7    52.74.162.2 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-74-162-2.ap-southeast-1.compute.amazonaws.com
ups.analytics.yahoo.com
10    151.101.2.49 (United States)

ASN54113 (FASTLY, US)
displayf-tm.everesttech.net
statsf-tm.everesttech.net
rtd-tm.everesttech.net
sync-tm.everesttech.net
1    151.101.1.108 (United States)

ASN54113 (FASTLY, US)
cdn.adnxs.com
7    104.254.148.251 (Los Angeles, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 893.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
lax1-ib.adnxs.com
secure.adnxs.com
2    117.18.232.64 (Australia)

ASN15133 (EDGECAST, US)
playtime.tubemogul.com
1    142.250.4.95 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f95.1e100.net
fonts.googleapis.com
1    142.251.10.94 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f94.1e100.net
www.gstatic.com
1    182.161.74.19 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
rtb.jp2.as.criteo.com
1    182.161.73.148 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
ads.as.criteo.com
5    18.142.141.82 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-142-141-82.ap-southeast-1.compute.amazonaws.com
pm.w55c.net
7    103.229.205.242 (Singapore)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
3    35.230.38.116 (The Dalles, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 116.38.230.35.bc.googleusercontent.com
um.simpli.fi
12    3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
10    64.202.112.159 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
13    182.161.73.129 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
static.criteo.net
8    3.0.26.188 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-0-26-188.ap-southeast-1.compute.amazonaws.com
s.acexedge.com
3    18.139.5.162 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-139-5-162.ap-southeast-1.compute.amazonaws.com
sync.crwdcntrl.net
2    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
ipac.ctnsnet.com
3    34.237.81.207 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-237-81-207.compute-1.amazonaws.com
sync.srv.stackadapt.com
3    213.180.193.90 (Russian Federation)

ASN208722 (GLOBAL_DC, FI)
PTR: bs.yandex.ru
an.yandex.ru
1    172.217.194.94 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f94.1e100.net
fonts.gstatic.com
1    182.161.73.132 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
cat.sg1.as.criteo.com
1    104.17.25.14 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
6    182.161.73.135 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
pix.as.criteo.net
2    182.161.73.142 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
csm.as.criteo.net
3    182.161.73.136 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
gum.criteo.com
1    23.44.0.183 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-44-0-183.deploy.static.akamaitechnologies.com
acdn.adnxs.com
10    35.71.178.8 (United States)

ASN16509 (AMAZON-02, US)
PTR: ade9ecc7904667038.awsglobalaccelerator.com
eb2.3lift.com
2    104.18.13.76 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
cdn.indexww.com
1    52.222.158.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-158-43.cdg52.r.cloudfront.net
public.servenobid.com
11    23.9.185.218 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-9-185-218.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
secure-assets.rubiconproject.com
12    23.195.152.23 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-195-152-23.deploy.static.akamaitechnologies.com
contextual.media.net
3    209.191.163.210 (None, )

ASN- ()
ap.lijit.com
13    69.173.158.64 (Singapore, Singapore)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
token.rubiconproject.com
2    124.146.215.44 (Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)
tg.socdm.com
2    13.227.254.129 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-254-129.sin52.r.cloudfront.net
cr-p3.ladsp.com
2    104.18.100.194 (None, )

ASN- ()
p.adsymptotic.com
2    35.213.93.179 (None, )

ASN- ()
a.sportradarserving.com
6    52.74.172.143 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-74-172-143.ap-southeast-1.compute.amazonaws.com
pr-bh.ybp.yahoo.com
9    52.46.143.56 (None, )

ASN- ()
s.amazon-adsystem.com
1    13.107.21.200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
3    23.73.13.201 (None, )

ASN- ()
stags.bluekai.com
2    13.115.138.242 (None, )

ASN- ()
match.prod.bidr.io
2    54.148.107.193 (None, )

ASN- ()
dpm.demdex.net
2    198.8.71.131 (None, )

ASN- ()
p.rfihub.com
5    23.44.0.196 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-44-0-196.deploy.static.akamaitechnologies.com
ads.pubmatic.com
14    74.118.186.44 (Serangoon, Singapore)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
2    182.161.73.146 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
dis.criteo.com
2    47.252.78.131 (None, )

ASN- ()
event.clientgear.com
2    35.156.131.180 (None, )

ASN- ()
rtb.mfadsrvr.com
2    34.236.45.231 (None, )

ASN- ()
cs.emxdgt.com
1    52.193.151.12 (None, )

ASN- ()
g2.gumgum.com
2    138.197.50.103 (None, )

ASN- ()
x.yieldlift.com
2    209.191.163.208 (None, )

ASN- ()
ce.lijit.com
1    72.34.250.75 (None, )

ASN- ()
sync.go.sonobi.com
1    54.225.103.119 (None, )

ASN- ()
ssp.disqus.com
1    37.157.6.253 (None, )

ASN- ()
cm.adform.net
3    54.239.38.253 (None, )

ASN- ()
aax-eu.amazon-adsystem.com
1    175.41.189.179 (None, )

ASN- ()
match.sharethrough.com
2    35.214.174.31 (None, )

ASN- ()
csync.loopme.me
1    34.111.151.213 (None, )

ASN- ()
dmp.brand-display.com
4    185.84.60.21 (None, )

ASN- ()
c1.adform.net
19    67.199.150.86 (None, )

ASN- ()
simage2.pubmatic.com
image2.pubmatic.com
1    18.138.18.111 (None, )

ASN- ()
cm.ambientdsp.com
1    202.131.200.84 (None, )

ASN- ()
sync-dsp.ad-m.asia
1    103.3.63.48 (None, )

ASN- ()
gocm.c.appier.net
1    18.182.122.24 (None, )

ASN- ()
dps.jp.cinarra.com
2    3.1.14.27 (None, )

ASN- ()
cm.adgrx.com
19    54.238.120.71 (None, )

ASN- ()
usersync.gumgum.com
2    151.101.129.44 (None, )

ASN- ()
trc.taboola.com
match.taboola.com
2    104.18.24.173 (None, )

ASN- ()
a.tribalfusion.com
s.tribalfusion.com
1    195.5.165.20 (None, )

ASN- ()
core.iprom.net
3    35.190.60.146 (None, )

ASN- ()
idsync.rlcdn.com
2    107.178.254.65 (None, )

ASN- ()
pippio.com
1    34.98.67.3 (None, )

ASN- ()
tags.rd.linksynergy.com
2    103.231.98.195 (None, )

ASN- ()
image4.pubmatic.com
2    51.68.39.188 (None, )

ASN- ()
dsp.nrich.ai
1    34.102.253.54 (None, )

ASN- ()
ads.playground.xyz
1    35.79.63.55 (None, )

ASN- ()
rtb.gumgum.com
4    38.133.127.127 (None, )

ASN- ()
sync.outbrain.com
1    54.164.39.11 (None, )

ASN- ()
sync.ipredictive.com
1    193.122.128.135 (None, )

ASN- ()
sync.technoratimedia.com
1    169.197.150.7 (None, )

ASN- ()
match.deepintent.com
2    13.251.241.69 (None, )

ASN- ()
ad.360yield.com
1    74.214.196.131 (None, )

ASN- ()
bh.contextweb.com
2    185.184.8.90 (None, )

ASN- ()
creativecdn.com
1    69.173.151.100 (None, )

ASN- ()
pixel-us-east.rubiconproject.com
Apex Domain
Subdomains		 Transfer
80 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 188
googleads.g.doubleclick.net — Cisco Umbrella Rank: 43
cm.g.doubleclick.net — Cisco Umbrella Rank: 215
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 317
603 KB
74 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 104
4ac4850c21c18d152dec82a4f4b546ba.safeframe.googlesyndication.com
aeda70c3d9f8ebee0b4cc653358b610c.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 147
4d6f72d0e14a2586548118fd7cc8457d.safeframe.googlesyndication.com
683 KB
31 pubmatic.com
image6.pubmatic.com — Cisco Umbrella Rank: 671
ads.pubmatic.com — Cisco Umbrella Rank: 495
simage2.pubmatic.com
image2.pubmatic.com
image4.pubmatic.com
simage4.pubmatic.com Failed
54 KB
29 rubiconproject.com
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 1042
fastlane.rubiconproject.com — Cisco Umbrella Rank: 492
eus.rubiconproject.com — Cisco Umbrella Rank: 596
pixel.rubiconproject.com — Cisco Umbrella Rank: 347
secure-assets.rubiconproject.com
token.rubiconproject.com
pixel-us-east.rubiconproject.com
53 KB
26 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 519
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 542
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 439
dsum.casalemedia.com
19 KB
25 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 232
cdn.adnxs.com — Cisco Umbrella Rank: 1320
lax1-ib.adnxs.com — Cisco Umbrella Rank: 2185
acdn.adnxs.com — Cisco Umbrella Rank: 618
secure.adnxs.com
80 KB
24 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 273
724 KB
22 bg3.co
www.bg3.co — Cisco Umbrella Rank: 643495
static.bg3.co
169 KB
21 gumgum.com
g2.gumgum.com
usersync.gumgum.com
rtb.gumgum.com
7 KB
21 criteo.net
static.criteo.net — Cisco Umbrella Rank: 680
pix.as.criteo.net — Cisco Umbrella Rank: 16753
csm.as.criteo.net — Cisco Umbrella Rank: 17352
231 KB
17 bidswitch.net
grid.bidswitch.net — Cisco Umbrella Rank: 1004
x.bidswitch.net — Cisco Umbrella Rank: 303
8 KB
16 media.net
prebid.media.net — Cisco Umbrella Rank: 1238
cs.media.net — Cisco Umbrella Rank: 1392
contextual.media.net — Cisco Umbrella Rank: 570
20 KB
14 servenobid.com
ads.servenobid.com — Cisco Umbrella Rank: 1663
public.servenobid.com — Cisco Umbrella Rank: 3473
9 KB
14 google.com
adservice.google.com — Cisco Umbrella Rank: 78
www.google.com — Cisco Umbrella Rank: 2
4 KB
14 adpushup.com
cdn.adpushup.com — Cisco Umbrella Rank: 15799
e3.adpushup.com — Cisco Umbrella Rank: 17189
aplogger.adpushup.com — Cisco Umbrella Rank: 16696
217 KB
13 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 294
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 426
6 KB
12 amazon-adsystem.com
s.amazon-adsystem.com
aax-eu.amazon-adsystem.com
8 KB
12 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 356
7 KB
12 openx.net
adpushup-d.openx.net — Cisco Umbrella Rank: 13910
u.openx.net — Cisco Umbrella Rank: 664
us-u.openx.net — Cisco Umbrella Rank: 409
jp-u.openx.net — Cisco Umbrella Rank: 10520
3 KB
11 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 585
eb2.3lift.com — Cisco Umbrella Rank: 373
5 KB
10 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 543
6 KB
10 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 560
6 KB
10 everesttech.net
displayf-tm.everesttech.net — Cisco Umbrella Rank: 5739
statsf-tm.everesttech.net — Cisco Umbrella Rank: 4851
rtd-tm.everesttech.net — Cisco Umbrella Rank: 2552
sync-tm.everesttech.net — Cisco Umbrella Rank: 578
6 KB
10 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 363
217 KB
9 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 763
rtb.jp2.as.criteo.com — Cisco Umbrella Rank: 22845
ads.as.criteo.com — Cisco Umbrella Rank: 17079
cat.sg1.as.criteo.com — Cisco Umbrella Rank: 17724
gum.criteo.com — Cisco Umbrella Rank: 425
dis.criteo.com — Cisco Umbrella Rank: 679
50 KB
8 acexedge.com
s.acexedge.com — Cisco Umbrella Rank: 7683
55 KB
7 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 462
4 KB
7 turn.com
ad.turn.com — Cisco Umbrella Rank: 766
r.turn.com — Cisco Umbrella Rank: 3362
3 KB
7 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 924
3 KB
7 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 948
pixel.quantserve.com — Cisco Umbrella Rank: 516
cms.quantserve.com — Cisco Umbrella Rank: 729
12 KB
6 mookie1.com
odr.mookie1.com — Cisco Umbrella Rank: 987
869 B
6 aralego.com
ads.aralego.com — Cisco Umbrella Rank: 28151
sync.aralego.com — Cisco Umbrella Rank: 2910
4 KB
5 adform.net
cm.adform.net
c1.adform.net
2 KB
5 lijit.com
ap.lijit.com
ce.lijit.com
3 KB
5 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 765
4 KB
5 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 193
233 KB
5 google.com.au
adservice.google.com.au — Cisco Umbrella Rank: 109731
1 KB
4 outbrain.com
sync.outbrain.com
1 KB
4 unrulymedia.com
sync.targeting.unrulymedia.com
2 KB
4 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 375
1 KB
4 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 863
rtb-csync.smartadserver.com
2 KB
4 dotomi.com
dclk-match.dotomi.com — Cisco Umbrella Rank: 2865
pubmatic-match.dotomi.com
2 KB
4 aralego.net
cdn.aralego.net — Cisco Umbrella Rank: 8566
45 KB
3 rlcdn.com
idsync.rlcdn.com
571 B
3 bluekai.com
stags.bluekai.com
2 KB
3 yandex.ru
an.yandex.ru — Cisco Umbrella Rank: 2202
1 KB
3 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 723
1 KB
3 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 756
1 KB
3 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 841
2 KB
3 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 456
646 B
3 blismedia.com
tr.blismedia.com — Cisco Umbrella Rank: 2392
195 B
3 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 777
2 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 32
519 B
2 creativecdn.com
creativecdn.com
700 B
2 360yield.com
ad.360yield.com
624 B
2 nrich.ai
dsp.nrich.ai
1 KB
2 pippio.com
pippio.com
718 B
2 tribalfusion.com
a.tribalfusion.com
s.tribalfusion.com
1 KB
2 taboola.com
trc.taboola.com
match.taboola.com
561 B
2 adgrx.com
cm.adgrx.com
1 KB
2 loopme.me
csync.loopme.me
40 B
2 yieldlift.com
x.yieldlift.com
465 B
2 emxdgt.com
cs.emxdgt.com
133 B
2 mfadsrvr.com
rtb.mfadsrvr.com
1 KB
2 clientgear.com
event.clientgear.com
418 B
2 rfihub.com
p.rfihub.com
1 KB
2 demdex.net
dpm.demdex.net
2 KB
2 bidr.io
match.prod.bidr.io
1 KB
2 sportradarserving.com
a.sportradarserving.com
968 B
2 adsymptotic.com
p.adsymptotic.com
477 B
2 ladsp.com
cr-p3.ladsp.com — Cisco Umbrella Rank: 24354
1 KB
2 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1201
2 KB
2 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 608
cdn.indexww.com — Cisco Umbrella Rank: 1375
2 KB
2 ctnsnet.com
ipac.ctnsnet.com — Cisco Umbrella Rank: 19902
665 B
2 gstatic.com
www.gstatic.com
fonts.gstatic.com
42 KB
2 tubemogul.com
playtime.tubemogul.com — Cisco Umbrella Rank: 6214
11 KB
2 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 474
1 KB
2 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 888
1008 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 61
77 KB
2 jquery.com
code.jquery.com — Cisco Umbrella Rank: 677
60 KB
2 adrecover.com
delivery.adrecover.com — Cisco Umbrella Rank: 15630
10 KB
1 contextweb.com
bh.contextweb.com
664 B
1 deepintent.com
match.deepintent.com
44 B
1 technoratimedia.com
sync.technoratimedia.com
293 B
1 ipredictive.com
sync.ipredictive.com
465 B
1 playground.xyz
ads.playground.xyz
463 B
1 linksynergy.com
tags.rd.linksynergy.com
391 B
1 iprom.net
core.iprom.net
282 B
1 cinarra.com
dps.jp.cinarra.com
220 B
1 appier.net
gocm.c.appier.net
395 B
1 ad-m.asia
sync-dsp.ad-m.asia
243 B
1 ambientdsp.com
cm.ambientdsp.com
650 B
1 brand-display.com
dmp.brand-display.com
349 B
1 sharethrough.com
match.sharethrough.com
254 B
1 disqus.com
ssp.disqus.com
471 B
1 sonobi.com
sync.go.sonobi.com
655 B
1 bing.com
c.bing.com — Cisco Umbrella Rank: 236
668 B
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 216
5 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 44
1 KB
1 uncn.jp
ds.uncn.jp — Cisco Umbrella Rank: 16094
566 B
1 adkernel.com
dsp.adkernel.com — Cisco Umbrella Rank: 6970
595 B
1 admeme.net
v9999.adv.admeme.net — Cisco Umbrella Rank: 129072
358 B
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 876
632 B
1 ampproject.net
d-535395998747397289.ampproject.net
1 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1269
520 B
1 omnitagjs.com
hb-api.omnitagjs.com — Cisco Umbrella Rank: 4187
517 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 394
1 KB
0 semasio.net Failed
uipglob.semasio.net Failed
0 chocolateplatform.com Failed
cs.chocolateplatform.com Failed
514 109
Domain Requested by
55 cm.g.doubleclick.net 20 redirects googleads.g.doubleclick.net
www.bg3.co
4d6f72d0e14a2586548118fd7cc8457d.safeframe.googlesyndication.com
u.openx.net
eb2.3lift.com
g2.gumgum.com
41 pagead2.googlesyndication.com cdn.ampproject.org
ads.aralego.com
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.bg3.co
4d6f72d0e14a2586548118fd7cc8457d.safeframe.googlesyndication.com
www.googletagservices.com
28 tpc.googlesyndication.com securepubads.g.doubleclick.net
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.bg3.co
pagead2.googlesyndication.com
4d6f72d0e14a2586548118fd7cc8457d.safeframe.googlesyndication.com
24 s0.2mdn.net www.bg3.co
s0.2mdn.net
21 static.bg3.co www.bg3.co
19 usersync.gumgum.com 1 redirects ads.pubmatic.com
g2.gumgum.com
eus.rubiconproject.com
18 dsum-sec.casalemedia.com 6 redirects googleads.g.doubleclick.net
ssum-sec.casalemedia.com
16 x.bidswitch.net 16 redirects
16 ib.adnxs.com 11 redirects cdn.adpushup.com
googleads.g.doubleclick.net
acdn.adnxs.com
14 securepubads.g.doubleclick.net cdn.aralego.net
securepubads.g.doubleclick.net
cdn.adpushup.com
www.bg3.co
www.googletagservices.com
13 simage2.pubmatic.com ads.pubmatic.com
13 static.criteo.net cdn.adpushup.com
ads.as.criteo.com
static.criteo.net
www.bg3.co
13 ads.servenobid.com cdn.adpushup.com
public.servenobid.com
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
g2.gumgum.com
eus.rubiconproject.com
ads.pubmatic.com
12 contextual.media.net cdn.adpushup.com
contextual.media.net
public.servenobid.com
ads.pubmatic.com
eus.rubiconproject.com
12 match.adsrvr.org 11 redirects cdn.adpushup.com
public.servenobid.com
10 sync.1rx.io 10 redirects
10 eb2.3lift.com 3 redirects cdn.adpushup.com
eb2.3lift.com
10 b1sync.zemanta.com 10 redirects
10 cdn.ampproject.org www.bg3.co
cdn.ampproject.org
9 s.amazon-adsystem.com 5 redirects eb2.3lift.com
ssum-sec.casalemedia.com
www.bg3.co
9 pixel.rubiconproject.com 6 redirects www.bg3.co
8 eus.rubiconproject.com cdn.adpushup.com
contextual.media.net
eus.rubiconproject.com
public.servenobid.com
g2.gumgum.com
8 s.acexedge.com playtime.tubemogul.com
s.acexedge.com
8 www.google.com googleads.g.doubleclick.net
tpc.googlesyndication.com
4d6f72d0e14a2586548118fd7cc8457d.safeframe.googlesyndication.com
7 sync.mathtag.com 7 redirects
7 ups.analytics.yahoo.com 7 redirects
7 prebid.a-mo.net 3 redirects cdn.adpushup.com
www.bg3.co
public.servenobid.com
7 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
www.bg3.co
cdn.ampproject.org
7 e3.adpushup.com www.bg3.co
6 image2.pubmatic.com ads.pubmatic.com
6 pr-bh.ybp.yahoo.com 3 redirects ssum-sec.casalemedia.com
ads.pubmatic.com
6 pix.as.criteo.net ads.as.criteo.com
6 odr.mookie1.com 6 redirects
6 adservice.google.com securepubads.g.doubleclick.net
pagead2.googlesyndication.com
cdn.ampproject.org
5 ads.pubmatic.com contextual.media.net
public.servenobid.com
ads.pubmatic.com
g2.gumgum.com
5 ssum-sec.casalemedia.com 1 redirects js-sec.indexww.com
ssum-sec.casalemedia.com
public.servenobid.com
5 us-u.openx.net 2 redirects u.openx.net
5 pm.w55c.net 5 redirects
5 image6.pubmatic.com 2 redirects ads.pubmatic.com
5 ad.turn.com 5 redirects
5 www.googletagservices.com googleads.g.doubleclick.net
securepubads.g.doubleclick.net
4d6f72d0e14a2586548118fd7cc8457d.safeframe.googlesyndication.com
5 adservice.google.com.au securepubads.g.doubleclick.net
pagead2.googlesyndication.com
5 cdn.adpushup.com www.bg3.co
cdn.adpushup.com
4 sync.outbrain.com 3 redirects g2.gumgum.com
4 c1.adform.net 3 redirects ads.pubmatic.com
4 token.rubiconproject.com 4 redirects
4 sync.targeting.unrulymedia.com 3 redirects g2.gumgum.com
4 statsf-tm.everesttech.net www.bg3.co
4 lax1-ib.adnxs.com cdn.adpushup.com
www.bg3.co
cdn.adnxs.com
4 googleads4.g.doubleclick.net www.bg3.co
4 px.ads.linkedin.com 3 redirects www.bg3.co
4 adpushup-d.openx.net cdn.adpushup.com
4 cdn.aralego.net www.bg3.co
ads.aralego.com
3 idsync.rlcdn.com 2 redirects ads.pubmatic.com
3 secure.adnxs.com 3 redirects
3 aax-eu.amazon-adsystem.com 2 redirects www.bg3.co
3 secure-assets.rubiconproject.com 3 redirects
3 cms.quantserve.com 3 redirects
3 sync-tm.everesttech.net 3 redirects
3 stags.bluekai.com 3 redirects
3 ap.lijit.com 2 redirects www.bg3.co
3 gum.criteo.com cdn.adpushup.com
contextual.media.net
3 an.yandex.ru 2 redirects www.bg3.co
3 sync.srv.stackadapt.com 3 redirects
3 sync.crwdcntrl.net 1 redirects www.bg3.co
public.servenobid.com
ads.pubmatic.com
3 um.simpli.fi 3 redirects ads.pubmatic.com
3 pixel.quantserve.com 1 redirects www.bg3.co
3 4d6f72d0e14a2586548118fd7cc8457d.safeframe.googlesyndication.com securepubads.g.doubleclick.net
3 ssbsync.smartadserver.com 2 redirects public.servenobid.com
3 cs.media.net 2 redirects contextual.media.net
3 pixel.tapad.com 3 redirects ads.pubmatic.com
3 tr.blismedia.com 2 redirects googleads.g.doubleclick.net
3 prebid-server.rubiconproject.com cdn.adpushup.com
3 onetag-sys.com cdn.adpushup.com
public.servenobid.com
3 www.google-analytics.com www.bg3.co
www.googletagmanager.com
3 sync.aralego.com ads.aralego.com
www.bg3.co
3 ads.aralego.com 1 redirects ads.aralego.com
2 creativecdn.com 2 redirects
2 ad.360yield.com 2 redirects
2 pubmatic-match.dotomi.com 2 redirects
2 dsp.nrich.ai 2 redirects
2 image4.pubmatic.com ads.pubmatic.com
2 pippio.com 2 redirects
2 cm.adgrx.com 2 redirects
2 csync.loopme.me ssbsync.smartadserver.com
ads.pubmatic.com
2 ce.lijit.com 2 redirects
2 x.yieldlift.com 1 redirects public.servenobid.com
ads.pubmatic.com
2 cs.emxdgt.com contextual.media.net
g2.gumgum.com
2 rtb.mfadsrvr.com 2 redirects
2 event.clientgear.com 1 redirects contextual.media.net
2 dis.criteo.com contextual.media.net
ads.pubmatic.com
2 p.rfihub.com 2 redirects
2 dpm.demdex.net 1 redirects ssum-sec.casalemedia.com
2 match.prod.bidr.io 2 redirects
2 a.sportradarserving.com 2 redirects
2 p.adsymptotic.com 1 redirects eb2.3lift.com
2 cr-p3.ladsp.com 2 redirects
2 jp-u.openx.net u.openx.net
2 tg.socdm.com 2 redirects
2 csm.as.criteo.net ads.as.criteo.com
2 ipac.ctnsnet.com 2 redirects
2 rtd-tm.everesttech.net 1 redirects www.bg3.co
2 playtime.tubemogul.com displayf-tm.everesttech.net
playtime.tubemogul.com
2 r.turn.com www.bg3.co
4d6f72d0e14a2586548118fd7cc8457d.safeframe.googlesyndication.com
2 aa.agkn.com 2 redirects
2 dclk-match.dotomi.com 2 redirects
2 aplogger.adpushup.com cdn.adpushup.com
2 htlb.casalemedia.com cdn.adpushup.com
2 partner.googleadservices.com pagead2.googlesyndication.com
2 www.googletagmanager.com cdn.ampproject.org
cdn.adpushup.com
2 code.jquery.com delivery.adrecover.com
cdn.adpushup.com
2 delivery.adrecover.com www.bg3.co
1 pixel-us-east.rubiconproject.com 1 redirects
1 bh.contextweb.com 1 redirects
1 match.deepintent.com g2.gumgum.com
ads.pubmatic.com
1 sync.technoratimedia.com g2.gumgum.com
1 sync.ipredictive.com 1 redirects
1 rtb.gumgum.com ads.pubmatic.com
1 ads.playground.xyz 1 redirects
1 tags.rd.linksynergy.com 1 redirects
1 core.iprom.net ads.pubmatic.com
1 s.tribalfusion.com ads.pubmatic.com
1 a.tribalfusion.com 1 redirects
1 match.taboola.com ads.pubmatic.com
1 trc.taboola.com 1 redirects
1 dps.jp.cinarra.com ads.pubmatic.com
1 gocm.c.appier.net 1 redirects
1 sync-dsp.ad-m.asia ads.pubmatic.com
1 cm.ambientdsp.com 1 redirects
1 dsum.casalemedia.com ssum-sec.casalemedia.com
1 dmp.brand-display.com 1 redirects
1 rtb-csync.smartadserver.com ssbsync.smartadserver.com
1 match.sharethrough.com 1 redirects
1 cm.adform.net public.servenobid.com
1 ssp.disqus.com 1 redirects
1 sync.go.sonobi.com 1 redirects
1 g2.gumgum.com public.servenobid.com
1 cdn.indexww.com ssum-sec.casalemedia.com
1 c.bing.com eb2.3lift.com
1 public.servenobid.com cdn.adpushup.com
1 js-sec.indexww.com cdn.adpushup.com
1 u.openx.net cdn.adpushup.com
1 acdn.adnxs.com cdn.adpushup.com
1 cdnjs.cloudflare.com ads.as.criteo.com
1 cat.sg1.as.criteo.com ads.as.criteo.com
1 fonts.gstatic.com fonts.googleapis.com
1 ads.as.criteo.com 4d6f72d0e14a2586548118fd7cc8457d.safeframe.googlesyndication.com
1 rtb.jp2.as.criteo.com www.bg3.co
1 www.gstatic.com 4d6f72d0e14a2586548118fd7cc8457d.safeframe.googlesyndication.com
1 fonts.googleapis.com 4d6f72d0e14a2586548118fd7cc8457d.safeframe.googlesyndication.com
1 cdn.adnxs.com cdn.adpushup.com
1 displayf-tm.everesttech.net cdn.adpushup.com
1 ds.uncn.jp 1 redirects
1 dsp.adkernel.com 1 redirects
1 v9999.adv.admeme.net 1 redirects
1 rules.quantcount.com secure.quantserve.com
1 d-535395998747397289.ampproject.net cdn.ampproject.org
1 a.teads.tv cdn.adpushup.com
1 bidder.criteo.com cdn.adpushup.com
1 prebid.media.net cdn.adpushup.com
1 tlx.3lift.com cdn.adpushup.com
1 grid.bidswitch.net cdn.adpushup.com
1 hb-api.omnitagjs.com cdn.adpushup.com
1 fastlane.rubiconproject.com cdn.adpushup.com
1 cdn.jsdelivr.net cdn.adpushup.com
1 secure.quantserve.com cdn.adpushup.com
1 aeda70c3d9f8ebee0b4cc653358b610c.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 4ac4850c21c18d152dec82a4f4b546ba.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 www.bg3.co
0 simage4.pubmatic.com Failed ads.pubmatic.com
0 uipglob.semasio.net Failed ssbsync.smartadserver.com
public.servenobid.com
ads.pubmatic.com
0 cs.chocolateplatform.com Failed googleads.g.doubleclick.net
ssbsync.smartadserver.com
514 172

This site contains no links.

Subject Issuer Validity Valid
*.bg3.co
AlphaSSL CA - SHA256 - G2		 2022-05-20 -
2023-06-21		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
cdn.adpushup.com
R3		 2022-09-07 -
2022-12-06		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2022-08-03 -
2023-07-14		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-04-16 -
2023-04-16		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.aralego.com
Sectigo RSA Domain Validation Secure Server CA		 2022-10-19 -
2023-11-19		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.adpushup.com
Sectigo ECC Domain Validation Secure Server CA		 2022-08-02 -
2023-09-02		 a year crt.sh
*.google.com.au
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-09 -
2023-09-09		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-10 -
2023-01-03		 a year crt.sh
ads.servenobid.com
Amazon		 2022-05-29 -
2023-06-27		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
*.omnitagjs.com
Amazon		 2022-05-17 -
2023-06-15		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-05 -
2023-05-04		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.3lift.com
Amazon		 2022-05-13 -
2023-06-11		 a year crt.sh
*.media.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-06 -
2023-05-04		 a year crt.sh
*.a-mo.net
R3		 2022-09-05 -
2022-12-04		 3 months crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-08-27 -
2022-11-22		 3 months crt.sh
teads.tv
R3		 2022-08-17 -
2022-11-15		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
tr.blismedia.com
GTS CA 1D4		 2022-10-16 -
2023-01-14		 3 months crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2022 Q1		 2022-02-03 -
2023-03-07		 a year crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2022-03-11 -
2023-04-11		 a year crt.sh
*.tubemogul.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-05-20 -
2023-06-20		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.jp2.as.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-10-18 -
2023-01-15		 3 months crt.sh
*.as.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-10-09 -
2023-01-11		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-09-01 -
2022-11-30		 3 months crt.sh
acexedge.com
R3		 2022-10-03 -
2023-01-01		 3 months crt.sh
*.sg1.as.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-10-10 -
2023-01-10		 3 months crt.sh
*.as.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-08-31 -
2022-12-04		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
*.servenobid.com
Amazon		 2022-02-06 -
2023-03-07		 a year crt.sh
www.bing.com
Microsoft RSA TLS CA 02		 2022-09-03 -
2023-03-03		 6 months crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-06-14 -
2022-12-07		 6 months crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2022-02-04 -
2023-02-03		 a year crt.sh
*.emxdgt.com
Amazon		 2022-06-03 -
2023-07-02		 a year crt.sh
*.gumgum.com
Amazon		 2022-05-06 -
2023-06-04		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-25 -
2023-01-25		 a year crt.sh
loopme.com
R3		 2022-09-26 -
2022-12-25		 3 months crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-20 -
2023-09-20		 a year crt.sh
sync-dsp.ad-m.asia
GlobalSign GCC R3 DV TLS CA 2020		 2022-07-21 -
2023-08-22		 a year crt.sh
*.jp.cinarra.com
Sectigo RSA Domain Validation Secure Server CA		 2022-05-14 -
2023-06-13		 a year crt.sh
*.ad-server.k8s.jp.ggops.com
Amazon		 2022-02-15 -
2023-03-16		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-28 -
2022-12-29		 a year crt.sh
*.iprom.net
R3		 2022-09-13 -
2022-12-12		 3 months crt.sh
*.technoratimedia.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-09-15 -
2023-09-15		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2022-05-02 -
2023-06-03		 a year crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2022-05-01 -
2023-06-02		 a year crt.sh

This page contains 93 frames:

Primary Page: https://www.bg3.co/a/hai-jun-xin-yi-pi-sheng-chang-qi-ban-fei-xing-xue-yuan-jie-ye-you-ge-xin-tu-po.html
Frame ID: ABBC7A9F62AF9CF0C179F73BE53D1074
Requests: 103 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 7ACF7BC8313FF202BA4B5589229E3AEC
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: FC565EF73617C46811589082348F5127
Requests: 8 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: 93E9CD75DCC23A4039B9B1B29D340DBE
Requests: 9 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: 8F2037A9A06A68AE4271B9BCF981560E
Requests: 9 HTTP requests in this frame

Frame: https://4ac4850c21c18d152dec82a4f4b546ba.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 9E6DE54E867C9333E2978911D9CAA8E6
Requests: 1 HTTP requests in this frame

Frame: https://aeda70c3d9f8ebee0b4cc653358b610c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: DBCC5B6AC6748578BCBC34EFB8F7DA26
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1666380924&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-jun-xin-yi-pi-sheng-chang-qi-ban-fei-xing-xue-yuan-jie-ye-you-ge-xin-tu-po.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666380923199&bpp=13&bdt=1569&idt=1785&shv=r20221019&mjsv=m202210130101&ptt=5&saldr=sa&correlator=6940085691434&frm=23&ife=1&pv=2&ga_vid=132312058.1666380925&ga_sid=1666380925&ga_hid=1805836802&ga_fc=0&ga_cid=amp-HZirLDaaJ-8PWpViWbHHdQ&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=856&biw=1600&bih=1200&isw=336&ish=280&ifk=3312327010&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C44775017%2C31060049&oid=2&pvsid=2672479170510720&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.oqtxlyn13en9&fsb=1&dtd=1805
Frame ID: 13E59B3F183CAE02CF54374BC655D37C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1666380925&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-jun-xin-yi-pi-sheng-chang-qi-ban-fei-xing-xue-yuan-jie-ye-you-ge-xin-tu-po.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666380923282&bpp=12&bdt=1667&idt=1810&shv=r20221019&mjsv=m202210130101&ptt=5&saldr=sa&correlator=6940085691434&frm=23&ife=1&pv=1&ga_vid=991348202.1666380925&ga_sid=1666380925&ga_hid=786545097&ga_fc=0&ga_cid=amp-HZirLDaaJ-8PWpViWbHHdQ&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=3533403246&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C31069972%2C44774605%2C44775016%2C44773747&oid=2&pvsid=746497570079959&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.8pw8mhuqgu1f&fsb=1&dtd=1826
Frame ID: E164B643B97C52EF907862F8850C1BE2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMDNlQEQgZDNoQMY6Nm30QEwAQ&v=APEucNU3cbTq8B3TJtUWVeF6xxxmAaWWBfjmnL0cMwp1BD3_G85BFDGsYBMxq6rTnx1jEQrYzMuXgs95vK_WLHVGQepFJsQi1A
Frame ID: 683FC448897E5E27A2129443A811F81B
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BOTubWldF59j4kWg-91lp8lIcbJru1yPC8XVIXqtL8-2i89_Trory6krrmRDgtpTqJzx3d3oyxJjTgmeNTJHoCLbV7pw&cry=1&dbm_d=AKAmf-CSk28B_SG76bCDTUu6Gs6CImtq6kVR0I1ASW_OpAQ6PuIB7LMt6zoAl82BLXhiIwk9sO-cwKRJozOeT6986FZuJ16lzfIpQ6bG4Wj2Rvr5b3DA3G7B-YQNgFe8dfhlyhZVSGfrYxsvDQ7ok7yc9xPFVKwHJIOQFZRpLq5UMn6X_sDh5WaI0P_-NSIPqutM7uphrOn3Rx_JOHGxKQkjP6Remi2SLCPfhXb-HwGHO2zUJ3WyQY5MgldodB9cMF19lG4OW9isgQaK5XEEORpOucI9vsLsGp21VcjF3SVs6fcsIk2bx7dDsNC1ShY1fieTZd_eHtDkB6tai0__OUla7KU-Dq95O90j3Ug8UqSxd6wHAmRspnKcTSh7shpaFQU2UlDrkWHwHgZy6_XD2EjRfZJDhtfJzlcl6ekJT0B8gcZHt_aUEfilKXNxZjJPO4W3q5IxZRw4DhEKnm8Br-vzah7Dy_cuWMdh1ozxx6sJREs1EcpiVRv6g3k57PNM2BKQy5De1-BipIgOs5bcpVpL7nTQRkIkuBxBbH1vvVWvBmZI5t7JAoreLYK-5bzUVKOZ8HCxYnWUi9dndAkBoCk58JYwUi_0Szp1hB_AxoH4x6rLMBDLMPHLd5IeNQOMHXN1gtMdc3cY9IV6cvSkuAoD9VZ9kUAbkvvZ1c-TswRzFGEawwNG5dl5CqwSrny5uCY4a8OfBIIAzjd0CFHxvvb08ze34ooqLxCM1Qh3k1Re7i6aCucrMaxPumrvs7UGbWIT5pP86xVrQJuYX4U_Oh4ZrqmwTJWPHFAlvH_D0d5McvmnDQgwnsUAyNX_3B8M_enQWxDR8ciUTx3OE-WKMcgt857ZSszKknLNaBs8XaCMtD_lSocagKcGj-Xgbc3sLx1XERAC5coho6jzWN5-8IlLqcKz59ntQP4I30QR5zFwyN_b_YaR1wNSO_KVY6sLrIfzV1CFSRUegwla38aeUANZtW7uASsr8UwWF1rCT0mRwt9maCRJFtdvbsTJZSBGI3hOWje1GAqE99dkUsWcE_7XvUkO5oY_S1nCzB7wBz5PR-NDTIKG5X5ixBS6rsTqcVR4gT6bBeGX8kCsm5EKbrpY6MJdkYCjgc8ZOLkEK6v1vULJnY1PpX1pnJPlGty5hBVojtxTjFvbe537k0dkR0To4fm4FqafjG2GyUdENyPAwy1buGn3hBw8wzBoamsUC6d1tuMNCzXlqJ2YyNrukeuCgbbaJ4-iRTKD4D6mD_syaLmVrE5eJp5GbVltwzA66yIOREhP77RNGVufKca2a0hovBFHaqdHbNMObnMi65PEMt0qTqp1rnqGlXBfwv4BBgW7kdrf4mu0OA00FNALXgrmQ_eciKlQCUpkWn7M1gY-8-8ynU6ObQGtc7wA_p_LxM55TqJ0_a0oL83sdlDgURcmslSEQPKPOoe24azbPCD-loFmVB2vZLhFJKaf5jP2CBr45P7BOLOawEmFqEcM9LQ77ZfbcEW0RtoKI8C2mPxr4po2pMM3kRzy3SNLBfIEJInsC4YHkVCktk9kpePIbjGLqfnMYzgMmNO6WzFD7bqz1XZrjwqwBulQ6otpqvWEO2yrnsuMS87ct3a66NoAvlKA0JwNJKFRuY_Yp8-SQiTICdcxC1XLhyd00bJjFUeOyFC_vxfiK5EHFWkrW1_xfV03f5iY9W1eQOWhKYmNFF6xwvjZN5wCHZQsT3sQSRGRq5FXXimF7p1LFTpAzSVRi7uXcQgAsvbAVmhbo_TXci5XroB0NZv-DU3_TWHA949vLMc-afurUyx-Ypi2pp4FysmXJnIw6eqsV0VT7diMYFQTEslyq_aVpvcC_wy85p3773pFUpS0vAjKfEpLkRkUNPCbd2jZbPIWM2h9m-2_1akGFxI2UbYI676GKlibDUaKEu-VZl5-AblgmVI7LaxHFHhCok7rHj-aM06DarSh-88tnIxqD8h1tOQvo_F9gXzD_oF1C42zZu65Mw0c1lURF8-6bHjkj30AmzUXD2qmKOmJj02DU2gKHyRHC6mU95bpH037KztQCuLAtmGQhZ5VqkQkXn0XZMMgc2Fma8rxy9KxSLzgXXH7sijrWYpvzV64x6HeolhTlm_7hEhsN5Uh0WKjVvCfNzxV9YMhTESHU97u970LUMhkyIVZsrbhJmX6z26iDXfv-r2wuP9xRSdjqzi_GEzKFF5dSl6XRZlKC-rt7R_Mv-TyzVE7MbMxdZuwB5pXdYQdLHF1tM-eQ75nLX3P1iXK8XMkcBWQ-FhubsHftJ-jlCwsK-xXZiLYcu6dXklumvF22d9UiwB9WakfcLWgujdTRYwlkiOBO7R89mN4rw7ZTW8t0_w2VXz1aVDK65xvsUvzRC7Ua7NK52T5O0_mA1nWfZqtRf99qE18CqDI74ALi5S3pppRKxFqHs6EMssOMZBoxEOegYJXctwnTpHRprA2artAIJJTBfXLZp6pHF1YHL1pgZKbDVK1rhID3e5ZlkquHgSHuS0PMhgKKETo7hcQgNJyZoG3Nu1KvWDWv8YM3Ghsr2B-B4U4M_BeNkL-V-O-Fmw9fhqZRQRNmhYS834Tt62CLU5oc20fgNyhIynRyByawZLsu5a-IPldPfAh9BHS6IY6fACaI1QBzh_meewkitA-6JnswQP-nw3WX7O2h_NrkVJ6VOhSG_c5aUfq3HMB8PeTTZ5aPDR6gu582E57FCzkmb7qtR1UaqRiY9pdsyJxpLihVQLYjbv4CrmBx7iqUNeLwQbFjC4jwKrgbv8NrwYiRozAtev2npuTbEVhWnNXr5EemxlPKFU88hVXNJgnaHHfQcYiUmTQLCp_o2HZlnb9H-sfYQG06FG5kxMrCLaYF6yvh7GWciV_lINwxS2cvGkRoGErM4mQboPMbZb9950fY_6GBYAu8ezXjPCHqL9GQJRZTdfg0HcEcHj6Ch_OjEuRxjG0oIgssrbwdIMyJS3mRTt_SblN8ZWvJmA0Wb1ptmAueJbOM25Ry1NKsIUod89awTHUMapofFLEn_yaatRacMPDyxgKpBekXAt1pGdIiXE4woDUe-xJ_Tz5baYs5qwy2Lg-PGPMEdUMnlyikU4ItxvyVenw8oZhH3JTMwjjgEwzhnGhacNnAKvGXufTrjVP1rB8-klPMG9p6nL7RvJz4WhT1R2u72bCZmwAKvMTw_1qewGZEWb_VH76vIvKvNvHFBO08El8rit2GTOhJHHl_T5_MowonDPufm9cgriBALctHAFWbODbzPYaUCaMWNfOKvEb2K2-RBLCFHoYOjbI09SobBY69-tvO-6xptU1mfW2WU7h70Wn8QXvIoibErEQft4hyxABuCisxQy96ZZe2C2xXQc-VQsGZgnfWWo34f3AVggDMutSkBcOYx6FuNSo&cid=CAQSKQDq26N9Yryw3u6k7d6zKVODAB7Gb4q0IEhg5TCouksPzkqHV9JuybV9GAEgDg&rfl=3%2Chttps%253A%252F%252Fwww.bg3.co%242%2Chttps%253A%252F%252Fwww.bg3.co%252F%240
Frame ID: C9E659B96DCCA9032AF3F3CF20F1543C
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMDNlQEQgZDNoQMY6Nm30QEwAQ&v=APEucNXH_SAEU9F0VSofdv2-jFgmCWWNieCAVGL-VWZ1o9-OozYeRleW1zWo2_8IH0MySnXy0NGaGKAbek5kuTaX4cVcmDI1xQ
Frame ID: AA0B190EDB1A16D91598D8E421ECF20E
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DvkoPcYkS5w05f50iVQ3KGyq02W6jO7H4oSGh8LsoPHEVooAx35Jqb-cqQd0Bq5AlJM4mzM7oF0aT44ftu84M7oouRfA&cry=1&dbm_d=AKAmf-Ali6hW9Lt5mEOkfwSBg9TOHh5y7-uqgyjCFCrEojMFWwHr-c6uLJvgu_-iZiMStFnxQQv7e9wdHX1Ot6RdBxlkpMj7tipn1V-KvvT9BvxvTOH_E1pA_gyUUin7xGc8m8mA_VmuggMY6U-9Uuw1DL2eqCIdcCYjn_aCXrQ2TFQxw2PWXhePHYywra60u-B2-FAkQSqF9lRdRQF1oSBFiviy4zfLfiPYtuPQpNuWA6Q_FgpBxw-m0rYI_Qvjy_XG7FwJDGVZxgrS2EmX_p-RYeOtbM-V8_20Yo3iUw4MKjj7mcF-Zr8OnrSZYkJddsju68_xbNlYCwEVcMSiUKydqjeB7Sr935AK_9426srBUYAH7W0kqi2vBiQf5HaQ_zqNAC7EKQCCa4zq6T7IcBG4ShDuV7urlAOJk1KJnQ4txU_IvUS8NOJ9yALpjfA-dDyTfrPb_diPoAHCLd-HqL4V-16c8uS8AFEFXR9paAJMvwCnddZ_pnsCIJTmtOQQ20bvjGDLEE1Fdfdab2Z5Z-Au61cQZCmtJUT0sOJJF88UjajpXBgZtMk3t2DpyNeAiYa8Hl3-Pb6xskro59-3xTe_SN0zFxTByjNVxNRhctM5R7YywwjMrpNQkn0rR4eQ1_2CQKK6Yyav-Y4hxQqc_kH9BCT4CeOVIS9Ku_hrpYFHx_7W_HxRhEXQTOrU_GiS2dUuVkmfVQjZBJZpJdviCGDq2LvMOPC_n1H6H-E1JW8CA-rVPw3njo-0NmX28cmlc95zaDATxuYKfRTPrAqMcoWQUMG2FesWX8dCXOPR8AmClXUXmXPd9IEjPbs49OkfvDEtsAg34lvf5k2ATwzluQjONE7OAylr9dcYcL9kGIAWfrRtU3KjMgLABkRBTNSron8TtAu1a49l2y_Lnd4S6-0QHpabnk2wg3ROx6sjvpgpjjHN52D_vuqj9mJ1tiiLONEBrpcpDhjL2E-qqgLC90Pdk-RGBCG6ruqyafYYduO39SmT0olA01ICT0bF3HZFg4pSDb0fTifSrrE1hhuL7rp-FfZkLUd2QBJAckq_wdrnswIKs83MZ70Np82NIEpexPPdZRFne0aCOKnWRwazzHYdJy8-INQqOXLKa-vBNugKy1TEizFuzEOud4Vx5bKftLrhZOe2XjlCYweqYSUtmWrcck02___Zen-cfcfPDpJPYOPgxPNwOuMDnJbyvIw7gg3Ge4MbyeISu4U-TlsBAW92mnl365ZN268uqtKMR2UIoK8ntuZo7iK_IvJ2EqGVQvYPq699Pc2_jJpdpccPiGhRO000aJT2Xd3zJ-qqILy2_igRBKXF0OILYPOhaNRGqQDtYOBgs2JFWA9iDbue5C-_lrr1fwxmyhs1wxFHhWHrKVzuWKWrHsLeuA_46E-Yut2It_4h4rQBT22zpLs9KusjSadnfRkvaCCkvgYR2RRXUUGojdHYz1WDf0_zH44MJicFB5_e3Ka9yAEKCMgHeOyBUXxF7rm3hg1a9QQUX1X8-rsY_RDHBO5VfVy3PcjDu0eKsXIuKEv3B1Gyj-9C6HPhQzwSRX_jOelxp3Dh75x6vjbxdFwDy_h_h-annNdRjwDqgBx68RqG72puv94zYRv4JOdi17GTTy7PADqiz4OdSLQC_9lqqSNNeqb0-bNclH197sTKbbWUdPKY-Vbk1dPrdchc7GUNr5VpqlqZ4c_7IpwGapGRv1N5FfouloPDNQG0v5Yey1_pkvWo_27_LO0Hue79evvEJoLAnts1LdES7G-qV_OX21BcH1tGaYaqiiEZKVyM3j4OshdL8dlaWbQu_fQmvDK7i58gXyk_6-dVw-4KyzGf3x2kAZ20LKnhvqF5N7Vm5COoJ-T53ZUqxsH8ec5Coa0qdJlxLYM63x9RxepG3J1n5OzCb4niXNJsORPuPLXK4oDrUIBfwcGTIWJhpygpReSHqNbFImFvgOixlZCT2XwuJvEi54WXKVx65Ij0bMXO8YeSw2tvHZIuWerLcvkxGcx8IR0QCj1U8cwBwusyCIEYAztWNuetPs7R4yDPgKPwdAu7TFuLn3LkygUL4cgv_aLFK9PBHcJRpgrwTE9Lb_N7MQMlUWFdckYxigBabUPr9CDl4h1UeQTc0p7SO_1ypncF-WjRDsxc9lJ_1Y8EVOFwyVNtTKowdqqp2-ftSrZUJqwG5EwwtwXmYk6f3WHz8JuPjNT7g-KMPl-nUnXUHaEIvGGQEBEZuhaeBtcSt5WN0qplZLygYSdT3di-xeC6hziIvhbBu1yfwlZW6JvNl3VGDiyCOiMCYFAvJLSSgER6dV6GrDtYYWaAmpsc8CMEdIVxWFTo0Yi_ofD_YVXnYjfqLMW31tSmw1RRdWLaaEQwuC6hei7KW2oe64R6Npy_v_oBgPsyVR_ksnnXgCQCg8NUjroPSKKDQs9oxQMqUXoUqFlyVI_OMaUwj0nEpAmvOUUWOXRDhlMBvvAa-POUw-q5LSpb0xulHcw8Iw_hWtMGHVHiMJdG5gSnceGRFdhV_oV0W2O7048z4shjq9ocZwWhs1PA41YBKBDAQy4oCiS01Agaoe-J_fiYodqtpGH0wKfQkH3cKjzC_RDBIZPS6mm9MbEiDNjdO-ZiQVk685ETWXW0axCSl9WtHBcli3nYRbpgpeATS00bx1x4MN9OgVnahYS6KymyDKAABHuEQl-MNP2G2AOt3MILDOcWIU0oZtDHfbh2qJMqPXK7wIpwxjvGhWx93e_0Pux7o65WeGFbDxJ0Kik0Olgdz-P-WUudGrPTbdWAVwfMbUSdzGHDDsm1SpNlXx9deAsr71cBl2x5TP_Tx6U7bFYhiRHboAJjzMRXwJhnX-I78JYFuV850fk_W4z1NImsZZkwHMv235fU7_RSgh5fb-CzO2_agrKC7zUt1nQ61ERFrt-TmleDVw8Ysz0PBAzZDWnGNefNnM0o2kjf_mIHURlc2lOSJPpn4oDChwvSRbCaslBHOvoh_YktpCt7Qi_1c493BwtZWoyjv55cICfY6u99yfzCDe7aSP96Xuyj3mWGHYwJ_mUDR0I_pwLms2HBT8CZPNJ4uh6delNix3o7vLnavttthBmNUny2AylBYieimv_R64j-CTrUZK1Ye--cutFNPuuhet23kC3EUhTGZewblcCTnzmRrkHMDur73-kzkNnRXHjgu7apKBCY60BKd0Fll6VFwxbD9Jg8qYGQvjEUxL6uPRqON6xOQfVhqzwsKXp9W9Wz_ntzq9OQQpFWynDFCLyGLsoQIjP_UqevbrUfHXZh8tmujwP99Sed_wfAY_9IEOUSPqYM0HCs-DnKr-uym25jG9xVUJwlrGUS2gqE8r1oWdMhH8v2UePyvguQlQC1YCCWo0iX9bhfxQcRzZ-JxtjsMd_XziXe5HKdQfscUWXORkm03lWX3w&cid=CAQSKQDq26N9NDRoRAxuNtaQp_9GhKXc-OO7oiDY2x4xDzLHGupY14wHRJ3CGAEgDg&rfl=3%2Chttps%253A%252F%252Fwww.bg3.co%242%2Chttps%253A%252F%252Fwww.bg3.co%252F%240
Frame ID: 4A4850541D255C1D401861F56699368C
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=1600x250&w=1600&h=250&ptt=12&adk=2733026255&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-3531927353485263444&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=470780615&nhd=0&adx=0&ady=3129&oid=2&is_amp=5&amp_v=2210010655000&d_imp=1&c=8007105&ga_cid=amp-HZirLDaaJ-8PWpViWbHHdQ&ga_hid=7105&dt=1666380925943&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-jun-xin-yi-pi-sheng-chang-qi-ban-fei-xing-xue-yuan-jie-ye-you-ge-xin-tu-po.html&bdt=5494&dtd=364&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Frame ID: 1B062CC338580A5F7A927EA70736DA15
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 3088D50BCE7F6D599B849D16AF8F8EF3
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 57D019288FE0D0681905C7EFD0091847
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: F9E1E466A4403A7EBFAFED6A2E5FFCCE
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 9C38DED2DA6401CA8825518FA169B8AC
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 4B1B9D3541A08CA7594305C6E69A5C92
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 59FE2DA5642CA6D40B3E21226AA37E29
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: ED89B3980AF4FC3DE32FFBF8A7A9C0B8
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 6ADFAAE52D4C3816E40ADCBC43CBD576
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/15194225437936141310/index.html
Frame ID: BF8C5B96F28687D437A55EBA12250765
Requests: 11 HTTP requests in this frame

Frame: https://4d6f72d0e14a2586548118fd7cc8457d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: A76B5A3F2160154E5221598CDCE42FAB
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/15194225437936141310/index.html
Frame ID: D3D39E20FB73E1D84A2DFE7A0476130E
Requests: 11 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvfT6-BUUCnWGiDxr730s6_g9UURrxYnbzDWg4I8k0ep2ufhP1Y431ZcVKQJ60MD27dUWX9J0nb2ij7x_tTsJB5nFzUZwulCiq6t2MtjELofuRByXsfTYahBX8CfD05GNR44ohsKTxYg6Zt4NMYN4EbfhsTMTax9SSAedjuLoPMfj9A7MQWSJUKH9gac9hymlinoQ4mnqFw5v46GGiNGOvWL0IDw0XOHR6SjSRFWIlSGbQcQEL1Skzats38EJFkeNVbUlW9AXeWgziH7cCej7aH-9Fuku3gDmsaNhxZLiudhBvlovbyujAPr5FN&sai=AMfl-YS4cV92VQ-BbQ71NJAgTaPMfMSGKBM9NypH7rBu4laHPrZZBqWsrchdin_JQZPD5baCoDtBJuLbr_nJJAZkvfnJjRmMhUMMV3KUVblD9OEz7gOcavRZBkBpXk3R-Vsj&sig=Cg0ArKJSzHhshKJcAtm_EAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 6FF7F88D7AFCD1FF0B1D733E13B24378
Requests: 11 HTTP requests in this frame

Frame: https://4d6f72d0e14a2586548118fd7cc8457d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: EC585E30C29BB3E93FA205941E13B3C8
Requests: 16 HTTP requests in this frame

Frame: https://4d6f72d0e14a2586548118fd7cc8457d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 27504F7780E6541FA7EB01E8D0460933
Requests: 10 HTTP requests in this frame

Frame: https://playtime.tubemogul.com/ud/prod/ad_plugins/release/displayproxy-20201012.js?auction_id=2033177727147589838.3843878600110830905
Frame ID: 48C122CC9EC7F99D259D8AC74B0D08FB
Requests: 19 HTTP requests in this frame

Frame: https://ads.as.criteo.com/delivery/r/afr.php?z=Y1L0fwAC6ugDgwEMAApQ1jR685-xTgtrtLud2w&u=%7CofVbK1XmZRbPu%2FhZt%2FV3fq8L%2B8opEzGA0RmCmiEnt%2B0%3D%7C&c1=0n2XosTo5cliKCnvh9OE5jqZHIJlQ7xgp7yhsEndoSQWtCdBOgT7K4ozbUym4LQBP0pW1DkPG3cqCrmCt---Av6Kjbuz6oDarG3WZ1PjBDpweLK-UsMlDvClDVsbgNGYem2l2F_Zskv2jxgp958pnROz25-dhZto5ES6GUwDdN1NN468diB8wZkUxgu4NZJv0jhS5zWR-jifqd_h4qubI-aNOCkx8vJ8jDe8NZeskPl1Vzt878HaV_cxKr37z9foYp8GTUczxfiGnpa18Vrb0YjPHOEu4u31-h4gjGIM1kei-gMEI1B9fOtTq2pyfOcxX3QK8Cha2n2RBRW_nIelCNVqv_O4LxsYoMA3tlMnJJtL0Eqpp8_ET-G6WtcoQRLp2hwab92Nksh44X41vzVkb_Co8sNaVsBq_zWmd1WNB6dLFZzgQzoCbclDA-K-KhO05MTBbCYOVdK5bCnBImlbV_E1QYVyBxNZ3BXpXGMcxP_H3HacJBXgmyTZOGccHkPGm45G7OGQMmVFxZQAgY3I1EXkftfu-bJKJULQca4dI2a48XmYtEntGlT16FpvR0GqJJOC5L4idxo2osmqwlbdv7YQ1swa3N7Jqg_mTJX9n7tkAF_u6qYl8IlNjZ3ZNx92RTH7M5mtdkJprgyovPWCLg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCED5Of_RSY-jVC4yCjMwP1qGpgAWY_NGxXKqEzOSFAcCNtwEQASAAYKWAgICQAYIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQJAHLB2MyylPuACAKgDAaoEzgJP0FQDYputrVq4mBZC85-yElHjyZS2Jg_7LUTvNGHz-3e9_X4AvWIcWcJ3q-pUyk_FZVRdqw9dTIk_uop2frxQBb8_eNeQaa5uI2LtPq6G1hn684b6CvwKVFmGPHn7xcEa_YbonbbK3OLxSPPjI0YNcKMvkOQqfjwHOH9FNeKXo8RYxlMGNUbpWVqruBJibqFt8AF_TgXmqnLQLEAlES7u22sviP_I3arpqvn0qvyQu97lMsk2h0gdrkLIcjH4tnb7i6c8m-Hesp10qUtZ6h8lxeG8AmerimzhAjWGi1pgwc8lk6dHjERr0V0MKRsA8EsEwztjmVyoUGzoBkxzVUkZEUe_uQUSMhJkrYvoi954WJ_sZdrM5u7XU7k-o_lKoJCNpPtyx7w58l2Vq3sbwbNjigiO_KpWPiHzMOCzeRPO9_B-S3v12Z96l_bF_XVl4AQBgAbumczxoPKew5QBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_09LmVbMVdAq-eVz3MUJsrAaekHTw%26client%3Dca-pub-8933329999391104%26adurl%3D
Frame ID: 0E6432D7389BEF55F6827D747828E3B7
Requests: 22 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 7607994ECB3509D3DACD509E48E0D1D2
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 4BCBC025CCC1FD97D0E972609F720948
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 711526D2A415825287B0BD725CFB8978
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 03EA0001BE3BFE78416C21C03A28BB85
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 685426481A0069EACD5FFE77EB754630
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 8E7837CCC12FC10436A4A137485C6649
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/uorw1Q15Z41enm5ok1wjUR_2roEciA9rCBWFXmlrAj4.js
Frame ID: 5300F3B32A2AEE1C312DAF09179036F6
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1666380926195
Frame ID: 69CF93FBD6328E76F74D35DE52E8CBC5
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 1A0E4D656D5FADB5341E584943A93AC5
Requests: 3 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?&ld=1
Frame ID: 23EB8EB6FB78A5495E5A76720093F7D4
Requests: 11 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 8796BA4DBC340343E7DF0255533E58B9
Requests: 7 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: FF91A3A98C042CB8C435C72423CA58DC
Requests: 1 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: CA82492859E2FF405295FA78E702C85E
Requests: 13 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 611700C1057BE39346E16EF4E6F4D048
Requests: 10 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Frame ID: 1B05474C157F53890FC4FCD06518202E
Requests: 13 HTTP requests in this frame

Frame: blob://https://www.bg3.co/22b1ab14-6cf6-4fbb-8c0b-f3955a6586b4
Frame ID: 3EA31E025BFA724DA5F307C453EF0768
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 647C6C2170FA4CF0C6ACC0A08DDCC464
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=medianet
Frame ID: 497B7D878C9DBB40225623A74E6E6ED9
Requests: 3 HTTP requests in this frame

Frame: https://contextual.media.net/cksync.html?cs=8&vsid=3093825276832204000V10&type=rkt&refUrl=&vid=63809309313093825276832204000V10&ovsid=1976306189845025023
Frame ID: D7054F922AF2838790936CE9C2B510F5
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3093825276832204000V10%26type%3Dpba%26refUrl%3D%26vid%3D63809309313093825276832204000V10%26ovsid%3DPM_UID
Frame ID: 082E63ACE08F612F3A34EBF0600A5A67
Requests: 18 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26uid%3D
Frame ID: 295F6B00B374AF79E07CECEF0B8F73D2
Requests: 5 HTTP requests in this frame

Frame: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Frame ID: 9009627DAC7380EF42B27CC72C6883C0
Requests: 16 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Frame ID: BCB964E0582B339017F388AF4056D8F1
Requests: 1 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Frame ID: D97C1AB6A47FF9759C5EDE58E5CD99B9
Requests: 6 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Frame ID: B03F72638FC0DD1E35AE95399F273855
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Frame ID: 2E7CF855EA9ED73BD2E94CDFEED9E7F1
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Frame ID: 6C6C8523B1F2763810DC9CC5D39F2D01
Requests: 5 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=951AD2CF-7A6E-400E-A9F4-CFC29AD75D3C
Frame ID: F3E1F9EDDC8CB99F7652CE2AA66AC669
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:c2dc6352-f481-4700-a9d3-3ff400100b3b&gdpr=0&gdpr_consent=
Frame ID: 81DEFC60D6BDB0B52FBF2D40828F403E
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y1L0fwAAAMvh4wAK&gdpr=0&gdpr_consent=
Frame ID: CC55A9A83D2F11942C07975AD30BB259
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=xiolsqy0zzz
Frame ID: 204910EAB36EB98130BCD5C651008C04
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=H51zzE-acZgElyCYGZprxxmbJJgEzX-cEJ56tnap
Frame ID: 20889D78ABEB919194F5690242399CE8
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7501827152657204586&gdpr=0&gdpr_consent=
Frame ID: B0787FC239F14C1AFC9ADCCC1C535952
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 65EE44A6FF0B85DB58538B7A08586D77
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=kEoEJVJTS-NBAvTVnKfN-K310YI
Frame ID: 0E6451A0462D6663E7CE866648FA68F9
Requests: 1 HTTP requests in this frame

Frame: https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=pubmatic&rd=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw%26piggybackCookie%3D
Frame ID: 49B8B3004449C2711DAD1035DA811116
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=UoafA6vpA5KnzS7HhPRSYw
Frame ID: DB0441E8EAB3BC5608501FFED27B3C87
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=babaf9eaa4af433e8dceb3bca6b77cbf
Frame ID: F57873C3008DE39D9F041234E0D25920
Requests: 1 HTTP requests in this frame

Frame: https://dps.jp.cinarra.com/pxd?PLATFORM_ID=D&USER_ID=951AD2CF-7A6E-400E-A9F4-CFC29AD75D3C
Frame ID: 26497AE3E0EDEE1B568FF6692B75BE8E
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:KllpDhQH1OLXNL5&gdpr=0&gdpr_consent=
Frame ID: 4FA2EF60D2EEEF5152CEB95A3703902F
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=870b7612-5177-11ed-ae01-54a68b330875
Frame ID: B461378BE82FCD994BC474424CE34FE3
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rhy&i=RX-a8b9b933-ce2c-46f4-ac41-fa365bd7ab5c-004
Frame ID: B2F462B9C6B251B52ED1AE3C2889E3D0
Requests: 1 HTTP requests in this frame

Frame: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=ce7d40a3-0357-428b-b4d3-1d0b87ad79e1-tucta4c7a04&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Frame ID: B16F66E61FAB16E43E2820BEE569B753
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 6493FB2A4471E3C5F4C073B58101315F
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: F5FD55CDDAC312980A14BC7D34E6CB35
Requests: 1 HTTP requests in this frame

Frame: https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}&gdpr=0&gdpr_consent=
Frame ID: 91040592F3471C8DB602A5A5595A4E30
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/cksync.php?cs=8&vsid=3093825276832204000V10&type=pba&refUrl=&vid=63809309313093825276832204000V10&ovsid=951AD2CF-7A6E-400E-A9F4-CFC29AD75D3C
Frame ID: DFB56653E6558CABBEF39170D5EC497D
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=mmh&i=c2dc6352-f481-4700-a9d3-3ff400100b3b&gdpr=0&gdpr_consent=
Frame ID: F75612EC5A34FB4A1FC889368CD51E4E
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=atm&i=Y1L0fwAAAMvh4wAK&gdpr=0&gdpr_consent=
Frame ID: 56034D58A7FE73BD30632F3403164019
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=YV83NWFmODE0Yi04MTVlLTRjN2QtOTkxMS1iNjBhOGUzZjYwNjk=&gdpr=0&gdpr_consent=
Frame ID: BE77DDD31149E4F14567DC443A78DD2C
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: 09B93C7D7BD5055E0169D7FE33FC4E23
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=ttd&i=18e01040-c1b4-4d65-84d0-2effa943fb60
Frame ID: EF1F7E17D7C7CAB1FAFD2460A5CDD682
Requests: 1 HTTP requests in this frame

Frame: https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID&gdpr=0&gdpr_consent=
Frame ID: 60405DC8B94AF3C7AC8CAFBCBDEC41C6
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=Y1L0hMCo8XUAACBNFdwAAAAA
Frame ID: 07C3C0FB4B61D6502A68E348F9FE221D
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=iex&i=Y1L0firY8LwSZ3dE2ufZVAAA%264686
Frame ID: E57CB71EAF938E1AED4C708D388A6D59
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=b7gTcOouOLY3xsQPdykv&pi=gumgum&tc=1
Frame ID: 1863E5D947E89A927C9CB59E8D30AF27
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: 70376D9F536D0BB9B3D0B8804AD6DC2C
Requests: 3 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Frame ID: 1EFC511CBCA27DE6CF2FBDB547095A71
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:D2EB9873C83048939AA9FBD5914232D7
Frame ID: A594F5C537ACF8447C8444817C47B416
Requests: 1 HTTP requests in this frame

Frame: https://ads.servenobid.com/sync?pid=316&uid=951AD2CF-7A6E-400E-A9F4-CFC29AD75D3C
Frame ID: A170713F558CD328A8DDEE2604A3602F
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Frame ID: FB46B89ED64E525F5BE363195C11CCEF
Requests: 1 HTTP requests in this frame

Frame: https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID
Frame ID: 0369D6D3330E5610C387FFC40AF2933A
Requests: 1 HTTP requests in this frame

Frame: https://x.yieldlift.com/setuid?bidder=pubmatic&gdpr=0&gdpr_consent=&us_privacy=1YN-&uid=951AD2CF-7A6E-400E-A9F4-CFC29AD75D3C
Frame ID: CD94D5475F3F39C61CEE4DD7D498ADAF
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

海軍新一批生長期班飛行學員結業,有個新突破 - 天天要聞

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/pagead/show_ads\.js
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • https?://an\.yandex\.ru/
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

514
Requests

72 %
HTTPS

0 %
IPv6

109
Domains

172
Subdomains

103
IPs

10
Countries

3701 kB
Transfer

8977 kB
Size

104
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • https://ads.aralego.com/sdk HTTP 301
  • https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
Request Chain 126
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJpyf3Wc-oyn0nQMmyIvIqs&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJpyf3Wc-oyn0nQMmyIvIqs&google_cver=1&C=1
Request Chain 127
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y1L0fpUVRrvg7nfAfPh9bgAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJpyf3Wc-oyn0nQMmyIvIqs&google_cver=1
Request Chain 128
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEHlynJs02mHlFuymEVMl5Oo&google_cver=1 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEHlynJs02mHlFuymEVMl5Oo%26google_cver%3D1
Request Chain 129
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzcwMDA5NDU4NjcwODkxNTcxNg%3D%3D
Request Chain 131
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJpyf3Wc-oyn0nQMmyIvIqs&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJpyf3Wc-oyn0nQMmyIvIqs&google_cver=1&C=1
Request Chain 132
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y1L0fn7yrPLoQcPWgjaiogAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJpyf3Wc-oyn0nQMmyIvIqs&google_cver=1
Request Chain 133
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEHlynJs02mHlFuymEVMl5Oo&google_cver=1 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEHlynJs02mHlFuymEVMl5Oo%26google_cver%3D1
Request Chain 134
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzk4MzU0NzA0NzExODI0Njk5Ng%3D%3D
Request Chain 150
  • https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEAwbsdt1bcSzPQ_u8S7Hogw&google_cver=1&google_push=AZmPxg9yGimQNtTIN7wcFDPLD0HFgUf08BcpitlPM2LSt4utgzYJHeXSn3I7VCF5ttKBDgTt5RFO17xK-1QBxvJW4ihz8iAaL5RklwyMfaRCHXjm7rz29jadJ9wOnGHzt-E4Y65g2mnD7XGmGtlkrtJ8Qso HTTP 302
  • https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=26e8ebc23f1020af&is_secure=true&networkId=14000&version=1&google_gid=CAESEAwbsdt1bcSzPQ_u8S7Hogw&google_cver=1&google_push=AZmPxg9yGimQNtTIN7wcFDPLD0HFgUf08BcpitlPM2LSt4utgzYJHeXSn3I7VCF5ttKBDgTt5RFO17xK-1QBxvJW4ihz8iAaL5RklwyMfaRCHXjm7rz29jadJ9wOnGHzt-E4Y65g2mnD7XGmGtlkrtJ8Qso HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAALh0NjBEZh2gMyvvE1AAAAAAA&expiration=1666467327&google_cver=1&is_secure=true&google_gid=CAESEAwbsdt1bcSzPQ_u8S7Hogw&google_push=AZmPxg9yGimQNtTIN7wcFDPLD0HFgUf08BcpitlPM2LSt4utgzYJHeXSn3I7VCF5ttKBDgTt5RFO17xK-1QBxvJW4ihz8iAaL5RklwyMfaRCHXjm7rz29jadJ9wOnGHzt-E4Y65g2mnD7XGmGtlkrtJ8Qso
Request Chain 151
  • https://v9999.adv.admeme.net/drtb/n?google_gid=CAESENYLK-SP1o0H_FdvpwGH2L8&google_cver=1&google_push=AZmPxg-soIVojACutkMJHepcDoJvaxJmdhCKEuU318SxKeE8jBwdZp0nX7B8VI4zBfEUBQ8Vypmd-SG3k0lRMjRn-a1F2cBoPxtIq68_pHJ6dlBUvkzNgALt5HHG4R7hvDhZP_nvA9gA7e7q1DMNQ35CGa8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=kpis&google_push=AZmPxg-soIVojACutkMJHepcDoJvaxJmdhCKEuU318SxKeE8jBwdZp0nX7B8VI4zBfEUBQ8Vypmd-SG3k0lRMjRn-a1F2cBoPxtIq68_pHJ6dlBUvkzNgALt5HHG4R7hvDhZP_nvA9gA7e7q1DMNQ35CGa8
Request Chain 153
  • https://x.bidswitch.net/sync?ssp=google_jp&google_gid=CAESEHXnqUuupIMieD5QbRVCBxw&google_cver=1&google_push=AZmPxg-xMbhA0pVtMo7Teljcu015w6TtdNDjJpZPekCyFVI60-3yoF-eetlL3097xY3fDmsHMz1xpQHgSYJBbY8df4w2GA4NbkFm11SuxCByKS8omIJY2BOMOiNJQlliFXl0uiquRbO6v7ehWo73MEYeo9Y HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=google_jp&google_gid=CAESEHXnqUuupIMieD5QbRVCBxw&google_cver=1&google_push=AZmPxg-xMbhA0pVtMo7Teljcu015w6TtdNDjJpZPekCyFVI60-3yoF-eetlL3097xY3fDmsHMz1xpQHgSYJBbY8df4w2GA4NbkFm11SuxCByKS8omIJY2BOMOiNJQlliFXl0uiquRbO6v7ehWo73MEYeo9Y HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=e8e30d2f-61ec-4802-a103-57a098722b8a&ssp=google_jp&gdpr=&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10524560487958652797&gdpr=&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.visitorid%3D%24%7BTA_DEVICE_ID%7D%26ssp%3Dgoogle_jp%26gdpr_consent%3D%26gdpr%3D HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2910&partner_device_id=10524560487958652797&gdpr=&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.visitorid%3D%24%7BTA_DEVICE_ID%7D%26ssp%3Dgoogle_jp%26gdpr_consent%3D%26gdpr%3D HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=e6dd36e3-0a67-4488-b839-23f315d550e5&ssp=google_jp&gdpr_consent=&gdpr= HTTP 302
  • https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=10524560487958652797&ssp=google_jp&gdpr=&gdpr_consent= HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_785409&src.visitorId=208840804311005467984&ssp=google_jp&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10524560487958652797&ssp=google_jp&gdpr=&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=iponweb_japan&google_push=AZmPxg-xMbhA0pVtMo7Teljcu015w6TtdNDjJpZPekCyFVI60-3yoF-eetlL3097xY3fDmsHMz1xpQHgSYJBbY8df4w2GA4NbkFm11SuxCByKS8omIJY2BOMOiNJQlliFXl0uiquRbO6v7ehWo73MEYeo9Y&google_hm=6OMNL2HsSAKhA1egmHIrig==
Request Chain 154
  • https://cs.media.net/cksync?type=g&google_gid=CAESEL4KwZeaQbdPxnxKiujSprU&google_cver=1&google_push=AZmPxg_MQr8f5wKAuC2fdcvPXWUB-vJshC8tp0albh7CgbZ0UUrMvQzrnlUyWgwIDOSY1V35X_r5AkpywS-YWdGtcMuZzBPSvMeqzbr1MbIbCAXSQobaof96aIJiHe_fk5D3yEVe5mKQPL6gTcdNWxVnP9A HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzA5MzgyNTI3NjgzMjI2NjAwMFYxMA%3d%3d&mn_hm=MzA5MzgyNTI3NjgzMjI2NjAwMFYxMA%3d%3d&google_sc=1&google_push=AZmPxg_MQr8f5wKAuC2fdcvPXWUB-vJshC8tp0albh7CgbZ0UUrMvQzrnlUyWgwIDOSY1V35X_r5AkpywS-YWdGtcMuZzBPSvMeqzbr1MbIbCAXSQobaof96aIJiHe_fk5D3yEVe5mKQPL6gTcdNWxVnP9A&gdpr=&gdpr_consent=
Request Chain 156
  • https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEIIboHTTsozzfCS4eJaVejQ&google_cver=1&google_push=AZmPxg880dbapl3HIPIpZjxVd8LXqbPoC7mUvdK_vkcmXycCfVUw294US9Fsv3l15ww7J-6yPrsPEPg2wz-oI4RiaZ694GHDxMeojhH3QAvuLfjmPa6csBk702iuPDfdAQAWYN9iBR_EBN09XBBmPw9QFEs HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AZmPxg880dbapl3HIPIpZjxVd8LXqbPoC7mUvdK_vkcmXycCfVUw294US9Fsv3l15ww7J-6yPrsPEPg2wz-oI4RiaZ694GHDxMeojhH3QAvuLfjmPa6csBk702iuPDfdAQAWYN9iBR_EBN09XBBmPw9QFEs&google_hm=NDE1NDE5ODQwMzIyMTU5MjAxOQ%3D%3D
Request Chain 158
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEDwBlTfwKxqB0J6MbnYP9pY&google_cver=1&google_push=AZmPxg_SyI3MDr35L6p0G7wm7EGbpwP0sWaKuI9vMk90G1E1fWPIY35B4O6dQN4mBauOgVmPpEkTkcMeoQXhB5dLSc9lmfdqR8cuSaiTZEBGrooTmT1AJaiy17a8gW6QTPBk_0CJatQe-shR_dg-pmhYxQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODg0MzY5MjMyMjIwODE1MjM5MA==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEDwBlTfwKxqB0J6MbnYP9pY&google_cver=1
Request Chain 159
  • https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEAr5zVl5rtirNsF9goc9rM4&google_cver=1&google_push=AZmPxg9Iwaz6oFvU1e3gmgA5V2QffRl_YOqZ9wP0m9LtEXQ1z6PYcHSq0wF1h3SvGbRVgYLCac4ZHcPIrqDXf3cl5lncMWiW9ZKvPZm8YlHFb_K4LhYhR3oX-1YzZ28TisTdp9MPcNBloegm2m15KEQQpd8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AZmPxg9Iwaz6oFvU1e3gmgA5V2QffRl_YOqZ9wP0m9LtEXQ1z6PYcHSq0wF1h3SvGbRVgYLCac4ZHcPIrqDXf3cl5lncMWiW9ZKvPZm8YlHFb_K4LhYhR3oX-1YzZ28TisTdp9MPcNBloegm2m15KEQQpd8
Request Chain 160
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESECRFX9bG3P9UE7z9uDvHtXU&google_cver=1&google_push=AZmPxg9EKWAtSXwD-NnvCMl-K7vd2Au4zW906j_aSMoyMYXQrHG_58zQDHxjxFkaQhKUaoRXGfXD8Q7PgQ_8bo5nUJs01dpbvKzMHibqp2KlNq_oLw8aHniUfg2-kYyn9p32aST9j_CSthbxHseDGPwScJc HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESECRFX9bG3P9UE7z9uDvHtXU&google_cver=1&google_push=AZmPxg9EKWAtSXwD-NnvCMl-K7vd2Au4zW906j_aSMoyMYXQrHG_58zQDHxjxFkaQhKUaoRXGfXD8Q7PgQ_8bo5nUJs01dpbvKzMHibqp2KlNq_oLw8aHniUfg2-kYyn9p32aST9j_CSthbxHseDGPwScJc&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=lRrSz3puQA6p9M_CmtddPA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AZmPxg9EKWAtSXwD-NnvCMl-K7vd2Au4zW906j_aSMoyMYXQrHG_58zQDHxjxFkaQhKUaoRXGfXD8Q7PgQ_8bo5nUJs01dpbvKzMHibqp2KlNq_oLw8aHniUfg2-kYyn9p32aST9j_CSthbxHseDGPwScJc
Request Chain 161
  • https://dsp.adkernel.com/sync?exchange=11&google_gid=CAESEL9v3wG3my3GYiUzRx9RDdI&google_cver=1&google_push=AZmPxg9LwFaevysXbVXXQGxWesUpWy9-IOvWpstYhy0R6co--bYAY3pDRYpQdOtICVOcnAIMds4NfO3CrLXqXNkXlVgv2J_E7GbNPMQvhFxaL8YMxgNSDTxrN0DX3Mk3z0ZUABZk_Q274X2dhB_FfBvFQRg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTM1NzE1NTAwNTMwMTMyNDMyOTA&google_push=AZmPxg9LwFaevysXbVXXQGxWesUpWy9-IOvWpstYhy0R6co--bYAY3pDRYpQdOtICVOcnAIMds4NfO3CrLXqXNkXlVgv2J_E7GbNPMQvhFxaL8YMxgNSDTxrN0DX3Mk3z0ZUABZk_Q274X2dhB_FfBvFQRg
Request Chain 162
  • https://ds.uncn.jp/doubleclick/0/sync_push?google_gid=CAESEAqS46O0O9JYu2T3YjKBK1o&google_cver=1&google_push=AZmPxg-6w74hkk4hP7333Zj1JgINkHumo1-aAyMC6A5s0Y4GJv031tuJpeSEEpitOKTe_-9wjxiQycthi3j11KROIusjZqrAVd33dQK_lhs9Zu3--0bcPTtRvSBLOD_RjAHQEYck2I5PaDOi6I2bt4txXA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=unicorn&google_push=AZmPxg-6w74hkk4hP7333Zj1JgINkHumo1-aAyMC6A5s0Y4GJv031tuJpeSEEpitOKTe_-9wjxiQycthi3j11KROIusjZqrAVd33dQK_lhs9Zu3--0bcPTtRvSBLOD_RjAHQEYck2I5PaDOi6I2bt4txXA&google_hm=ASI4XNKEKkn7kCrlL855c3s
Request Chain 163
  • https://cs.media.net/cksync?type=g&google_gid=CAESEHaJwhN9HoK9davzUl4o34I&google_cver=1&google_push=AZmPxg8CEqpQokPi5IyNtnIjmkH6Araa34dbh5eCw_tkslTJR4B9ALCyGNiJc7gMPLrN2zVgeZrkvDLFEqKlZ7BJvwsVN7bMcmX6mR2YFoVr0qIPBHfobSMZ_KL38B7vY5n6S5B6ktLqC13xUPY3zy18Fyg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzA5MzgyNTI3NjgzMjIwNDAwMFYxMA%3d%3d&mn_hm=MzA5MzgyNTI3NjgzMjIwNDAwMFYxMA%3d%3d&google_sc=1&google_push=AZmPxg8CEqpQokPi5IyNtnIjmkH6Araa34dbh5eCw_tkslTJR4B9ALCyGNiJc7gMPLrN2zVgeZrkvDLFEqKlZ7BJvwsVN7bMcmX6mR2YFoVr0qIPBHfobSMZ_KL38B7vY5n6S5B6ktLqC13xUPY3zy18Fyg&gdpr=&gdpr_consent=
Request Chain 164
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESECnMMGLcPCYJYcav9rLpdOs&google_cver=1&google_push=AZmPxg-3VeF5Yly-SQNWbKpXD9LM1-PohUC2jpW2LYGB5zafz_U9FXqEQLPIEzRxiqoafm3YVMeoNtF-UJ7UyHPDrqbXw-pwFsWD-m-72VLeVajRXQCRjJo8SMrdAs_K0IWujRus7SolXaLsXJI-BJM2Fvj2 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESECnMMGLcPCYJYcav9rLpdOs&google_cver=1&google_push=AZmPxg-3VeF5Yly-SQNWbKpXD9LM1-PohUC2jpW2LYGB5zafz_U9FXqEQLPIEzRxiqoafm3YVMeoNtF-UJ7UyHPDrqbXw-pwFsWD-m-72VLeVajRXQCRjJo8SMrdAs_K0IWujRus7SolXaLsXJI-BJM2Fvj2&verify=true HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS11MHh1WWQxRTJ1R29JaUZobko5TTJDZzNyY0Q5NGk2b35B&google_push=AZmPxg-3VeF5Yly-SQNWbKpXD9LM1-PohUC2jpW2LYGB5zafz_U9FXqEQLPIEzRxiqoafm3YVMeoNtF-UJ7UyHPDrqbXw-pwFsWD-m-72VLeVajRXQCRjJo8SMrdAs_K0IWujRus7SolXaLsXJI-BJM2Fvj2
Request Chain 260
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEDwBlTfwKxqB0J6MbnYP9pY&google_cver=1&google_push=AZmPxg8NkG3REFTamVMLuClabQyKDGRD3AZ5L_jTLH_yo7CekOFSHB8ZXVXOoUpNIuJA7AC3xc1TDfsWTb3mdSYRxI1Wcw-WyibxRE94gBcpBbXT4Cjyrtf2OkwNtQb5t208dKSoh7gViHs HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODg0MzY5MjMyMjIwODE1MjM5MA==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEDwBlTfwKxqB0J6MbnYP9pY&google_cver=1
Request Chain 261
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEKHM2cAstP2fH9J5nDqmH7M&google_cver=1&google_push=AZmPxg_EAefGUu9WeFQyIxaN-GPHhWdPC19i6nLmxkz0KuTPj-lggizCciUSWw2SFHNl3VWypEXsizOtijiMGqaAk6oQQLDrXculuDkD7M7f4hcaaQNvg_coDk_m7KMvBW2EjZNf4uiPCNw HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEKHM2cAstP2fH9J5nDqmH7M&google_cver=1&google_push=AZmPxg_EAefGUu9WeFQyIxaN-GPHhWdPC19i6nLmxkz0KuTPj-lggizCciUSWw2SFHNl3VWypEXsizOtijiMGqaAk6oQQLDrXculuDkD7M7f4hcaaQNvg_coDk_m7KMvBW2EjZNf4uiPCNw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=S2xscERoUUgxT0xYTkw1&google_gid=CAESEKHM2cAstP2fH9J5nDqmH7M&google_cver=1&google_push=AZmPxg_EAefGUu9WeFQyIxaN-GPHhWdPC19i6nLmxkz0KuTPj-lggizCciUSWw2SFHNl3VWypEXsizOtijiMGqaAk6oQQLDrXculuDkD7M7f4hcaaQNvg_coDk_m7KMvBW2EjZNf4uiPCNw
Request Chain 262
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEOukcUdl1JeA0pi8OEllITw&google_cver=1&google_push=AZmPxg-fQ35Tk2DueWVs-r6wB-YX4899HySaqxYoQOC5sM-eUvJ6gLVQ0T5wD4tYIf24yl1a1FVbdGd4yTPZF31kv5oCRdVLfkpxNiLKcplb7oK7WqwbKy-wo2XDoWMV8eLkyTsWx3Z0RH0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AZmPxg-fQ35Tk2DueWVs-r6wB-YX4899HySaqxYoQOC5sM-eUvJ6gLVQ0T5wD4tYIf24yl1a1FVbdGd4yTPZF31kv5oCRdVLfkpxNiLKcplb7oK7WqwbKy-wo2XDoWMV8eLkyTsWx3Z0RH0
Request Chain 263
  • https://um.simpli.fi/gp_match?google_gid=CAESEAWIBK-OqkFRopPbvxkKm2g&google_cver=1&google_push=AZmPxg8v2mI5QP26_XBnWtS59bIbhyl4p1HRXC1_V5VaUGeDZ54ASJgJ4sqfWeOtKEHBeNXFlkPmKE5qsol_8Hn7CNOJi8TlEpbcodnxsSzK96sTsSeTdHGwmisKYci6XIKXz9eG4mvA7Ig HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=D4208B9EDAC34075BA69BE67A02F5842&google_push=AZmPxg8v2mI5QP26_XBnWtS59bIbhyl4p1HRXC1_V5VaUGeDZ54ASJgJ4sqfWeOtKEHBeNXFlkPmKE5qsol_8Hn7CNOJi8TlEpbcodnxsSzK96sTsSeTdHGwmisKYci6XIKXz9eG4mvA7Ig
Request Chain 264
  • https://match.adsrvr.org/track/cmf/google?google_gid=CAESEKykCnCu7OsT80-iqLGfRiU&google_cver=1&google_push=AZmPxg9593R_ZMKcGAvRUa7mO0_zVsFba8IghxfNWr5d8l-s0alBE48I8X9i28F9rURBT35UrQeN5oG8EXvtbCJZdgSfJ7vWE1lD4XK83V0izpNKDvvqajVbo5MVJD7ZAcWGKWh1KIRiwW8 HTTP 302
  • https://match.adsrvr.org/track/cmb/google?google_gid=CAESEKykCnCu7OsT80-iqLGfRiU&google_cver=1&google_push=AZmPxg9593R_ZMKcGAvRUa7mO0_zVsFba8IghxfNWr5d8l-s0alBE48I8X9i28F9rURBT35UrQeN5oG8EXvtbCJZdgSfJ7vWE1lD4XK83V0izpNKDvvqajVbo5MVJD7ZAcWGKWh1KIRiwW8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=MThlMDEwNDAtYzFiNC00ZDY1LTg0ZDAtMmVmZmE5NDNmYjYw&google_push&gdpr=0&gdpr_consent=&ttd_tdid=18e01040-c1b4-4d65-84d0-2effa943fb60
Request Chain 265
  • https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEJnCRBo1f3jEBcONK0nwWRo&google_cver=1&google_push=AZmPxg9QQ0liGPTimHX3Vqd-re3KKcU7W0lv4Uz08ycfPZGadIGOshPszun6vNy-o8TbOxxdrErejijML8VfEzccQmRITABKdPflwBhvAZNXnp8TbZgL68mJ09aE2q4c40MnJ00HekHMQF4 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AZmPxg9QQ0liGPTimHX3Vqd-re3KKcU7W0lv4Uz08ycfPZGadIGOshPszun6vNy-o8TbOxxdrErejijML8VfEzccQmRITABKdPflwBhvAZNXnp8TbZgL68mJ09aE2q4c40MnJ00HekHMQF4&google_hm=hmNS9H4B0XkU4MFgWw&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D6352F47E01D17914E0C1605BBLIS
Request Chain 266
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEJj7Djn_qTGqP4LaZPDDFdw&google_cver=1&google_push=AZmPxg9kNRqcUUpxgzEdpkUz8bl22kUcFnK4P1fwVgyGnQ8ANek1TSELTwJujYf6qv55WyfNh-DcX9_jHbEgd1tnt4q_2_NQxAspsU4sxI6wNh18TPJmYR7TMozRf_qXxXMl7zlUyZop6eE HTTP 302
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEJj7Djn_qTGqP4LaZPDDFdw&google_push=AZmPxg9kNRqcUUpxgzEdpkUz8bl22kUcFnK4P1fwVgyGnQ8ANek1TSELTwJujYf6qv55WyfNh-DcX9_jHbEgd1tnt4q_2_NQxAspsU4sxI6wNh18TPJmYR7TMozRf_qXxXMl7zlUyZop6eE&s=2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AZmPxg9kNRqcUUpxgzEdpkUz8bl22kUcFnK4P1fwVgyGnQ8ANek1TSELTwJujYf6qv55WyfNh-DcX9_jHbEgd1tnt4q_2_NQxAspsU4sxI6wNh18TPJmYR7TMozRf_qXxXMl7zlUyZop6eE&google_hm=RWIwYjRfbG1LNDAzMmM2cTNEOTY=
Request Chain 277
  • https://rtd-tm.everesttech.net/upi/?sid=iAmSr5a7S9XnZJ29VY9u&cs=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WTFMMGZ3QUFBTXZoNHdBSw
Request Chain 278
  • https://pixel.quantserve.com/seg/r;a=p-T1mksRPv1rGRh;rand=4432968218687010311;redirecturl=https%3A%2F%2Frtd-tm.everesttech.net%2Fupi%2Fextseg%2Fpid%2FPYUnd1ve%3Fsid%3D!qcsegs HTTP 302
  • https://rtd-tm.everesttech.net/upi/extseg/pid/PYUnd1ve?sid=D
Request Chain 280
  • https://sync.crwdcntrl.net/qmap?c=1811&tp=TBMG&tpid=&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=1811&tp=TBMG&tpid=&gdpr=0&gdpr_consent=&ct=y
Request Chain 285
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEOukcUdl1JeA0pi8OEllITw&google_cver=1&google_push=AZmPxg-ZLQuHzCg7WpT3WiPRFmsgCwrvwWuT1j_H5FhLtyut8vJXOT4sX6BkNZWAy11DLwWql_CacpY-el7yUqsADeqhtmXnNlCyicqbpVOipK4uzs5U6f1-4X0UeqlYz1qmk8D1WmUPjnqu HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AZmPxg-ZLQuHzCg7WpT3WiPRFmsgCwrvwWuT1j_H5FhLtyut8vJXOT4sX6BkNZWAy11DLwWql_CacpY-el7yUqsADeqhtmXnNlCyicqbpVOipK4uzs5U6f1-4X0UeqlYz1qmk8D1WmUPjnqu
Request Chain 286
  • https://um.simpli.fi/gp_match?google_gid=CAESEAWIBK-OqkFRopPbvxkKm2g&google_cver=1&google_push=AZmPxg-vT1So_knF38h8KYXRjTwE_Yyu89MOCCWu7H-rU-veNDFPegORYxO2a-y4lkkoCpYL6-6k4gYbHDn_QRbF9VyyS8bSan079Dd6EhbKQqZ3QVfmv5oOr6EhGPG9b15skXOlNhiwZytPBA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=D2EB9873C83048939AA9FBD5914232D7&google_push=AZmPxg-vT1So_knF38h8KYXRjTwE_Yyu89MOCCWu7H-rU-veNDFPegORYxO2a-y4lkkoCpYL6-6k4gYbHDn_QRbF9VyyS8bSan079Dd6EhbKQqZ3QVfmv5oOr6EhGPG9b15skXOlNhiwZytPBA
Request Chain 287
  • https://ipac.ctnsnet.com/int/cm?exc=1&acc=crimtan_au&google_gid=CAESEK2Lag5QxWmQO1bfdPdZPfw&google_cver=1&google_push=AZmPxg8Okhbo2Yyhgc_HsPtUWm8uieXWIQ00nUpS25UXQ5hcilKQJ7jRVJ2oyr_lXX2h2DU46v84o983z_OzMumcDu5CmAzNXfnjFFDv5UpiVdcPx7WV9nUceSDPG-PAuVg6yTdBtu2s-z5J HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AZmPxg8Okhbo2Yyhgc_HsPtUWm8uieXWIQ00nUpS25UXQ5hcilKQJ7jRVJ2oyr_lXX2h2DU46v84o983z_OzMumcDu5CmAzNXfnjFFDv5UpiVdcPx7WV9nUceSDPG-PAuVg6yTdBtu2s-z5J&google_hm=urr56qSvQz6NzrO8prd8v4I
Request Chain 288
  • https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEJnCRBo1f3jEBcONK0nwWRo&google_cver=1&google_push=AZmPxg9qr6mYHKvsW7dA0g_c1UXjWntWdCezbxNqZFkhT4P00wHpu_p-1C3isuD3kmnfSas1fWAapqtHu7mkYgjakQM3k1dXK_9JL2DMQRmKFuWP0ORff5iJ3jn2ku7Oc3zPbgX8AGcZAWl7Dg HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AZmPxg9qr6mYHKvsW7dA0g_c1UXjWntWdCezbxNqZFkhT4P00wHpu_p-1C3isuD3kmnfSas1fWAapqtHu7mkYgjakQM3k1dXK_9JL2DMQRmKFuWP0ORff5iJ3jn2ku7Oc3zPbgX8AGcZAWl7Dg&google_hm=hmNS9H4B0XkU4MFgWw&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D6352F47E01D17914E0C1605BBLIS
Request Chain 289
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEJj7Djn_qTGqP4LaZPDDFdw&google_cver=1&google_push=AZmPxg83Es5_KAX3WtdIhETKFJ8RFmFHS3AkNjlXw4a-tD619WA1jwuw7cJrovfpmzCStY4Wyj9Q7gNRDFs8FlR_oyW1vxliSEbbjnKtfmJw16B1cZjyCiOINbJXWHV64BB5LspOimMzpJKDeg HTTP 302
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEJj7Djn_qTGqP4LaZPDDFdw&google_push=AZmPxg83Es5_KAX3WtdIhETKFJ8RFmFHS3AkNjlXw4a-tD619WA1jwuw7cJrovfpmzCStY4Wyj9Q7gNRDFs8FlR_oyW1vxliSEbbjnKtfmJw16B1cZjyCiOINbJXWHV64BB5LspOimMzpJKDeg&s=2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AZmPxg83Es5_KAX3WtdIhETKFJ8RFmFHS3AkNjlXw4a-tD619WA1jwuw7cJrovfpmzCStY4Wyj9Q7gNRDFs8FlR_oyW1vxliSEbbjnKtfmJw16B1cZjyCiOINbJXWHV64BB5LspOimMzpJKDeg&google_hm=cmxScGpsRVdwSUdVUVBUWlNDUDA=
Request Chain 290
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEBMlZLzAQvvpISfVHTuT2TU&google_cver=1&google_push=AZmPxg9e-Fcu0Sx_4cTpMrBRe-V494E2pgSsWg2L_PCXndBLKMfuaqUv_ydy4v_rsX5-GLCNrYuwzudQ7Itg7g8wuZfPh-wFZdpoHwXx9Kjfm26BfX9tIIG-ibxdB_KxI3Sbg7YQfiehK8IveA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=kEoEJVJTS-NBAvTVnKfN-K310YI&google_push=AZmPxg9e-Fcu0Sx_4cTpMrBRe-V494E2pgSsWg2L_PCXndBLKMfuaqUv_ydy4v_rsX5-GLCNrYuwzudQ7Itg7g8wuZfPh-wFZdpoHwXx9Kjfm26BfX9tIIG-ibxdB_KxI3Sbg7YQfiehK8IveA
Request Chain 291
  • https://an.yandex.ru/mapuid/google/CAESEJeCsCD_df9UBAt6lg04rOY?ext-param=AZmPxg_klYkewkr19q4eN7DcBTYLG4xbjPHF3sZqqS6iXRqwNg5K7OrtvNifIZRp-OMrtHgxPeqBccagIhiFGVyKfpLsPS_qnYBZBLkraAMf76rcEY5g4NlltWdt0I-3wanoqFR3bjR6d1M6kTA&partner-tag=yandex_ag&google_cver=1 HTTP 302
  • https://an.yandex.ru/mapuid/google/CAESEJeCsCD_df9UBAt6lg04rOY?redir-setuniq=1&ext-param=AZmPxg_klYkewkr19q4eN7DcBTYLG4xbjPHF3sZqqS6iXRqwNg5K7OrtvNifIZRp-OMrtHgxPeqBccagIhiFGVyKfpLsPS_qnYBZBLkraAMf76rcEY5g4NlltWdt0I-3wanoqFR3bjR6d1M6kTA&partner-tag=yandex_ag&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEJeCsCD_df9UBAt6lg04rOY&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif HTTP 302
  • https://an.yandex.ru/resource/spacer.gif
Request Chain 332
  • https://eb2.3lift.com/sync HTTP 302
  • https://eb2.3lift.com/sync?&ld=1
Request Chain 338
  • https://x.bidswitch.net/sync?ssp=adaptmx&user_id=35547a94-3441-442f-9002-2b0d5ff75255&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=e8e30d2f-61ec-4802-a103-57a098722b8a&ssp=adaptmx&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10524560487958652797&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.visitorid%3D%24%7BTA_DEVICE_ID%7D%26ssp%3Dadaptmx%26gdpr_consent%3D%26gdpr%3D0 HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=e6dd36e3-0a67-4488-b839-23f315d550e5&ssp=adaptmx&gdpr_consent=&gdpr=0 HTTP 302
  • https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=10524560487958652797&ssp=adaptmx&gdpr=0&gdpr_consent= HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_785409&src.visitorId=208840804311005467984&ssp=adaptmx&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10524560487958652797&ssp=adaptmx&gdpr=0&gdpr_consent= HTTP 302
  • https://prebid.a-mo.net/setuid?bidder=bid_switch&uid=e8e30d2f-61ec-4802-a103-57a098722b8a&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 339
  • https://prebid.a-mo.net/cchain?cb=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Damx%26uid%3D35547a94-3441-442f-9002-2b0d5ff75255&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F5%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26A%3D35547a94-3441-442f-9002-2b0d5ff75255%26bidder%3Dappnexus%26cbx%3DaHR0cHM6Ly9pYi5hZG54cy5jb20vcHJlYmlkL3NldHVpZD9iaWRkZXI9YW14JnVpZD0zNTU0N2E5NC0zNDQxLTQ0MmYtOTAwMi0yYjBkNWZmNzUyNTU%253D%26uid%3D%24UID HTTP 302
  • https://prebid.a-mo.net/cchain/0/5?gdpr=0&gdpr_consent=&us_privacy=1---&A=35547a94-3441-442f-9002-2b0d5ff75255&bidder=appnexus&cbx=aHR0cHM6Ly9pYi5hZG54cy5jb20vcHJlYmlkL3NldHVpZD9iaWRkZXI9YW14JnVpZD0zNTU0N2E5NC0zNDQxLTQ0MmYtOTAwMi0yYjBkNWZmNzUyNTU%3D&uid=7501827152657204586 HTTP 302
  • https://ap.lijit.com/pixel?gdpr=1&gdpr_consent=&us_privacy=1---&redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%2F5%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26A%3D35547a94-3441-442f-9002-2b0d5ff75255%26bidder%3Dsovrn%26cbx%3DaHR0cHM6Ly9pYi5hZG54cy5jb20vcHJlYmlkL3NldHVpZD9iaWRkZXI9YW14JnVpZD0zNTU0N2E5NC0zNDQxLTQ0MmYtOTAwMi0yYjBkNWZmNzUyNTU%253D%26uid%3D%24UID
Request Chain 340
  • https://ups.analytics.yahoo.com/ups/58570/occ?gdpr=0&gdpr_consent=&uid=35547a94-3441-442f-9002-2b0d5ff75255 HTTP 302
  • https://prebid.a-mo.net/setuid/yahoo?uid=y-c5fyyUdE2uEOxIbgqdveLPIxgfn3Pl14hvZy53I-~A&gdpr=0&gdpr_consent=
Request Chain 341
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://prebid.a-mo.net/setuid/magnite?uid=L9IW6FUB-20-2PMU&gdpr=0&us_privacy=1---
Request Chain 345
  • https://ad.turn.com/r/cs?pid=9&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=8843692322208152390&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 346
  • https://match.adsrvr.org/track/cmf/openx?oxid=43645594-18bd-7c0c-f28f-f20a69080af1&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=18e01040-c1b4-4d65-84d0-2effa943fb60&ttd_puid=43645594-18bd-7c0c-f28f-f20a69080af1&gdpr=0&gdpr_consent=
Request Chain 347
  • https://tg.socdm.com/rtb/sync_before?proto=openx HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Y1L0gsCo8XUAACBNFRYAAAAA
Request Chain 348
  • https://cr-p3.ladsp.com/cookiesender/3 HTTP 302
  • https://cr-p3.ladsp.com/cookiesender/3?cr=true HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AeHgfJsAJnPwks8ADwG0sGvldc8AAAGD_AsgEg
Request Chain 350
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFrccFFGgq5nZGGbv0GKxFA&google_cver=1
Request Chain 356
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3658&xuid=18e01040-c1b4-4d65-84d0-2effa943fb60&dongle=0cfd
Request Chain 357
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTEwMzg0OTYzNzQ3NzUxMTU5MDI4Ng%3D%3D HTTP 302
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Request Chain 358
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEOf8Qxehqd4omb6UFJ1NnUQ&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 359
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTEwMzg0OTYzNzQ3NzUxMTU5MDI4Ng%3D%3D
Request Chain 360
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=1103849637477511590286&dbredirect=true&gdpr=0&consent= HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=1103849637477511590286&dbredirect=true&gdpr=0&consent=&cookiesTest=true HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=1ef10a9a-6e67-40fa-99a6-adfd9b5b43cb&_noobservation=1 HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=1ef10a9a-6e67-40fa-99a6-adfd9b5b43cb&_noobservation=1&_expected_cookie=246249ede5fb092356201cc70cbf4e61
Request Chain 361
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=1103849637477511590286&gdpr=0&gdpr_consent= HTTP 302
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift HTTP 302
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=f3e7e15b-a54b-4eeb-9c9c-28c584368c9a&ssp=triplelift HTTP 302
  • https://eb2.3lift.com/xuid?mid=2409&xuid=e8e30d2f-61ec-4802-a103-57a098722b8a&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 362
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/1103849637477511590286?gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-K.0ZxzJE2oSsstXM_e_lFyHMrgbBa8kxOlmdIKtr4A--~A&dongle=0883
Request Chain 363
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=1103849637477511590286 HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=1103849637477511590286&dcc=t
Request Chain 365
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent= HTTP 302
  • https://stags.bluekai.com/site/23178?id=rlRpjlEWpIGUQPTZSCP0&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5OJWFE4DKNRCVO4CJI5KVCUCULJJUGUBQ&gdpr=0 HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5OJWFE4DKNRCVO4CJI5KVCUCULJJUGUBQ HTTP 302
  • https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=rlRpjlEWpIGUQPTZSCP0
Request Chain 366
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=18e01040-c1b4-4d65-84d0-2effa943fb60&expiration=1668972930&gdpr=0&gdpr_consent=
Request Chain 367
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y1L0firY8LwSZ3dE2ufZVAAAEk4AAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEL5G5H_bZHXIgbcwuAeoCuE&google_cver=1
Request Chain 368
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y1L0firY8LwSZ3dE2ufZVAAAEk4AAAIB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y1L0firY8LwSZ3dE2ufZVAAAEk4AAAIB&dcc=t
Request Chain 370
  • https://match.prod.bidr.io/cookie-sync/ie HTTP 303
  • https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1 HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AABvH07GpekAACJP-GsyHg&expiration=1667590531
Request Chain 371
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y1L0fwAAAMvh4wAK
Request Chain 372
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=B-wsdFfrLiAc5n8gAes0fwHqeyAcvCAkCO_07lyx
Request Chain 373
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=Y1L0firY8LwSZ3dE2ufZVAAA%264686?gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=Y1L0firY8LwSZ3dE2ufZVAAA%264686
Request Chain 378
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=medianet HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=medianet
Request Chain 379
  • https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3093825276832204000V10%26type%3Drkt%26refUrl%3D%26vid%3D63809309313093825276832204000V10%26ovsid%3D%7Buserid%7D HTTP 302
  • https://contextual.media.net/cksync.html?cs=8&vsid=3093825276832204000V10&type=rkt&refUrl=&vid=63809309313093825276832204000V10&ovsid=1976306189845025023
Request Chain 381
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3093825276832204000V10%26type%3Dapx%26refUrl%3D%26vid%3D63809309313093825276832204000V10%26ovsid%3D%24UID HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3093825276832204000V10&type=apx&refUrl=&vid=63809309313093825276832204000V10&ovsid=7501827152657204586
Request Chain 382
  • https://us-u.openx.net/w/1.0/cm?id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3093825276832204000V10%26type%3Dopx%26refUrl%3D%26vid%3D63809309313093825276832204000V10%26ovsid%3D HTTP 302
  • https://contextual.media.net/cksync.html?cs=8&vsid=3093825276832204000V10&type=opx&refUrl=&vid=63809309313093825276832204000V10&ovsid=8b483c0b-b3bd-46ec-91c0-8c64dbe7982d
Request Chain 383
  • https://sync.mathtag.com/sync/img?mt_exid=64&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3093825276832204000V10%26type%3Dmma%26refUrl%3D%26vid%3D63809309313093825276832204000V10%26ovsid%3D%5BMM_UUID%5D HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3093825276832204000V10&type=mma&refUrl=&vid=63809309313093825276832204000V10&ovsid=c2dc6352-f481-4700-a9d3-3ff400100b3b
Request Chain 384
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3093825276832204000V10%26type%3Dr1%26refUrl%3D%26vid%3D63809309313093825276832204000V10%26ovsid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&zcc=1&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3093825276832204000V10%26type%3Dr1%26refUrl%3D%26vid%3D63809309313093825276832204000V10%26ovsid%3D%5BRX_UUID%5D&cb=1666380931442 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1510323250 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/18e01040-c1b4-4d65-84d0-2effa943fb60 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-a8b9b933-ce2c-46f4-ac41-fa365bd7ab5c-004?redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3093825276832204000V10%26type%3Dr1%26refUrl%3D%26vid%3D63809309313093825276832204000V10%26ovsid%3DRX-a8b9b933-ce2c-46f4-ac41-fa365bd7ab5c-004 HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3093825276832204000V10&type=r1&refUrl=&vid=63809309313093825276832204000V10&ovsid=RX-a8b9b933-ce2c-46f4-ac41-fa365bd7ab5c-004
Request Chain 385
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3093825276832204000V10%26type%3Ddxu%26refUrl%3D%26vid%3D63809309313093825276832204000V10%26ovsid%3D_wfivefivec_ HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3093825276832204000V10&type=dxu&refUrl=&vid=63809309313093825276832204000V10&ovsid=KllpDhQH1OLXNL5
Request Chain 387
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1 HTTP 302
  • https://event.clientgear.com/cookie/bidswitch?partner=bidswitch&bidswitch_ssp_id=medianet&bsw_custom_parameter=e8e30d2f-61ec-4802-a103-57a098722b8a HTTP 302
  • https://event.clientgear.com/gogocookie/bidswitch?partner=bidswitch&bidswitch_ssp_id=medianet&bsw_custom_parameter=e8e30d2f-61ec-4802-a103-57a098722b8a
Request Chain 388
  • https://b1sync.zemanta.com/usersync/medianet/?cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3093825276832204000V10%26type%3Dzem%26refUrl%3D%26vid%3D63809309313093825276832204000V10%26ovsid%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=rlRpjlEWpIGUQPTZSCP0&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPLSNRJHA2TMIVLXASKHKVIVAVC2KNBVAMBGOJSWMVLSNQ6SM5DZOBST26TFNUTHM2LEHU3DGOBQHEZTAOJTGEZTAOJTHAZDKMRXGY4DGMRSGA2DAMBQKYYTAJTWONUWIPJTGA4TGOBSGUZDONRYGMZDEMBUGAYDAVRRGA HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPLSNRJHA2TMIVLXASKHKVIVAVC2KNBVAMBGOJSWMVLSNQ6SM5DZOBST26TFNUTHM2LEHU3DGOBQHEZTAOJTGEZTAOJTHAZDKMRXGY4DGMRSGA2DAMBQKYYTAJTWONUWIPJTGA4TGOBSGUZDONRYGMZDEMBUGAYDAVRRGA HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&ovsid=rlRpjlEWpIGUQPTZSCP0&refUrl=&type=zem&vid=63809309313093825276832204000V10&vsid=3093825276832204000V10
Request Chain 389
  • https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=3093825276832204000V10 HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=medianet&ssp_user_id=3093825276832204000V10 HTTP 302
  • https://contextual.media.net/cksync.php?type=mf&ovsid=12139009-7b06-47ad-9e17-46e42eaf44f9&cs=1
Request Chain 391
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=18e01040-c1b4-4d65-84d0-2effa943fb60
Request Chain 399
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Request Chain 401
  • https://pixel.rubiconproject.com/exchange/sync.php?p=13702&gdpr=0&gdpr_consent=&us_privacy=1YN-& HTTP 302
  • https://x.yieldlift.com/setuid?bidder=rubicon&uid=L9IW6FUB-20-2PMU&gdpr=0&us_privacy=1YN-
Request Chain 402
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID HTTP 302
  • https://ads.servenobid.com/sync?pid=312&uid=7501827152657204586
Request Chain 403
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D HTTP 302
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=310&uid=FhQXCRZHLgQHpK1sSwOYRtmy
Request Chain 404
  • https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID&sovrn_retry=true HTTP 307
  • https://ads.servenobid.com/sync?pid=310&uid=FhQXELZHNPf978mLShyWL_ks
Request Chain 405
  • https://x.yieldlift.com/getuid?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D314%26uid%3D%24UID HTTP 301
  • https://ads.servenobid.com/sync?pid=314&uid=05451b47-381e-4905-82a7-82f375d37a41
Request Chain 406
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1666380931441 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3990119685 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/18e01040-c1b4-4d65-84d0-2effa943fb60 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-a8b9b933-ce2c-46f4-ac41-fa365bd7ab5c-004?redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3093825276832204000V10%26type%3Dr1%26refUrl%3D%26vid%3D63809309313093825276832204000V10%26ovsid%3DRX-a8b9b933-ce2c-46f4-ac41-fa365bd7ab5c-004 HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3093825276832204000V10&type=r1&refUrl=&vid=63809309313093825276832204000V10&ovsid=RX-a8b9b933-ce2c-46f4-ac41-fa365bd7ab5c-004
Request Chain 407
  • https://p.rfihub.com/cm?pub=44007&in=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=324&uid=2018245962786263650
Request Chain 408
  • https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D HTTP 302
  • https://ads.servenobid.com/sync?pid=332&uid=df706057-6329-4283-b6f7-4050a7e3cd51
Request Chain 409
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D HTTP 302
  • https://ssp.disqus.com/redirectuser?partner=adaptmx&gdpr=1&gdpr_consent=&us_privacy=1YN-&r=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%2F3375%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26A%3D35547a94-3441-442f-9002-2b0d5ff75255%26bidder%3Dzeta%26cbx%3DaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%253D%26uid%3D%24UID HTTP 302
  • https://ce.lijit.com/merge?pid=279534&3pid=ua-b07ac557-c0e1-3731-a38b-3b3cfcfb4955&gdpr=0&gdpr_consent=&us_privacy=&location=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D12%26buyeruid%3D%5BSOVRNID%5D%26r%3DCid1YS1iMDdhYzU1Ny1jMGUxLTM3MzEtYTM4Yi0zYjNjZmNmYjQ5NTUq7AFodHRwczovL3ByZWJpZC5hLW1vLm5ldC9jY2hhaW4vMS8zMzc1P2dkcHI9MCZnZHByX2NvbnNlbnQ9JnVzX3ByaXZhY3k9MVlOLSZBPTM1NTQ3YTk0LTM0NDEtNDQyZi05MDAyLTJiMGQ1ZmY3NTI1NSZiaWRkZXI9emV0YSZjYng9YUhSMGNITTZMeTloWkhNdWMyVnlkbVZ1YjJKcFpDNWpiMjB2YzNsdVl6OXdhV1E5TXpJM0puVnBaRDAlM0QmdWlkPXVhLWIwN2FjNTU3LWMwZTEtMzczMS1hMzhiLTNiM2NmY2ZiNDk1NTICDBI4AQ== HTTP 302
  • https://ssp.disqus.com/match?bidder=12&buyeruid=FhQXCRZHLgQHpK1sSwOYRtmy&r=Cid1YS1iMDdhYzU1Ny1jMGUxLTM3MzEtYTM4Yi0zYjNjZmNmYjQ5NTUq7AFodHRwczovL3ByZWJpZC5hLW1vLm5ldC9jY2hhaW4vMS8zMzc1P2dkcHI9MCZnZHByX2NvbnNlbnQ9JnVzX3ByaXZhY3k9MVlOLSZBPTM1NTQ3YTk0LTM0NDEtNDQyZi05MDAyLTJiMGQ1ZmY3NTI1NSZiaWRkZXI9emV0YSZjYng9YUhSMGNITTZMeTloWkhNdWMyVnlkbVZ1YjJKcFpDNWpiMjB2YzNsdVl6OXdhV1E5TXpJM0puVnBaRDAlM0QmdWlkPXVhLWIwN2FjNTU3LWMwZTEtMzczMS1hMzhiLTNiM2NmY2ZiNDk1NTICDBI4AQ== HTTP 302
  • https://sync.go.sonobi.com/us?gdpr=0&gdpr_consent=&us_privacy=&loc=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D18%26buyeruid%3D%5BUID%5D%26r%3DCid1YS1iMDdhYzU1Ny1jMGUxLTM3MzEtYTM4Yi0zYjNjZmNmYjQ5NTUq7AFodHRwczovL3ByZWJpZC5hLW1vLm5ldC9jY2hhaW4vMS8zMzc1P2dkcHI9MCZnZHByX2NvbnNlbnQ9JnVzX3ByaXZhY3k9MVlOLSZBPTM1NTQ3YTk0LTM0NDEtNDQyZi05MDAyLTJiMGQ1ZmY3NTI1NSZiaWRkZXI9emV0YSZjYng9YUhSMGNITTZMeTloWkhNdWMyVnlkbVZ1YjJKcFpDNWpiMjB2YzNsdVl6OXdhV1E5TXpJM0puVnBaRDAlM0QmdWlkPXVhLWIwN2FjNTU3LWMwZTEtMzczMS1hMzhiLTNiM2NmY2ZiNDk1NTICDBI4Ag== HTTP 302
  • https://ssp.disqus.com/match?bidder=18&buyeruid=20df790f-4995-4e4f-ab36-7295cf1a8301&r=Cid1YS1iMDdhYzU1Ny1jMGUxLTM3MzEtYTM4Yi0zYjNjZmNmYjQ5NTUq7AFodHRwczovL3ByZWJpZC5hLW1vLm5ldC9jY2hhaW4vMS8zMzc1P2dkcHI9MCZnZHByX2NvbnNlbnQ9JnVzX3ByaXZhY3k9MVlOLSZBPTM1NTQ3YTk0LTM0NDEtNDQyZi05MDAyLTJiMGQ1ZmY3NTI1NSZiaWRkZXI9emV0YSZjYng9YUhSMGNITTZMeTloWkhNdWMyVnlkbVZ1YjJKcFpDNWpiMjB2YzNsdVl6OXdhV1E5TXpJM0puVnBaRDAlM0QmdWlkPXVhLWIwN2FjNTU3LWMwZTEtMzczMS1hMzhiLTNiM2NmY2ZiNDk1NTICDBI4Ag== HTTP 302
  • https://prebid.a-mo.net/cchain/1/3375?gdpr=0&gdpr_consent=&us_privacy=1YN-&A=35547a94-3441-442f-9002-2b0d5ff75255&bidder=zeta&cbx=aHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%3D&uid=ua-b07ac557-c0e1-3731-a38b-3b3cfcfb4955
Request Chain 410
  • https://ups.analytics.yahoo.com/ups/58559/occ HTTP 302
  • https://ads.servenobid.com/sync?pid=337&uid=y-c5fyyUdE2uEOxIbgqdveLPIxgfn3Pl14hvZy53I-~A
Request Chain 411
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID HTTP 302
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D6%26r%3DCid1YS1iMDdhYzU1Ny1jMGUxLTM3MzEtYTM4Yi0zYjNjZmNmYjQ5NTUqU2h0dHBzOi8vYWRzLnNlcnZlbm9iaWQuY29tL3N5bmM_cGlkPTM0NiZ1aWQ9dWEtYjA3YWM1NTctYzBlMS0zNzMxLWEzOGItM2IzY2ZjZmI0OTU1MgEGOAE=%26buyeruid%3D HTTP 302
  • https://cm.adform.net/cookie?gdpr=1&gdpr_consent=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F5034%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26A%3D35547a94-3441-442f-9002-2b0d5ff75255%26bidder%3Dadform%26cbx%3DaHR0cHM6Ly9zc3AuZGlzcXVzLmNvbS9tYXRjaD9iaWRkZXI9NiZyPUNpZDFZUzFpTURkaFl6VTFOeTFqTUdVeExUTTNNekV0WVRNNFlpMHpZak5qWm1ObVlqUTVOVFVxVTJoMGRIQnpPaTh2WVdSekxuTmxjblpsYm05aWFXUXVZMjl0TDNONWJtTV9jR2xrUFRNME5pWjFhV1E5ZFdFdFlqQTNZV00xTlRjdFl6QmxNUzB6TnpNeExXRXpPR0l0TTJJelkyWmpabUkwT1RVMU1nRUdPQUU9JmJ1eWVydWlkPQ%253D%253D%26uid%3D%24UID
Request Chain 412
  • https://ups.analytics.yahoo.com/ups/58632/occ HTTP 302
  • https://ads.servenobid.com/sync?pid=339&uid=y-c5fyyUdE2uEOxIbgqdveLPIxgfn3Pl14hvZy53I-~A
Request Chain 413
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YzgwNjQxZTQwMzk4MWU3ZmI4ODIxMWVhNjAyOWE0YTAwNWEwMDQ4OA
Request Chain 414
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L9IW6FUB-20-2PMU
Request Chain 415
  • https://match.adsrvr.org/track/cmf/rubicon HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=18e01040-c1b4-4d65-84d0-2effa943fb60&gdpr=0&gdpr_consent=&expires=30
Request Chain 416
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=DfCxBu6QTsGUk3OAgplEqg&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=DfCxBu6QTsGUk3OAgplEqg
Request Chain 417
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlJVzZGVUItMjAtMlBNVQ==
Request Chain 418
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEChKtZHZaYkJy7P2Wgjs05g&google_cver=1
Request Chain 419
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/fWIbB3ZiRpCdwEBAWlyIl8n5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=5263484574989854185
Request Chain 420
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=CaBfaWD2RxivxA6KJY0rZA&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=CaBfaWD2RxivxA6KJY0rZA
Request Chain 422
  • https://x.bidswitch.net/sync?ssp=smartadserver&gdpr=0&gdpr_consent= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/iponweb?bidswitch_ssp_id=smartadserver&ssp_user_id=e8e30d2f-61ec-4802-a103-57a098722b8a&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=74&&user_id=171250804&expires=5 HTTP 302
  • https://cs.chocolateplatform.com/sync/bidder?advid=2008&bcid=e8e30d2f-61ec-4802-a103-57a098722b8a
Request Chain 423
  • https://match.sharethrough.com/universal/v1?supply_id=v5hJK9Sl&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=147&partneruserid=c50f71fb-bfb6-4703-bfcb-c715dac86373&gdpr=0
Request Chain 424
  • https://id5-sync.com/i/102/9.gif?gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/102/0/9/1.gif?gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=111&partneruserid=ID5-ZHMO8DMmDL84h49eWx_ZFSD7zcveHOZoiqh8g21Mtg&redirurl=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F102%2F8%2F2.gif%3Fpuid%3DSMART_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/102/102/8/2.gif?puid=4154198403221592019&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F10%2F7%2F3.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0 HTTP 302
  • https://id5-sync.com/c/102/10/7/3.gif?puid=4043691463762702402&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/k/264.gif?puid=18e01040-c1b4-4d65-84d0-2effa943fb60&ttl=%%TTL%% HTTP 302
  • https://uipglob.semasio.net/id5/1/get?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F112%2F5%2F5.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D
Request Chain 427
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7501827152657204586
Request Chain 428
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=c2dc6352-f481-4700-a9d3-3ff400100b3b
Request Chain 429
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y1L0firY8LwSZ3dE2ufZVAAAEk4AAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/Y1L0firY8LwSZ3dE2ufZVAAAEk4AAAIB
Request Chain 430
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=8843692322208152390
Request Chain 431
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y1L0firY8LwSZ3dE2ufZVAAAEk4AAAIB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y1L0firY8LwSZ3dE2ufZVAAAEk4AAAIB&dcc=t
Request Chain 432
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y1L0firY8LwSZ3dE2ufZVAAAEk4AAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEL5G5H_bZHXIgbcwuAeoCuE&google_cver=1
Request Chain 433
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=KllpDhQH1OLXNL5
Request Chain 434
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=86ec32fa-56a3-84cd-1ee71360
Request Chain 437
  • https://c1.adform.net/serving/cookie/match?party=14&cid=951AD2CF-7A6E-400E-A9F4-CFC29AD75D3C HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=951AD2CF-7A6E-400E-A9F4-CFC29AD75D3C
Request Chain 438
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:c2dc6352-f481-4700-a9d3-3ff400100b3b&gdpr=0&gdpr_consent=
Request Chain 439
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y1L0fwAAAMvh4wAK&gdpr=0&gdpr_consent=
Request Chain 440
  • https://cm.ambientdsp.com/cm/send?vc=pmj HTTP 301
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=xiolsqy0zzz
Request Chain 441
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=H51zzE-acZgElyCYGZprxxmbJJgEzX-cEJ56tnap
Request Chain 442
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7501827152657204586&gdpr=0&gdpr_consent=
Request Chain 444
  • https://sync.srv.stackadapt.com/sync?nid=11 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=kEoEJVJTS-NBAvTVnKfN-K310YI
Request Chain 446
  • https://gocm.c.appier.net/pubmatic HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=UoafA6vpA5KnzS7HhPRSYw
Request Chain 447
  • https://ipac.ctnsnet.com/int/cm?exc=14&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA%3D%26piggybackCookie%3D%5Buser_id%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=babaf9eaa4af433e8dceb3bca6b77cbf
Request Chain 449
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:KllpDhQH1OLXNL5&gdpr=0&gdpr_consent=
Request Chain 450
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=870b7612-5177-11ed-ae01-54a68b330875
Request Chain 451
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-a8b9b933-ce2c-46f4-ac41-fa365bd7ab5c-004&rndcb=8191113242 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=adconductor&bsw_param=e8e30d2f-61ec-4802-a103-57a098722b8a&google_hm=ZThlMzBkMmYtNjFlYy00ODAyLWExMDMtNTdhMDk4NzIyYjhh HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEJmz9-BvqxHbnWDEwD4esbk&google_cver=1&ssp=adconductor&bsw_param=e8e30d2f-61ec-4802-a103-57a098722b8a HTTP 302
  • https://sync.1rx.io/usersync/bidswitch/e8e30d2f-61ec-4802-a103-57a098722b8a?gdpr=&gdpr_consent= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-a8b9b933-ce2c-46f4-ac41-fa365bd7ab5c-004?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-a8b9b933-ce2c-46f4-ac41-fa365bd7ab5c-004 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rhy&i=RX-a8b9b933-ce2c-46f4-ac41-fa365bd7ab5c-004
Request Chain 452
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID HTTP 302
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=ce7d40a3-0357-428b-b4d3-1d0b87ad79e1-tucta4c7a04&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Request Chain 453
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 457
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=lRrSz3puQA6p9M_CmtddPA%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 458
  • https://idsync.rlcdn.com/420486.gif?partner_uid=951AD2CF-7A6E-400E-A9F4-CFC29AD75D3C HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CIbVGRIwCiwIARCMowEaJDk1MUFEMkNGLTdBNkUtNDAwRS1BOUY0LUNGQzI5QUQ3NUQzQxAAGg0IhOnLmgYSBQjoBxAAQgBKAA HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=255fd4bfec8ce5e9c06b5d8fe128ee772e4d5f0de0e1a7de9ee8e6e8c614415c791426b5417dce21&_=2 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlAyNTVmZDRiZmVjOGNlNWU5YzA2YjVkOGZlMTI4ZWU3NzJlNGQ1ZjBkZTBlMWE3ZGU5ZWU4ZTZlOGM2MTQ0MTVjNzkxNDI2YjU0MTdkY2UyMRAAGgwIhenLmgYSBAgCEABCAEoA HTTP 302
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlAyNTVmZDRiZmVjOGNlNWU5YzA2YjVkOGZlMTI4ZWU3NzJlNGQ1ZjBkZTBlMWE3ZGU5ZWU4ZTZlOGM2MTQ0MTVjNzkxNDI2YjU0MTdkY2UyMRAAGgwIhenLmgYSBAgCEABCAEoA&google_gid=CAESEGgSLY1kWY2KIcKVyfMMjpA&google_cver=1 HTTP 307
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3= HTTP 303
  • https://idsync.rlcdn.com/458249.gif?partner_uid=4a436b30-4552-41a6-979b-56f4610f183b
Request Chain 459
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=c2dc6352-f481-4700-a9d3-3ff400100b3b
Request Chain 460
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OTUxQUQyQ0YtN0E2RS00MDBFLUE5RjQtQ0ZDMjlBRDc1RDND&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 461
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIntVG9b059DkTZ1v8kX0kc&google_cver=1
Request Chain 462
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:D2EB9873C83048939AA9FBD5914232D7
Request Chain 464
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=18e01040-c1b4-4d65-84d0-2effa943fb60
Request Chain 465
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=e8e30d2f-61ec-4802-a103-57a098722b8a&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=283&user_id=483b58d4-3f5f-440d-8278-60f297733297&expires=1&user_group=5&ssp=pubmatic&bsw_param=e8e30d2f-61ec-4802-a103-57a098722b8a HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=e8e30d2f-61ec-4802-a103-57a098722b8a&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 466
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7501827152657204586
Request Chain 467
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=6128369374465870102
Request Chain 468
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=951AD2CF-7A6E-400E-A9F4-CFC29AD75D3C&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-cx6zJGFE2uVweh70c2MiogK35NIVwFA-~A&gdpr=0&gdpr_consent=
Request Chain 469
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8843692322208152390&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 470
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=951AD2CF-7A6E-400E-A9F4-CFC29AD75D3C&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=44485eab1fbd2073&is_secure=true&networkId=17100&version=1&nuid=951AD2CF-7A6E-400E-A9F4-CFC29AD75D3C&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAALh0NjBEZirgMJcNMTAAAAAAA&expiration=1666467332&nuid=951AD2CF-7A6E-400E-A9F4-CFC29AD75D3C&is_secure=true&gdpr_consent=&gdpr=0
Request Chain 472
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=7501827152657204586
Request Chain 473
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=a_75af814b-815e-4c7d-9911-b60a8e3f6069&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://cms.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=gumgum2&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=gumgum2&gdpr=0&user_id=txJPsOcVTeSsGBzksRVXu7EUGOSsQkPguBGdeaOq HTTP 302
  • https://usersync.gumgum.com/usersync?b=bsw&i=e8e30d2f-61ec-4802-a103-57a098722b8a
Request Chain 474
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28zqhvZCSPafKJJF8vOzFiGd6ix7dMJs8OzBJMG91UO8vKMJFrNuQ3u4ZVU0geYAFQ%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28zqhvZCSPafKJJF8vOzFiGd6ix7dMJs8OzBJMG91UO8vKMJFrNuQ3u4ZVU0geYAFQ%29 HTTP 302
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=a_75af814b-815e-4c7d-9911-b60a8e3f6069&obuid=ENC(zqhvZCSPafKJJF8vOzFiGd6ix7dMJs8OzBJMG91UO8vKMJFrNuQ3u4ZVU0geYAFQ) HTTP 302
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51 HTTP 302
  • https://ib.adnxs.com/getuid?https://sync.outbrain.com/cookie-sync?p=appnexus&uid=$UID&obUid=zqhvZCSPafKJJF8vOzFiGd6ix7dMJs8OzBJMG91UO8vKMJFrNuQ3u4ZVU0geYAFQ&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=appnexus&uid=7501827152657204586&obUid=zqhvZCSPafKJJF8vOzFiGd6ix7dMJs8OzBJMG91UO8vKMJFrNuQ3u4ZVU0geYAFQ&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA
Request Chain 475
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=b459f1e4-30a8-445a-95f4-e2e7a1580bb7
Request Chain 476
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-904a0425-5253-4be3-4102-f4d59ca7cdf8$ip$173.245.209.130
Request Chain 477
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=oth&i=y-bo_.92ZE2pfOTK8tvXj1a81ojKKl_IE4x7w3~A
Request Chain 478
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=f216d31b-0b31-4487-a527-37d830980be9
Request Chain 481
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=a_75af814b-815e-4c7d-9911-b60a8e3f6069&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=rlRpjlEWpIGUQPTZSCP0&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT24TMKJYGU3CFK5YESR2VKFIFIWSTINIDAJTVONPXA4TJOZQWG6J5GEWS2LI&gdpr=0&us_privacy=1--- HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT24TMKJYGU3CFK5YESR2VKFIFIWSTINIDAJTVONPXA4TJOZQWG6J5GEWS2LI HTTP 302
  • https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=rlRpjlEWpIGUQPTZSCP0&us_privacy=1---
Request Chain 482
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=idi&i=64369d98-8a2d-4a3c-9cc2-63ebe2b53a2c
Request Chain 483
  • https://sync.1rx.io/usersync2/floor6?gdpr=0&gdpr_consent=&dspret=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D HTTP 302
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-a8b9b933-ce2c-46f4-ac41-fa365bd7ab5c-004&rndcb=7808810580 HTTP 302
  • https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=adconductor&bsw_custom_parameter=e8e30d2f-61ec-4802-a103-57a098722b8a&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=283&user_id=d6e551d6-3816-42c7-ac76-372dc8eb941e&expires=1&user_group=5&ssp=adconductor&bsw_param=e8e30d2f-61ec-4802-a103-57a098722b8a HTTP 302
  • https://sync.1rx.io/usersync/bidswitch/e8e30d2f-61ec-4802-a103-57a098722b8a?gdpr=&gdpr_consent= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-a8b9b933-ce2c-46f4-ac41-fa365bd7ab5c-004
Request Chain 484
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://usersync.gumgum.com/usersync?b=pln&i=83KN0WGY7VlW&ev=1&pid=558355
Request Chain 485
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sad&i=4154198403221592019
Request Chain 489
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
  • https://usersync.gumgum.com/usersync?b=mmh&i=c2dc6352-f481-4700-a9d3-3ff400100b3b&gdpr=0&gdpr_consent=
Request Chain 490
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=atm&i=Y1L0fwAAAMvh4wAK&gdpr=0&gdpr_consent=
Request Chain 493
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=ttd&i=18e01040-c1b4-4d65-84d0-2effa943fb60
Request Chain 495
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=Y1L0hMCo8XUAACBNFdwAAAAA
Request Chain 496
  • https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=iex&i=Y1L0firY8LwSZ3dE2ufZVAAA%264686
Request Chain 497
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=b7gTcOouOLY3xsQPdykv&pi=gumgum&tc=1
Request Chain 498
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 499
  • https://pixel.rubiconproject.com/exchange/sync.php?p=medianet&khaos=L9IW6FUB-20-2PMU HTTP 302
  • https://contextual.media.net/cksync.php?type=rbcn&ovsid=L9IW6FUB-20-2PMU
Request Chain 500
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=duration_media&khaos=L9IW6FUB-20-2PMU HTTP 302
  • https://ads.servenobid.com/sync?pid=323&uid=L9IW6FUB-20-2PMU
Request Chain 503
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=L9IW6FUB-20-2PMU HTTP 302
  • https://usersync.gumgum.com/usersync?b=mag&i=L9IW6FUB-20-2PMU
Request Chain 509
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:D2EB9873C83048939AA9FBD5914232D7
Request Chain 513
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=951AD2CF-7A6E-400E-A9F4-CFC29AD75D3C HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=e6dd36e3-0a67-4488-b839-23f315d550e5%252C&gdpr=0&gdpr_consent=

514 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request hai-jun-xin-yi-pi-sheng-chang-qi-ban-fei-xing-xue-yuan-jie-ye-you-ge-xin-tu-po.html
www.bg3.co/a/ 		46 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.bg3.co/a/hai-jun-xin-yi-pi-sheng-chang-qi-ban-fei-xing-xue-yuan-jie-ye-you-ge-xin-tu-po.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
84.17.37.44 Central, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-84-17-37-44.cdn77.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
afaabe4aa45aec789f7eea4145a2ca4af22065314b47a27383d0649451cfbf31

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
max-age=3600
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Fri, 21 Oct 2022 19:35:20 GMT
ETag
"b807-ctpZE5eFWQRlGsIHZAsSkrSdbts"
Expires
Fri, 21 Oct 2022 20:35:20 GMT
Server
nginx/1.18.0 (Ubuntu)
Transfer-Encoding
chunked
Vary
Accept-Encoding
v0.js
cdn.ampproject.org/ 		276 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-jun-xin-yi-pi-sheng-chang-qi-ban-fei-xing-xue-yuan-jie-ye-you-ge-xin-tu-po.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
280f65f41d5c1f1c884ca450563c5830c78c3157ca8ae30083d52f653f672997
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Fri, 21 Oct 2022 19:35:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
72627
x-xss-protection
0
server
sffe
etag
"94dc74ec042f425a"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3000, stale-while-revalidate=1206600
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 21 Oct 2022 19:35:20 GMT
amp-sidebar-0.1.js
cdn.ampproject.org/v0/ 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-sidebar-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-jun-xin-yi-pi-sheng-chang-qi-ban-fei-xing-xue-yuan-jie-ye-you-ge-xin-tu-po.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
d2ed3fd545568285345130ea7f5bb020dc63073584458309435e74476ffa462a
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Fri, 21 Oct 2022 19:35:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9676
x-xss-protection
0
server
sffe
etag
"89bc2298b0b5dac0"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 21 Oct 2022 19:35:20 GMT
amp-auto-ads-0.1.js
cdn.ampproject.org/v0/ 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-auto-ads-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-jun-xin-yi-pi-sheng-chang-qi-ban-fei-xing-xue-yuan-jie-ye-you-ge-xin-tu-po.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
a0aed5d6070276dcbf847b073b7d275ae9fce1b5759926b8486938019f13223a
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Fri, 21 Oct 2022 19:35:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7580
x-xss-protection
0
server
sffe
etag
"fa5fea1d25453090"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 21 Oct 2022 19:35:20 GMT
amp-analytics-0.1.js
cdn.ampproject.org/v0/ 		109 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-analytics-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-jun-xin-yi-pi-sheng-chang-qi-ban-fei-xing-xue-yuan-jie-ye-you-ge-xin-tu-po.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
4a8014be2573ce560209a78fe2804b55f842c366f3de407fb85a56ae70f737fd
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Fri, 21 Oct 2022 19:35:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31959
x-xss-protection
0
server
sffe
etag
"4e6c8ca7bdbf4727"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 21 Oct 2022 19:35:20 GMT
sdk
cdn.aralego.net/ucfad/sdk/apac-sg/
Redirect Chain
  • https://ads.aralego.com/sdk
  • https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
43 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-jun-xin-yi-pi-sheng-chang-qi-ban-fei-xing-xue-yuan-jie-ye-you-ge-xin-tu-po.html
Protocol
H2
Server
104.26.4.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
28bf646c6e799ca96adb3a5b48fe882639d31e27102cad9ed2979555da55944a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:35:21 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1918
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43705
last-modified
Thu, 22 Sep 2022 10:10:22 GMT
server
cloudflare
etag
"632c348e-aab9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YjZe72Bo8FXwuY0Es9yG1PrDgVLjZgHhfZAWJ33luO45d9IzPPzhXFrZIpZRoM8KZC9wt6R1IoHarsSq15epzBiJTGTpOjTf0JDcxtjQJs0bLXN%2Bpnr8oCsGDFrSmb52gA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
75dc6f97ac66a829-SYD

Redirect headers

Location
https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
Connection
close
Content-length
0
adRecover.js
delivery.adrecover.com/43519/ 		34 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://delivery.adrecover.com/43519/adRecover.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-jun-xin-yi-pi-sheng-chang-qi-ban-fei-xing-xue-yuan-jie-ye-you-ge-xin-tu-po.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.144 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-144.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
91e8bd3a37b3a0951444714dc07c68417ac878ebf22d8c7b0d10b1ce3fec1122

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AU
date
Fri, 21 Oct 2022 19:35:21 GMT
content-encoding
br
last-modified
Fri, 21 Oct 2022 07:00:28 GMT
server
nginx/1.18.0
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=119
x-cf-geodata
AU
content-length
9035
expires
Fri, 21 Oct 2022 20:35:21 GMT
adpushup.js
cdn.adpushup.com/42753/ 		479 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/adpushup.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-jun-xin-yi-pi-sheng-chang-qi-ban-fei-xing-xue-yuan-jie-ye-you-ge-xin-tu-po.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.161 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-161.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
293fc15c33edf25fff2ef66e3b4d300e21de6a3ed7e6ed2441827fb34a3cf4d4

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AU
date
Fri, 21 Oct 2022 19:35:21 GMT
content-encoding
br
last-modified
Wed, 05 Oct 2022 09:36:33 GMT
server
nginx/1.18.0
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=1
x-cf-geodata
AU
content-length
105274
expires
Fri, 21 Oct 2022 20:35:21 GMT
jquery-2.2.2.min.js
code.jquery.com/ 		84 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-2.2.2.min.js
Requested by
Host: delivery.adrecover.com
URL: https://delivery.adrecover.com/43519/adRecover.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
tlb.hwcdn.net
Software
nginx /
Resource Hash
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:35:22 GMT
content-encoding
gzip
last-modified
Fri, 20 Aug 2021 17:47:53 GMT
server
nginx
etag
W/"611feac9-14e98"
vary
Accept-Encoding
x-hw
1666380922.dop089.sj3.t,1666380922.cds205.sj3.hn,1666380922.cds210.sj3.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
29880
4ad9867da110ff5af1bcdee8729b0c84.jpg
static.bg3.co/imgs/202208/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202208/4ad9867da110ff5af1bcdee8729b0c84.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-jun-xin-yi-pi-sheng-chang-qi-ban-fei-xing-xue-yuan-jie-ye-you-ge-xin-tu-po.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
74440a611a3743fc1029a006d02b5075af3e20a46d7a4e77ef7e05a38464d4d5

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:35:22 GMT
cf-cache-status
MISS
last-modified
Wed, 31 Aug 2022 02:15:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"4AD9867DA110FF5AF1BCDEE8729B0C84"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FwCuVBXEG4MAkEilK%2BCIduKMp%2FLwbcvo7mKPxxPLC86IFD7CKZP0JhEaetuSz7w6uT2m4Rv5qNoi4sdK2%2BnoNvrddiyzcIMX%2FuXLJXIAP%2FLtEadJI6Ae3klXZM2h9Wc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
75dc6f9999d15515-SYD
content-length
12528
expires
Fri, 28 Oct 2022 19:35:22 GMT
c5df7e233f8eefb2246025af94edfef4.jpg
static.bg3.co/imgs/202207/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202207/c5df7e233f8eefb2246025af94edfef4.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-jun-xin-yi-pi-sheng-chang-qi-ban-fei-xing-xue-yuan-jie-ye-you-ge-xin-tu-po.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df10dd06d129115a2c661ed3b19d55cb62e21fcc23ada41b0dd1b98fc7cad9a9

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:35:22 GMT
cf-cache-status
MISS
last-modified
Fri, 22 Jul 2022 00:44:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"C5DF7E233F8EEFB2246025AF94EDFEF4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UpxMCY7jMsfz%2FUbj2R2FTupy4ftXpHq81oRMPMc7xWVDQrpMaLrbeoK44Rwxj7ix4fpXmHh7f38gybaIs2BJCU5zRa6KiFOS0TFWDksvpdNqa2lkNwAkk9SaIWLiF3c%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
75dc6f9909975515-SYD
content-length
5528
expires
Fri, 28 Oct 2022 19:35:22 GMT
ad6788cdbb73c11b6f3442fc68539c6f.jpg
static.bg3.co/imgs/202105/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/ad6788cdbb73c11b6f3442fc68539c6f.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-jun-xin-yi-pi-sheng-chang-qi-ban-fei-xing-xue-yuan-jie-ye-you-ge-xin-tu-po.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce1b5d2df4ec789b656829714d84c7d235b7694e1812492dd5faf99c17324b08

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:35:22 GMT
cf-cache-status
MISS
last-modified
Fri, 28 May 2021 15:50:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"AD6788CDBB73C11B6F3442FC68539C6F"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FVQEsV6Y2W2Av2MxEDpK9kRSsC62OkXgBaMNgDiMZI8Qv2qevhJc1Di5EHDyH%2BnCQNV1qJJEEPg1zEFDge3k%2FVZzT6luFUuejXrNswsJqsADCB1c%2BYnOLC0LVsCK4HA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
75dc6f9909985515-SYD
content-length
5876
expires
Fri, 28 Oct 2022 19:35:22 GMT
1e10399e8e9757cbdbcf93d67a9a1506.jpg
static.bg3.co/imgs/202207/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202207/1e10399e8e9757cbdbcf93d67a9a1506.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-jun-xin-yi-pi-sheng-chang-qi-ban-fei-xing-xue-yuan-jie-ye-you-ge-xin-tu-po.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
377a3b76c64a751f7487f248a658068f56cc9b77184476c8b0bfaefa5f14df33

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:35:22 GMT
cf-cache-status
MISS
last-modified
Fri, 22 Jul 2022 11:31:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"1E10399E8E9757CBDBCF93D67A9A1506"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L2g46jLjn1wBMhSCG%2F3WFMb%2F7uZbIn6juCo2pwBkdopCoR7xNg0Nr6obMXgaZfu%2FzT6NFg433N6K%2FRIflfQ3ekcHZClsgvv31EG6HwLgfGo6Qk8Ge%2BzsvxKfEl4SC3E%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
75dc6f9909925515-SYD
content-length
8011
expires
Fri, 28 Oct 2022 19:35:22 GMT
13704e9588e1e629899cee378aeb0c31.jpg
static.bg3.co/imgs/202106/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/13704e9588e1e629899cee378aeb0c31.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-jun-xin-yi-pi-sheng-chang-qi-ban-fei-xing-xue-yuan-jie-ye-you-ge-xin-tu-po.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f98288f80f8f6efa924dda183adac93bd524bbe2ad91c988b22991a4f7c813d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:35:22 GMT
cf-cache-status
MISS
last-modified
Wed, 09 Jun 2021 20:49:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"13704E9588E1E629899CEE378AEB0C31"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yA1%2F6Uj7vl%2FqDlAkABqehKZ7VGTq39F0t3tY9cpBYsGRYCcSra6YOIo7%2BoRU9n1kXJuJHLehMz%2FY8WVTvFW7i37m8AsyuMNzK9TDvGxnGwjkV1sIf8zP9bk7l3C5cVc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
75dc6f9909935515-SYD
content-length
4510
expires
Fri, 28 Oct 2022 19:35:22 GMT
074c271f411352070c66b65eb3801179.jpg
static.bg3.co/imgs/202108/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202108/074c271f411352070c66b65eb3801179.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-jun-xin-yi-pi-sheng-chang-qi-ban-fei-xing-xue-yuan-jie-ye-you-ge-xin-tu-po.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c62c94bdfb94071467f04fe908771c6a506339dc14d4b7746627b0a48308711

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:35:22 GMT
cf-cache-status
MISS
last-modified
Fri, 06 Aug 2021 03:11:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"074C271F411352070C66B65EB3801179"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kZQT%2BbQxPxNFi7EZjpsY4RDfHMwlJGLD5JXB7wdPGaZeTSGj2g%2B9858XqVIBl6tpHxgbHMeSwdPe95dEm3F8zUqZ95Jss2gRGvEVlOpBvYch%2F8JJCOFaNmtaSRBytPM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
75dc6f9909955515-SYD
content-length
2847
expires
Fri, 28 Oct 2022 19:35:22 GMT
309cd2178537b6c037d1133a91ccd985.jpg
static.bg3.co/imgs/202105/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/309cd2178537b6c037d1133a91ccd985.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-jun-xin-yi-pi-sheng-chang-qi-ban-fei-xing-xue-yuan-jie-ye-you-ge-xin-tu-po.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
474fd7065e109e9c3a71ef4bd08ade415a9dd4c4dbec005261f31991172e492c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:35:22 GMT
cf-cache-status
MISS
last-modified
Sun, 30 May 2021 13:52:34 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"309CD2178537B6C037D1133A91CCD985"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BVuA6PLX82d0xuhZ%2FwVFp6DpceL0tIxFWOzlbr%2FpECIAZ0IrrOpyNPuyEyQ0c0ojCpeW7vZ%2F4FJ7AD%2BIPDtE6yswbmQ7lxZdJo5UWpEzQdx5hBc%2FAnx9eG6SJQUSMVM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
75dc6f9909945515-SYD
content-length
8944
expires
Fri, 28 Oct 2022 19:35:22 GMT
810d8afc409ac20e489d178efb9f71c7.jpg
static.bg3.co/imgs/202106/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/810d8afc409ac20e489d178efb9f71c7.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-jun-xin-yi-pi-sheng-chang-qi-ban-fei-xing-xue-yuan-jie-ye-you-ge-xin-tu-po.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8712317a2e61de51a70bc8a8554268a5cc3118f22ba81f875a6428cdb42c44a3

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:35:22 GMT
cf-cache-status
MISS
last-modified
Wed, 02 Jun 2021 14:48:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"810D8AFC409AC20E489D178EFB9F71C7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4whq6vq7sF4Cb%2BzfEGLwASVRWVcbvQl7Xm7kkF6gsK6lrDt6nAaMYn38EZVZuAR1TYxerqVyqYdUMLllmzvvAu86hHadF%2FxkxXpo0lTc83wZ5qeipj3rEpZhppGL9mk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
75dc6f9909915515-SYD
content-length
5444
expires
Fri, 28 Oct 2022 19:35:22 GMT
e729da7cf6a5349a4e2ecd3f61f11ab2.jpg
static.bg3.co/imgs/202111/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202111/e729da7cf6a5349a4e2ecd3f61f11ab2.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-jun-xin-yi-pi-sheng-chang-qi-ban-fei-xing-xue-yuan-jie-ye-you-ge-xin-tu-po.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f3534de2f48969db245f439bcd09b861ee17f91e6d471cf3169904f6661c889

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:35:22 GMT
cf-cache-status
MISS
last-modified
Fri, 26 Nov 2021 01:50:17 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"E729DA7CF6A5349A4E2ECD3F61F11AB2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BhseSEDh4ZMhFtr6%2BIjzapYwTsbKd6dJ1OTSjTdMmz4i4GmVmOnV%2FNrsqhj2bC%2FZgZJp0gIDlWVa3xF2eVtztaVJU67JWifo5qVcYaw8nKOmr7mKHB4iZNTEw4MJw%2Fg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
75dc6f9909965515-SYD
content-length
13824
expires
Fri, 28 Oct 2022 19:35:22 GMT
1bb00837864535811fcb645ddce0d795.jpg
static.bg3.co/imgs/202105/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/1bb00837864535811fcb645ddce0d795.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-jun-xin-yi-pi-sheng-chang-qi-ban-fei-xing-xue-yuan-jie-ye-you-ge-xin-tu-po.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
37ea70000680c2a275bdfa33a020a40035e74272a905cdddf5a006de1767d27f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:35:23 GMT
cf-cache-status
MISS
last-modified
Mon, 31 May 2021 07:31:19 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"1BB00837864535811FCB645DDCE0D795"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c0Bdob%2BwqBIG8v%2FaG%2FTpPwrTZqdOx08jDO%2BR4wvOxIw2t5%2FQ2sH7a5ETAjHXliLipwAHCtRbj6xC926Tk8UsCAj2J7GBTChp3qbi2o2N2luOn8DhDg%2B5akESoGToseM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
75dc6fa16cc15515-SYD
content-length
4009
expires
Fri, 28 Oct 2022 19:35:23 GMT
2ef83a453b6972a10fbd99477e3efc75.jpg
static.bg3.co/imgs/202105/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/2ef83a453b6972a10fbd99477e3efc75.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-jun-xin-yi-pi-sheng-chang-qi-ban-fei-xing-xue-yuan-jie-ye-you-ge-xin-tu-po.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
57f40920d21a4a0c901d673fc56fef62254d76acf14198da71950f8936481ab8

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:35:23 GMT
cf-cache-status
MISS
last-modified
Sat, 22 May 2021 15:30:51 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"2EF83A453B6972A10FBD99477E3EFC75"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0l68ocGhJi5scAGawRiJteVwVbKIF%2FCGlYev00a%2Bhtd4h69bO04AgEGGxg7LbNIVkzyGLC8kQoOQSx%2BRVv7VVDE4dCpPh7G08BdUg7kC6K0M8%2BIt8ohqDzQ2jUbPWR4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
75dc6fa16cc25515-SYD
content-length
5061
expires
Fri, 28 Oct 2022 19:35:23 GMT
21024ff01f4ee6070bbe06665890b345.jpg
static.bg3.co/imgs/202106/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/21024ff01f4ee6070bbe06665890b345.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-jun-xin-yi-pi-sheng-chang-qi-ban-fei-xing-xue-yuan-jie-ye-you-ge-xin-tu-po.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bef4f970876b5891897c17f9930c01c31e96099d6564de62503f53f953a07e70

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:35:23 GMT
cf-cache-status
MISS
last-modified
Sat, 05 Jun 2021 06:53:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"21024FF01F4EE6070BBE06665890B345"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LYcp8EWMokinGSvMZuVDvbuO4bFTXtH%2B1NOwLhoUwtuWGglkoSGpem5UVeFCGw0ZmZEeKJ7jxX5rl1lPdXo01TPpmVRMlIVJOBF%2FRXzw6TfDkg9uopn9aaxBgWgs83U%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
75dc6fa2dd5a5515-SYD
content-length
5187
expires
Fri, 28 Oct 2022 19:35:23 GMT
7cdf380dad04f3a1696d09b33f55b11a.jpg
static.bg3.co/imgs/202105/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/7cdf380dad04f3a1696d09b33f55b11a.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-jun-xin-yi-pi-sheng-chang-qi-ban-fei-xing-xue-yuan-jie-ye-you-ge-xin-tu-po.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2813ee0e1c553ed4eaaa05596f3f264fc3d266a94cdf30762cce72725ad0eb8f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:35:23 GMT
cf-cache-status
MISS
last-modified
Tue, 01 Jun 2021 05:58:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"7CDF380DAD04F3A1696D09B33F55B11A"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2AX%2Bo0I0LniSPdB1axI2nlgRKOSroPu%2BNBvFj9Dov1S6TjfJOkwl0oVIjG5%2BmlS1jAUfAt8%2BWMnIVPGZMCZlAOPeQIvrHmw3y5F8PFyu9AdF7flPjx7DTfkupSJdVKc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
75dc6fa2dd5b5515-SYD
content-length
7251
expires
Fri, 28 Oct 2022 19:35:23 GMT
d239a4a563cdfb884fa25c5b9b8b6a85.jpg
static.bg3.co/imgs/202105/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/d239a4a563cdfb884fa25c5b9b8b6a85.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-jun-xin-yi-pi-sheng-chang-qi-ban-fei-xing-xue-yuan-jie-ye-you-ge-xin-tu-po.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d94471246aef9f3fe04c1e4fc2e8377b6ddfdb0f8f13761444161d0d8f2e8fa2

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:35:23 GMT
cf-cache-status
MISS
last-modified
Sun, 30 May 2021 00:05:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"D239A4A563CDFB884FA25C5B9B8B6A85"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7HTaF7%2FX%2Bpj9qO3Yz66v0i%2FNvZcD62oSBfnIX%2F5RpDP28wZsHWblmEmeEqGdTd8rdN8dF3o83Gd2yOPniAEM%2FtpzonLY6IDT0DMq9ucnynDZgxaO44KG24uxIm8y1UM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
75dc6fa2dd5d5515-SYD
content-length
6210
expires
Fri, 28 Oct 2022 19:35:23 GMT
144bcb8c726657e4f4e2d06ca1351b78.jpg
static.bg3.co/imgs/202106/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/144bcb8c726657e4f4e2d06ca1351b78.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-jun-xin-yi-pi-sheng-chang-qi-ban-fei-xing-xue-yuan-jie-ye-you-ge-xin-tu-po.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b6376c014d1a5f9dba7f40a72b3ac60ae4dcf49ac7318f2fc125faf564233b26

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:35:24 GMT
cf-cache-status
MISS
last-modified
Sat, 05 Jun 2021 23:09:34 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"144BCB8C726657E4F4E2D06CA1351B78"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AgzT%2B%2Bg%2BZcbkyWqmKUuoo1yAHzpqMApN5PrDVmZsXVdeBKdYYynehgFnesS7Ff3vEpe%2B%2FVnH%2FHeQSi%2F1ShALDHgLPMQj%2FNXupBms4Ox3dByS9ZjXUtbIyKOw%2BkhA6lU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
75dc6fa51e4d5515-SYD
content-length
8480
expires
Fri, 28 Oct 2022 19:35:24 GMT
5562bdf34fb197fc2cceaf32e4541250.jpg
static.bg3.co/imgs/202111/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202111/5562bdf34fb197fc2cceaf32e4541250.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-jun-xin-yi-pi-sheng-chang-qi-ban-fei-xing-xue-yuan-jie-ye-you-ge-xin-tu-po.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33052d6a85202e35a5a0ee4407cd5ad4f9f3e3b2c0b9d0b567b7cce960fd183c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:35:23 GMT
cf-cache-status
MISS
last-modified
Fri, 05 Nov 2021 02:08:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"5562BDF34FB197FC2CCEAF32E4541250"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BXmR3EvAQBiVRgzCreRPdKzoPZ4Rz4npmTbCwDaCA42l5mrCt6fsrQ2yVpT79835WD0ZzkCIvzGtdm%2FHwRwzQjiVB69yiCyzIjw4zA9MbxmCnw%2Bc4sUxGZ3Ig0XJtTM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
75dc6fa51e4e5515-SYD
content-length
5449
expires
Fri, 28 Oct 2022 19:35:23 GMT
b964d37b750fd46549b72adc35f2049e.jpg
static.bg3.co/imgs/202107/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202107/b964d37b750fd46549b72adc35f2049e.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-jun-xin-yi-pi-sheng-chang-qi-ban-fei-xing-xue-yuan-jie-ye-you-ge-xin-tu-po.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b54520b2ede95b730e62b7351cdc5bd9efee86940ec18fd6168a184be03fd43b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:35:24 GMT
cf-cache-status
MISS
last-modified
Thu, 22 Jul 2021 07:06:47 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"B964D37B750FD46549B72ADC35F2049E"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LkbV6F9J%2Bue3FKG8vGinYiDINTUuP0ExvH0o3Q%2FVBZCZwyCz2vPG%2FX9uGn2FbZaG6Z8hcC2n0hYk7QfwiQ6M%2FwDVAN41QOAjrTgbRI25T4d8Hx%2BuLtKJ%2BSu5Fw3niz0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
75dc6fa51e4f5515-SYD
content-length
9493
expires
Fri, 28 Oct 2022 19:35:24 GMT
892978e13f93d2a4ae55fcdce51eff1b.jpg
static.bg3.co/imgs/202112/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202112/892978e13f93d2a4ae55fcdce51eff1b.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-jun-xin-yi-pi-sheng-chang-qi-ban-fei-xing-xue-yuan-jie-ye-you-ge-xin-tu-po.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
71bddacf24ca4f5f48bdffcb3fb634a1bc8d0dc67cc1b3fa6e4674dfe1fc3901

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:35:24 GMT
cf-cache-status
MISS
last-modified
Mon, 13 Dec 2021 08:19:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"892978E13F93D2A4AE55FCDCE51EFF1B"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zz0jYqPOYK26wMNVBk%2FOxgFqg%2B2WI6xtGGWoun8I3Pr5PUyfQiemCtko8vBYIlXDXfTtO2DwWwlx9rk9gPB8iw3A1rCj7XyOTjPi%2BXXmwRznmFxdJyzjlcV2mbvozHg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
75dc6fa5ae915515-SYD
content-length
5690
expires
Fri, 28 Oct 2022 19:35:24 GMT
e4bb5f7ad6e08310a18b8c5ea587aa16.jpg
static.bg3.co/imgs/202105/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/e4bb5f7ad6e08310a18b8c5ea587aa16.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-jun-xin-yi-pi-sheng-chang-qi-ban-fei-xing-xue-yuan-jie-ye-you-ge-xin-tu-po.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4969b4bf76345402a86ecab8fb5da6d49eb48e1d8100cab5c648581cfe9541e2

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:35:24 GMT
cf-cache-status
MISS
last-modified
Fri, 28 May 2021 15:50:37 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"E4BB5F7AD6E08310A18B8C5EA587AA16"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zqR1HYf%2BJbOpE67oQ8fS57L%2FbGSW%2F0xjElKf%2F%2BNEWIsqjEobCqOHLcSwvSTnbJpPk3Mb7n2w4HWV87kVG6Y6NAmVJBBkW%2BLgF0%2BWpDGhdaxdbLBRX3XyK4rxM9YboTs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
75dc6fa5eea55515-SYD
content-length
4380
expires
Fri, 28 Oct 2022 19:35:23 GMT
3410a23c2f13ff29ff13ab9a42acaaf1.jpg
static.bg3.co/imgs/202203/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202203/3410a23c2f13ff29ff13ab9a42acaaf1.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-jun-xin-yi-pi-sheng-chang-qi-ban-fei-xing-xue-yuan-jie-ye-you-ge-xin-tu-po.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e091a29c92172cbde55adc06d9109071c4d7a1b2aa5a9d283473e0353411d9d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:35:24 GMT
cf-cache-status
MISS
last-modified
Mon, 14 Mar 2022 05:45:37 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"3410A23C2F13FF29FF13AB9A42ACAAF1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NkYCPVz5Q7i3RXEzlEM3bk6uU49UM%2FcnRF0XtXD%2BwVd61J7%2BGCons0Uvg18kPWNGgqwrL%2B6uy5KL%2FjUbPA9dLYhi5OcpqFOfJJW01lNDbNxM2fL0sMwjuXxPXMHQHM4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
75dc6fa6af0d5515-SYD
content-length
17513
expires
Fri, 28 Oct 2022 19:35:24 GMT
6bc4c8417e536d901dde1d1f562dfe25.jpg
static.bg3.co/imgs/202106/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/6bc4c8417e536d901dde1d1f562dfe25.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-jun-xin-yi-pi-sheng-chang-qi-ban-fei-xing-xue-yuan-jie-ye-you-ge-xin-tu-po.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c244523230d04076c228f37eeff99debfa3f8556900282113b39e7e6981462a5

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:35:24 GMT
cf-cache-status
MISS
last-modified
Tue, 01 Jun 2021 11:06:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"6BC4C8417E536D901DDE1D1F562DFE25"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GpxfyHkaSla4sa9tVMzERqWf8fJW4Ox4H0Rfq%2BR%2FJk50YPqBhN0x7yIjQVnOIBgvFxtF83Beiav75Bp43Qp0MOFgyvTXPc6PD3kpl%2Fx4DNVYA3H4OE4wteiaWriBXZk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
75dc6fa6af145515-SYD
content-length
7128
expires
Fri, 28 Oct 2022 19:35:24 GMT
amp-auto-lightbox-0.1.js
cdn.ampproject.org/rtv/012210010655000/v0/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012210010655000/v0/amp-auto-lightbox-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
dd077349a06d9c21c75ffc7b287de576f506a262b218d8a9926dc10145ccf4df
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 18 Oct 2022 22:16:17 GMT
age
249547
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2993
x-xss-protection
0
server
sffe
etag
"a122783c89e19dfb"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 18 Oct 2023 22:16:17 GMT
amp-loader-0.1.js
cdn.ampproject.org/rtv/012210010655000/v0/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012210010655000/v0/amp-loader-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
d54633573668b4703db3bdccede99c1076819aa2bb287773cf8ef5d2bebae418
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 18 Oct 2022 22:16:17 GMT
age
249547
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3839
x-xss-protection
0
server
sffe
etag
"cadad0096bbc82de"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 18 Oct 2023 22:16:17 GMT
jquery-3.6.0.min.js
code.jquery.com/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.6.0.min.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
tlb.hwcdn.net
Software
nginx /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:35:24 GMT
content-encoding
gzip
last-modified
Fri, 20 Aug 2021 17:47:53 GMT
server
nginx
etag
W/"611feac9-15d9d"
vary
Accept-Encoding
x-hw
1666380924.dop089.sj3.t,1666380924.cds205.sj3.hn,1666380924.cds046.sj3.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30875
amp-ad-0.1.js
cdn.ampproject.org/rtv/012210010655000/v0/ 		81 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012210010655000/v0/amp-ad-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
3b17e5d516f9bd51ed05461dcca0a156e97a77768ff453f678a493de698783ec
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 18 Oct 2022 22:16:29 GMT
age
249535
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23041
x-xss-protection
0
server
sffe
etag
"ea9f23854f5e71da"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 18 Oct 2023 22:16:29 GMT
ama
pagead2.googlesyndication.com/getconfig/ 		5 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/ama?client=ca-pub-3216231935713038&plah=www.bg3.co&ama_t=amp&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-jun-xin-yi-pi-sheng-chang-qi-ban-fei-xing-xue-yuan-jie-ye-you-ge-xin-tu-po.html&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
d032f559abab05823fd5efcd2e485a8fe441f821083e574b1df54e0233edc4a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:35:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
602
x-xss-protection
0
ucfad-formats.css
cdn.aralego.net/css/dev/ 		975 B
620 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.4.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:35:21 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5679
cf-polished
origSize=1191
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 16 Mar 2018 07:19:46 GMT
server
cloudflare
etag
W/"5aab7012-4a7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CsSLVmZzgyrvrKaW%2Fb0%2Frz8O2Vrs4TkexdHoiOo8GxLI8LDK9gAMXQNnXiqoIMW5WSGIfco6FkjTqsLoBxJkbNrVEAo%2F1jkmGvBjMhpvw80wG8%2Bf%2FwbFTykTGymWYI4dpA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
75dc6f986cd6a829-SYD
idRequest
sync.aralego.com/ 		46 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.58.188.181 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software
/
Resource Hash
f6d94121fc73ee7e556482349f1c1160d294a883410a5e062f8c38519d5ddf16

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 21 Oct 2022 19:35:22 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Allow-Credentials
true
Connection
close
Content-Length
46
idRequest
sync.aralego.com/ 		46 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.58.188.181 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software
/
Resource Hash
f6d94121fc73ee7e556482349f1c1160d294a883410a5e062f8c38519d5ddf16

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 21 Oct 2022 19:35:22 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Allow-Credentials
true
Connection
close
Content-Length
46
ad_request
ads.aralego.com/ 		508 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-jun-xin-yi-pi-sheng-chang-qi-ban-fei-xing-xue-yuan-jie-ye-you-ge-xin-tu-po.html&adid=ad-627443DBE4283AB9F7A46EA83243447&w=336&h=280&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.20656401856737916&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.254.153.160 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
e813a8d8d41c0dbdc33020ad6ef27d16afd2b590ceeb998e267409c8f666b829

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 21 Oct 2022 19:35:22 GMT
X-Width
336
X-Height
280
X-AdStyle
banner
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Expose-Headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Vary
Accept-Encoding
Access-Control-Allow-Credentials
true
X-AdSource
PSA
X-Adtype
html
Connection
close
Content-Length
508
ad_request
ads.aralego.com/ 		508 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-jun-xin-yi-pi-sheng-chang-qi-ban-fei-xing-xue-yuan-jie-ye-you-ge-xin-tu-po.html&adid=ad-627443DBE4283AB9F7A46EA83243447&w=336&h=280&ver=UCX_WEB-20200113&pos=1&seq=1&cb=0.9786126255344678&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.254.153.160 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
e813a8d8d41c0dbdc33020ad6ef27d16afd2b590ceeb998e267409c8f666b829

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 21 Oct 2022 19:35:22 GMT
X-Width
336
X-Height
280
X-AdStyle
banner
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Expose-Headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Vary
Accept-Encoding
Access-Control-Allow-Credentials
true
X-AdSource
PSA
X-Adtype
html
Connection
close
Content-Length
508
amp-sticky-ad-1.0.js
cdn.ampproject.org/rtv/012210010655000/v0/ 		39 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012210010655000/v0/amp-sticky-ad-1.0.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
56df0a279f759f13bf5024aaf4547c82d47fad55498ba1473aece0f2c9587531
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 18 Oct 2022 22:16:29 GMT
age
249535
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10232
x-xss-protection
0
server
sffe
etag
"c8f64f42400c7620"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 18 Oct 2023 22:16:29 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 7ACF 		121 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
aa11ea86c019f629c38f89edb2041c3938b3a9efe6de3e51703a7c22fce41058
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:35:22 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39992
x-xss-protection
0
server
cafe
etag
1752476801148660295
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 21 Oct 2022 19:35:22 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame FC56 		121 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
3d19af45008ce69c11e8c4b67948814233bc01c14b5d594dec0cd3462782c3e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:35:22 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39986
x-xss-protection
0
server
cafe
etag
4658627812023867441
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 21 Oct 2022 19:35:22 GMT
block.jpg
delivery.adrecover.com/ 		631 B
915 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://delivery.adrecover.com/block.jpg?ts=1666380922444
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-jun-xin-yi-pi-sheng-chang-qi-ban-fei-xing-xue-yuan-jie-ye-you-ge-xin-tu-po.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.144 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-144.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AU
date
Fri, 21 Oct 2022 19:35:24 GMT
last-modified
Wed, 23 Jun 2021 06:37:54 GMT
server
nginx/1.18.0
etag
"60d2d6c2-277"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=2
accept-ranges
bytes
content-length
631
expires
Fri, 21 Oct 2022 20:35:24 GMT
gtag.json
cdn.ampproject.org/rtv/012210010655000/v0/analytics-vendors/ 		2 KB
931 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012210010655000/v0/analytics-vendors/gtag.json
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
a8993772c9eb591474f38d257bebc8c4286703e1af72d04c8c294be5fff7b649
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 18 Oct 2022 22:17:16 GMT
age
249486
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
901
x-xss-protection
0
server
sffe
etag
"af0e5541a4a7e61b"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 18 Oct 2023 22:17:16 GMT
cookieSyncIframe.html
cdn.aralego.net/ucfad/cookie/ Frame 93E9 		714 B
796 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.4.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

access-control-allow-credentials
true
age
3959
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
75dc6f9f09e9aaea-SYD
content-encoding
br
content-type
text/html
date
Fri, 21 Oct 2022 19:35:22 GMT
last-modified
Wed, 09 Feb 2022 05:59:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cyCBh0BA4sgcFvy6ap3tkeiU0CY8%2BfhGqXRDXFGk%2BBZCYoOVarNg93lZ9inHF06ZUHLTbVlpaN3ElGysjEfdyY4HeLDg0PuUrwn5ves%2BAADE8hVqkz5mdvUKCLSpB5q9pg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
idsync
sync.aralego.com/ 		35 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aralego.com/idsync?gdpr=1&euconsent-v2=${GDPR_CONSENT_607}&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-jun-xin-yi-pi-sheng-chang-qi-ban-fei-xing-xue-yuan-jie-ye-you-ge-xin-tu-po.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.58.188.181 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 21 Oct 2022 19:35:24 GMT
Connection
close
Content-Length
35
Content-Type
image/gif
cookieSyncIframe.html
cdn.aralego.net/ucfad/cookie/ Frame 8F20 		714 B
760 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.4.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

access-control-allow-credentials
true
age
3959
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
75dc6f9f9a24aaea-SYD
content-encoding
br
content-type
text/html
date
Fri, 21 Oct 2022 19:35:22 GMT
last-modified
Wed, 09 Feb 2022 05:59:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FEl2tHHyxzy5Q2KHvF2xOgWjmZveMggVPmJR53tVZlQiCvWYFtfS%2FlQYzkJaIZF3ewKgKSJJL2vp9EKbZNoZHIE0RHCedz3eqFAR4d%2FrDDHkpVZtqKN9Jl4pdAkEd96sig%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 93E9 		79 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
sffe /
Resource Hash
9ace4f561335a8c8904c2b302d50e0d47e532f8ae01f30e705a03c6583d389f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:35:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27385
x-xss-protection
0
server
sffe
etag
"1371 / 324 of 1000 / last-modified: 1666350345"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 21 Oct 2022 19:35:23 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 8F20 		79 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
sffe /
Resource Hash
7da7c152f53634c4ca8ccfef1ddba9724c8b4b630a63a114d12938c7af0ea7d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:35:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27385
x-xss-protection
0
server
sffe
etag
"1371 / 873 of 1000 / last-modified: 1666350292"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 21 Oct 2022 19:35:23 GMT
amp
www.googletagmanager.com/gtag/ 		610 B
808 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/amp?__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
8492f3fc13f89700f09e8a96308911979a6289be084af2c497ea54dbd7dd7f5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=utf-8

Response headers

date
Fri, 21 Oct 2022 19:35:23 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="amp.json"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
258
x-xss-protection
0
pragma
no-cache
amp-access-control-allow-source-origin
https://www.bg3.co
server
Google Tag Manager
vary
*
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
expires
Fri, 01 Jan 1990 00:00:00 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210130101/ Frame 7ACF 		353 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210130101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
dbd4823276e5ec482f818631f1af3b15fa4c6d600a3617097eb7bae9538669f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:35:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
127538
x-xss-protection
0
server
cafe
etag
2328516021447145886
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Fri, 21 Oct 2022 19:35:24 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210130101/ Frame FC56 		353 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210130101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
bce9e081d218c2af98e81169cc19d412a8c7274f00c6c42ae1230bdb14f59394
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:35:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
127538
x-xss-protection
0
server
cafe
etag
2667900638152747999
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Fri, 21 Oct 2022 19:35:24 GMT
pubads_impl_2022101901.js
securepubads.g.doubleclick.net/gpt/ Frame 93E9 		379 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101901.js?cb=31070494
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
sffe /
Resource Hash
196eb4e1c32206100f0e8ad4ec1d25770d5dc9d91acd7b7972ec369440323aaf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 15:25:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
101401
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
130799
x-xss-protection
0
last-modified
Wed, 19 Oct 2022 08:34:46 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 20 Oct 2023 15:25:23 GMT
collect
www.google-analytics.com/r/ 		35 B
396 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=a1&ds=AMP&aip&_s=1&dt=%E6%B5%B7%E8%BB%8D%E6%96%B0%E4%B8%80%E6%89%B9%E7%94%9F%E9%95%B7%E6%9C%9F%E7%8F%AD%E9%A3%9B%E8%A1%8C%E5%AD%B8%E5%93%A1%E7%B5%90%E6%A5%AD%EF%BC%8C%E6%9C%89%E5%80%8B%E6%96%B0%E7%AA%81%E7%A0%B4%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&sr=1600x1200&cid=amp-HZirLDaaJ-8PWpViWbHHdQ&tid=UA-172083736-2&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-jun-xin-yi-pi-sheng-chang-qi-ban-fei-xing-xue-yuan-jie-ye-you-ge-xin-tu-po.html&dr=&sd=24&ul=en-us&de=UTF-8&t=pageview&jid=0.03008581781710018&gjid=0.13412792150187958&_r=1&a=7105&z=0.8197234814232834&gtm=2pu000
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-jun-xin-yi-pi-sheng-chang-qi-ban-fei-xing-xue-yuan-jie-ye-you-ge-xin-tu-po.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f113.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:35:24 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_2022101801.js
securepubads.g.doubleclick.net/gpt/ Frame 8F20 		379 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101801.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
sffe /
Resource Hash
1decf50a161fc7830e2f819b3ddf4657f8e95b1a931bbb8758b245e5771136d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 21:32:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
165778
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
130840
x-xss-protection
0
last-modified
Tue, 18 Oct 2022 08:35:32 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 19 Oct 2023 21:32:26 GMT
pb.42753.1663912421366.js
cdn.adpushup.com/prebid/ 		342 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.161 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-161.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
1c479d0abecadc8d5fde30eeb515508b6148fa3d92dd617b427788d6c792b0a8

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AU
date
Fri, 21 Oct 2022 19:35:25 GMT
content-encoding
br
last-modified
Fri, 23 Sep 2022 05:54:31 GMT
server
nginx/1.18.0
etag
W/"632d4a17-5578b"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=31536000
server-timing
cdn-cache; desc=HIT, edge; dur=2
content-length
94168
expires
Sat, 21 Oct 2023 19:35:25 GMT
quantcast.js
cdn.adpushup.com/pbuseridscripts/ 		450 B
618 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.161 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-161.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AU
date
Fri, 21 Oct 2022 19:35:25 GMT
content-encoding
gzip
last-modified
Mon, 28 Jun 2021 04:15:23 GMT
server
nginx/1.18.0
etag
"60d94cdb-1c2"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=31536000
server-timing
cdn-cache; desc=HIT, edge; dur=1
accept-ranges
bytes
content-length
317
expires
Sat, 21 Oct 2023 19:35:25 GMT
linkPreview.js
cdn.adpushup.com/42753/ 		72 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/linkPreview.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-jun-xin-yi-pi-sheng-chang-qi-ban-fei-xing-xue-yuan-jie-ye-you-ge-xin-tu-po.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.161 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-161.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
968012b3a49390a10d31c6d36b2aab796ec167a83378b5f9787756ee7cb035c5

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AU
date
Fri, 21 Oct 2022 19:35:25 GMT
content-encoding
br
last-modified
Thu, 14 Jul 2022 19:44:27 GMT
server
nginx/1.18.0
etag
W/"62d0721b-11ed1"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=3
content-length
17440
expires
Fri, 21 Oct 2022 20:35:25 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		79 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
sffe /
Resource Hash
7da7c152f53634c4ca8ccfef1ddba9724c8b4b630a63a114d12938c7af0ea7d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:35:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27385
x-xss-protection
0
server
sffe
etag
"1371 / 293 of 1000 / last-modified: 1666350292"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 21 Oct 2022 19:35:24 GMT
sync
e3.adpushup.com/AdPushupFeedbackWebService/user/ 		70 B
538 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/user/sync
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-jun-xin-yi-pi-sheng-chang-qi-ban-fei-xing-xue-yuan-jie-ye-you-ge-xin-tu-po.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:35:25 GMT
server
nginx/1.10.3 (Ubuntu)
ap-cookie-status
cookies ap_uid and ap_usid are set
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
integrator.js
adservice.google.com.au/adsid/ Frame 93E9 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101901.js?cb=31070494
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:35:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 93E9 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101901.js?cb=31070494
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:35:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 93E9 		492 B
264 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=116958584231556&correlator=1707707952092723&eid=31070494&output=ldjh&gdfp_req=1&vrg=2022101901&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=64515409&sfv=1-0-38&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1666380924611&lmt=1644386353&dlt=1666380922786&idt=1798&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=fzaaqw9p3gwr&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&frm=24&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=42914706.1666380925&ga_sid=1666380925&ga_hid=388374644&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101901.js?cb=31070494
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
cafe /
Resource Hash
84c62bd8c5a91a46ef0894bef6ac25d7fd977d22f28fd80e9df45e746f64d4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:35:24 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
234
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cdn.aralego.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
4ac4850c21c18d152dec82a4f4b546ba.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 9E6D 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://4ac4850c21c18d152dec82a4f4b546ba.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101901.js?cb=31070494
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 21 Oct 2022 19:35:25 GMT
expires
Sat, 21 Oct 2023 19:35:25 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2NjYzODA5MjQ2MzksInBhY2tldElkIjoiMDAwMEE3MDEtMjQ3YzI2ZWQtNTI0NS00NjcwLWI3MDktOTNhZjg0M2E3ZmU3Iiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2hhaS1qdW4teGluLXlpLXBpLXNoZW5nLWNoYW5nLXFpLWJhbi1mZWkteGluZy14dWUteXVhbi1qaWUteWUteW91LWdlLXhpbi10dS1wby5odG1sIiwibW9kZSI6NCwiZXJyb3JDb2RlIjowLCJyZWZlcnJlciI6IiIsInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOm51bGx9&c_b=5610.199999809265
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-jun-xin-yi-pi-sheng-chang-qi-ban-fei-xing-xue-yuan-jie-ye-you-ge-xin-tu-po.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:35:25 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2NjYzODA5MjQ2NDAsInBhY2tldElkIjoiMDAwMEE3MDEtMjQ3YzI2ZWQtNTI0NS00NjcwLWI3MDktOTNhZjg0M2E3ZmU3Iiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2hhaS1qdW4teGluLXlpLXBpLXNoZW5nLWNoYW5nLXFpLWJhbi1mZWkteGluZy14dWUteXVhbi1qaWUteWUteW91LWdlLXhpbi10dS1wby5odG1sIiwibW9kZSI6NSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOm51bGx9&c_b=5610.89999961853
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-jun-xin-yi-pi-sheng-chang-qi-ban-fei-xing-xue-yuan-jie-ye-you-ge-xin-tu-po.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:35:25 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2NjYzODA5MjQ2NDAsInBhY2tldElkIjoiMDAwMEE3MDEtMjQ3YzI2ZWQtNTI0NS00NjcwLWI3MDktOTNhZjg0M2E3ZmU3Iiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2hhaS1qdW4teGluLXlpLXBpLXNoZW5nLWNoYW5nLXFpLWJhbi1mZWkteGluZy14dWUteXVhbi1qaWUteWUteW91LWdlLXhpbi10dS1wby5odG1sIiwibW9kZSI6MSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6Ijc3YTljMjJmLWFjMDItNDVkZC05NmJjLWIwODk2YThhN2Q1YSIsInNlY3Rpb25OYW1lIjoiQVBfTF9EX0FSVElDTEVfNzI4WDI1MF83N2E5YyIsInN0YXR1cyI6MSwibmV0d29yayI6ImFkcFRhZ3MiLCJuZXR3b3JrQWRVbml0SWQiOiJBRFBfNDI3NTNfNzI4WDI1MF83N2E5YzIyZi1hYzAyLTQ1ZGQtOTZiYy1iMDg5NmE4YTdkNWEiLCJzZXJ2aWNlcyI6WzEsM10sImFkVW5pdFR5cGUiOjF9XX0%3D&c_b=5611.299999713898
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-jun-xin-yi-pi-sheng-chang-qi-ban-fei-xing-xue-yuan-jie-ye-you-ge-xin-tu-po.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:35:25 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2NjYzODA5MjQ2NDQsInBhY2tldElkIjoiMDAwMEE3MDEtMjQ3YzI2ZWQtNTI0NS00NjcwLWI3MDktOTNhZjg0M2E3ZmU3Iiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2hhaS1qdW4teGluLXlpLXBpLXNoZW5nLWNoYW5nLXFpLWJhbi1mZWkteGluZy14dWUteXVhbi1qaWUteWUteW91LWdlLXhpbi10dS1wby5odG1sIiwibW9kZSI6MSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6ImQxYzEwYTcyLTI3YjQtNDkzMS04Y2U3LTk5YTE4ZWJiZGJhZSIsInNlY3Rpb25OYW1lIjoiQVBfSV9EX0FSVElDTEVfNzI4WDkwX2QxYzEwIiwic3RhdHVzIjoxLCJuZXR3b3JrIjoiYWRwVGFncyIsIm5ldHdvcmtBZFVuaXRJZCI6IlNUSUNLWV9BRFBfNDI3NTNfNzI4WDkwX2QxYzEwYTcyLTI3YjQtNDkzMS04Y2U3LTk5YTE4ZWJiZGJhZSIsInNlcnZpY2VzIjpbNSwzXSwiYWRVbml0VHlwZSI6M31dfQ%3D%3D&c_b=5615.099999904633
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-jun-xin-yi-pi-sheng-chang-qi-ban-fei-xing-xue-yuan-jie-ye-you-ge-xin-tu-po.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:35:25 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2NjYzODA5MjQ2NDcsInBhY2tldElkIjoiMDAwMEE3MDEtMjQ3YzI2ZWQtNTI0NS00NjcwLWI3MDktOTNhZjg0M2E3ZmU3Iiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2hhaS1qdW4teGluLXlpLXBpLXNoZW5nLWNoYW5nLXFpLWJhbi1mZWkteGluZy14dWUteXVhbi1qaWUteWUteW91LWdlLXhpbi10dS1wby5odG1sIiwibW9kZSI6MSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6IjEwNGIyODJhLWJkMTEtNGQ4ZC1hZDY0LTA0OTIwNjNiNmNiYSIsInNlY3Rpb25OYW1lIjoiQVBfSV9EX0FSVElDTEVfMTIwWDYwMF8xMDRiMiIsInN0YXR1cyI6MSwibmV0d29yayI6ImFkcFRhZ3MiLCJuZXR3b3JrQWRVbml0SWQiOiJTVElDS1lfQURQXzQyNzUzXzEyMFg2MDBfMTA0YjI4MmEtYmQxMS00ZDhkLWFkNjQtMDQ5MjA2M2I2Y2JhIiwic2VydmljZXMiOls1LDNdLCJhZFVuaXRUeXBlIjozfV19&c_b=5617.39999961853
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-jun-xin-yi-pi-sheng-chang-qi-ban-fei-xing-xue-yuan-jie-ye-you-ge-xin-tu-po.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:35:25 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
amp-ad-network-adsense-impl-0.1.js
cdn.ampproject.org/rtv/012210010655000/v0/ 		214 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012210010655000/v0/amp-ad-network-adsense-impl-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
1a12e03c6e7368771df0045c0d29660585881ec9e385b5cc885351c2a0bc3905
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 18 Oct 2022 22:25:57 GMT
age
248968
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
57866
x-xss-protection
0
server
sffe
etag
"a079e55eff1cbcb0"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 18 Oct 2023 22:25:57 GMT
integrator.js
adservice.google.com.au/adsid/ Frame 8F20 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:35:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 8F20 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:35:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 8F20 		492 B
263 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2352701535788158&correlator=3947085887614110&eid=31068498%2C44775319&output=ldjh&gdfp_req=1&vrg=2022101801&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=64515409&sfv=1-0-38&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1666380924680&lmt=1644386353&dlt=1666380922871&idt=1789&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=4ya7jmo9pr9o&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&frm=24&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=48116265.1666380925&ga_sid=1666380925&ga_hid=1031984074&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
cafe /
Resource Hash
80635e9ef2748ba71ab418355af60edb2f46b6a80ac7a93ba27b676fc00f86e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:35:24 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
233
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cdn.aralego.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
aeda70c3d9f8ebee0b4cc653358b610c.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame DBCC 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://aeda70c3d9f8ebee0b4cc653358b610c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 21 Oct 2022 19:35:25 GMT
expires
Sat, 21 Oct 2023 19:35:25 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pubads_impl_2022101801.js
securepubads.g.doubleclick.net/gpt/ 		379 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101801.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
sffe /
Resource Hash
1decf50a161fc7830e2f819b3ddf4657f8e95b1a931bbb8758b245e5771136d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 21:32:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
165779
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
130840
x-xss-protection
0
last-modified
Tue, 18 Oct 2022 08:35:32 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 19 Oct 2023 21:32:26 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		109 B
118 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.bg3.co
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
cafe /
Resource Hash
57ba9c79273602051bd0fa9f6dcd52a3f199dc59f134308efeeaad35424b8311
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:35:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
93
x-xss-protection
0
expires
Fri, 21 Oct 2022 19:35:25 GMT
cookie.js
partner.googleadservices.com/gampad/ Frame 7ACF 		379 B
691 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210130101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
fd0de5f7d41be3db0fd9ef61c34d19d7a180bd9a274e5e1495a071640c7bdcc0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:35:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
246
x-xss-protection
0
integrator.js
adservice.google.com.au/adsid/ Frame 7ACF 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210130101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:35:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 7ACF 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210130101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:35:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 13E5 		21 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1666380924&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-jun-xin-yi-pi-sheng-chang-qi-ban-fei-xing-xue-yuan-jie-ye-you-ge-xin-tu-po.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666380923199&bpp=13&bdt=1569&idt=1785&shv=r20221019&mjsv=m202210130101&ptt=5&saldr=sa&correlator=6940085691434&frm=23&ife=1&pv=2&ga_vid=132312058.1666380925&ga_sid=1666380925&ga_hid=1805836802&ga_fc=0&ga_cid=amp-HZirLDaaJ-8PWpViWbHHdQ&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=856&biw=1600&bih=1200&isw=336&ish=280&ifk=3312327010&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C44775017%2C31060049&oid=2&pvsid=2672479170510720&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.oqtxlyn13en9&fsb=1&dtd=1805
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210130101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
b2f747b38b406bc27665c2acea3562dc5dbf6b49c16dfe4052c7b7ee19f583c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
10373
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 21 Oct 2022 19:35:25 GMT
expires
Fri, 21 Oct 2022 19:35:25 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
cookie.js
partner.googleadservices.com/gampad/ Frame FC56 		379 B
317 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210130101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
ee542e058c48ee58ede04d1283ce09ecc457066bdc48d7a4260eac0e2e9502c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:35:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
248
x-xss-protection
0
integrator.js
adservice.google.com.au/adsid/ Frame FC56 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210130101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:35:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame FC56 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210130101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:35:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame E164 		21 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1666380925&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-jun-xin-yi-pi-sheng-chang-qi-ban-fei-xing-xue-yuan-jie-ye-you-ge-xin-tu-po.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666380923282&bpp=12&bdt=1667&idt=1810&shv=r20221019&mjsv=m202210130101&ptt=5&saldr=sa&correlator=6940085691434&frm=23&ife=1&pv=1&ga_vid=991348202.1666380925&ga_sid=1666380925&ga_hid=786545097&ga_fc=0&ga_cid=amp-HZirLDaaJ-8PWpViWbHHdQ&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=3533403246&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C31069972%2C44774605%2C44775016%2C44773747&oid=2&pvsid=746497570079959&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.8pw8mhuqgu1f&fsb=1&dtd=1826
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210130101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
5224b2f163ef3e27af255497131bc5c1a4c99713258e27e1547be661ef6f1148
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
10626
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 21 Oct 2022 19:35:25 GMT
expires
Fri, 21 Oct 2022 19:35:25 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 93E9 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022101901&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101901.js?cb=31070494
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
35ca76222f5e9076fed131635b13cbf0ce78ee41f3a04555de45b25e876aba40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:35:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11338
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 8F20 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022101801&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
745345e0c052a7c122d4fb1bccfbb7763d62942f414a2e41f80e8c8eb01573ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:35:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11066
x-xss-protection
0
quant.js
secure.quantserve.com/ 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.229.10.211 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e7aaa31aec9d6a9f88c0af5d361aff3e7828ace0fb0c55ab35922025e12700b1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:35:26 GMT
content-encoding
gzip
etag
"cbFpuah7ilcpMTJLYeCgng=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Fri, 28 Oct 2022 19:35:26 GMT
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20221021
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.85.20 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
40cb368f045d5452437d16c14a82ceeec9b37204f16b657be49d086106ae4700
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 21 Oct 2022 19:35:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
16459
x-jsd-version
1.0.1499
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19153-FRA, cache-yyz4532-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"663-m5zFW9QZB+4iGVgL4HRK+wU5t5E"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
75dc6fb26e53a95f-SYD
cygnus
htlb.casalemedia.com/ 		36 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=693656&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%221305192b04cf8e%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-jun-xin-yi-pi-sheng-chang-qi-ban-fei-xing-xue-yuan-jie-ye-you-ge-xin-tu-po.html%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A7%2C%22msi%22%3A7%2C%22mfu%22%3A3%2C%22bu%22%3A3%2C%22iu%22%3A0%2C%22nu%22%3A3%2C%22ou%22%3A3%2C%22allu%22%3A3%2C%22ren%22%3Atrue%2C%22version%22%3A%226.19.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2289afa32155b318%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A320%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22320x50%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22300x50%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A250%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22250x250%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%2211c62bb44788af7%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A320%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22320x50%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22300x50%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%22125e8317e438f24%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A120%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22120x600%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpushup.com%22%2C%22sid%22%3A%22062d9a21f747ddee7c25d4297776e0aa%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2290c86acd-b13a-43fb-a859-3ae20d2f390c%22%7D%5D%7D%5D%7D%7D
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
63b631be39760d0a5178be461ca16659a404971b9aafdabb70278476a3ac326c

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:35:26 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
75dc6fb29f14a886-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36
expires
0
cygnus
htlb.casalemedia.com/ 		36 B
284 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=693656&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%221305192b04cf8e%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-jun-xin-yi-pi-sheng-chang-qi-ban-fei-xing-xue-yuan-jie-ye-you-ge-xin-tu-po.html%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A3%2C%22bu%22%3A3%2C%22iu%22%3A0%2C%22nu%22%3A3%2C%22ou%22%3A3%2C%22allu%22%3A3%2C%22ren%22%3Atrue%2C%22version%22%3A%226.19.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2211c62bb44788af7%22%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22728x90%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B728%2C90%5D%5D%2C%22api%22%3A%5B2%5D%2C%22linearity%22%3A1%2C%22placement%22%3A4%2C%22w%22%3A728%2C%22h%22%3A90%7D%7D%2C%7B%22id%22%3A%22125e8317e438f24%22%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22120x600%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B120%2C600%5D%5D%2C%22api%22%3A%5B2%5D%2C%22linearity%22%3A1%2C%22placement%22%3A4%2C%22w%22%3A120%2C%22h%22%3A600%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpushup.com%22%2C%22sid%22%3A%22062d9a21f747ddee7c25d4297776e0aa%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2290c86acd-b13a-43fb-a859-3ae20d2f390c%22%7D%5D%7D%5D%7D%7D
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
63b631be39760d0a5178be461ca16659a404971b9aafdabb70278476a3ac326c

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:35:26 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
75dc6fb29f15a886-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36
expires
0
prebid-request
onetag-sys.com/ 		15 B
407 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.79.234.101 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-51-79-234.net
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://www.bg3.co
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
adreq
ads.servenobid.com/ 		752 B
633 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=2903
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.73.238.20 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-73-238-20.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
06a55574709ebf1fbbb4e954c8e470d019f7e0609e8b8bd18dafedc3fe580c72

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 21 Oct 2022 19:35:26 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
auction
prebid-server.rubiconproject.com/openrtb2/ 		185 B
406 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.249.121.116 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-249-121-116.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
0aee38d39dbc2aa6064e12e59406ec0264f7a57a4fd630b4d3ccbb3611a87d10

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:35:26 GMT
content-encoding
gzip
x-prebid
pbs-java/1.102.0
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
174
expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		185 B
408 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.249.121.116 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-249-121-116.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
ef7a57a302b36125eb5ba94568307ee15f9f69bad283cc56dbb847f3913b0929

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:35:26 GMT
content-encoding
gzip
x-prebid
pbs-java/1.102.0
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
175
expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		185 B
407 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.249.121.116 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-249-121-116.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
0d03d635346d3d5fe77d4422871021b2b91d56d87a1075764dd2b0f39e9f2491

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:35:26 GMT
content-encoding
gzip
x-prebid
pbs-java/1.102.0
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
175
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		472 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20616&site_id=395958&zone_id=2209398&size_id=15%3B2%3B8&alt_size_ids=2%2C1%2C13%2C14%2C19%2C43%2C44%2C117%3B1%2C43%2C44%3B&rp_schain=1.0,1!adpushup.com,062d9a21f747ddee7c25d4297776e0aa,1,,,&eid_pubcid.org=90c86acd-b13a-43fb-a859-3ae20d2f390c%5E1&rf=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-jun-xin-yi-pi-sheng-chang-qi-ban-fei-xing-xue-yuan-jie-ye-you-ge-xin-tu-po.html&tk_flint=pbjs_lite_v6.19.0&x_source.tid=9805d94b-7b3b-47a3-91af-af9bb66eb7bc%3B8367b8fe-5db7-4551-843b-c1fb08ee7c19%3B56866f12-504a-43ef-8c43-079e74c6a31d&l_pb_bid_id=228a3e348a7cb3d%3B23933a9c03a5b31%3B2414357c1a63b06&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=3&rand=0.7469042393986935
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
51c8802968db2aaddba0f3aea68631d5e21f1c042c6c0af3fd1136d8e7e97ff4

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:35:26 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		3 B
517 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-jun-xin-yi-pi-sheng-chang-qi-ban-fei-xing-xue-yuan-jie-ye-you-ge-xin-tu-po.html&CanonicalUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-jun-xin-yi-pi-sheng-chang-qi-ban-fei-xing-xue-yuan-jie-ye-you-ge-xin-tu-po.html&PublisherDomain=https%3A%2F%2Fbg3.co%2F
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.203.144.13 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-203-144-13.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 21 Oct 2022 19:35:26 GMT
via
kong/2.8.1
x-content-type-options
nosniff
x-kong-proxy-latency
0
p3p
CP="CAO PSA OUR"
x-kong-upstream-latency
5
content-length
3
pragma
no-cache
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
expires
0
hbjson
grid.bidswitch.net/ 		24 B
361 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.213.117.18 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
18.117.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
4c0ab4ae0248b6bf96bf3c23e7881771febea31be253ca161a311227fd7042ba

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 21 Oct 2022 19:35:26 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
49
prebid
ib.adnxs.com/ut/v3/ 		34 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.151.120 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
908.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
6781c3c73b1f11152e870bd1e218e2c09c6e8a7ff6e44a4b0593e8a01f6f2c59
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 21 Oct 2022 19:35:26 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
173.245.209.130; 173.245.209.130; 908.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
92138227-ed63-48ff-86e7-cf9a61283cda
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
auction
tlx.3lift.com/header/ 		19 B
504 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=6.19.0&referrer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-jun-xin-yi-pi-sheng-chang-qi-ban-fei-xing-xue-yuan-jie-ye-you-ge-xin-tu-po.html&tmax=3000
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.77.151.123 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-151-123.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:35:26 GMT
accept-ch
sec-ch-save-data,sec-ch-ua-mobile,sec-ch-downlink,user-agent,sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height,sec-ch-ua-platform,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
prebid
prebid.media.net/rtb/ 		1 KB
923 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUPEPKI9
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
71a038ff05ef25a0224ee93700fec3242f38c0d513666da789cb4785f1d933bd

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:35:26 GMT
content-encoding
gzip
via
1.1 google
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
105
alt-svc
clear
c
prebid.a-mo.net/a/ 		584 B
863 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.89.200 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
632df954115706e27c82972cf5f28a037b04a3621d4bbf47d84bdf33fefa2cb4

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 21 Oct 2022 19:35:26 GMT
content-encoding
gzip
server
envoy
vary
origin, accept-encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
148
content-length
301
arj
adpushup-d.openx.net/w/1.0/ 		174 B
382 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-jun-xin-yi-pi-sheng-chang-qi-ban-fei-xing-xue-yuan-jie-ye-you-ge-xin-tu-po.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=0cab4d94-32d7-48da-9245-081c32ef47ce%2C7b590dc5-645d-46c9-ba4b-6fcd07e9486b%2C70b9e548-db21-429d-829d-e413783a2cfc&nocache=1666380925612&pubcid=90c86acd-b13a-43fb-a859-3ae20d2f390c&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&aus=728x250%2C728x90%2C690x90%2C690x250%2C675x90%2C675x250%2C670x90%2C670x250%2C650x90%2C650x250%2C650x150%2C630x90%2C630x250%2C602x100%2C600x90%2C600x250%2C580x90%2C570x90%2C550x150%2C468x60%2C320x50%2C320x100%2C300x50%2C300x100%2C300x75%2C300x250%2C250x250%2C200x200%7C728x90%2C690x90%2C675x90%2C670x90%2C650x90%2C630x90%2C600x90%2C580x90%2C570x90%2C468x60%2C320x50%2C300x50%2C300x75%7C120x600&divids=ADP_42753_728X250_77a9c22f-ac02-45dd-96bc-b0896a8a7d5a%2CSTICKY_ADP_42753_728X90_d1c10a72-27b4-4931-8ce7-99a18ebbdbae%2CSTICKY_ADP_42753_120X600_104b282a-bd11-4d8d-ad64-0492063b6cba&aucs=%2C%2C&auid=545618347%2C545618347%2C545618347
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
df50e96c71b174d18e2c265d871f7f7a35f0adbb2892b5318a4e42535b33d044

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:35:26 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
164
expires
Mon, 26 Jul 1997 05:00:00 GMT
avjp
adpushup-d.openx.net/v/1.0/ 		106 B
296 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-jun-xin-yi-pi-sheng-chang-qi-ban-fei-xing-xue-yuan-jie-ye-you-ge-xin-tu-po.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=107fed86-a3f5-4303-8d70-3b3f95c24733&nocache=1666380925613&pubcid=90c86acd-b13a-43fb-a859-3ae20d2f390c&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A120%2C%22h%22%3A600%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22api%22%3A%5B2%5D%2C%22playbackmethod%22%3A6%2C%22linearity%22%3A1%7D%7D%5D%7D&auid=545618481&vwd=120&vht=600&vos=101&vmimes=video%2Fmp4%2Cvideo%2Fwebm
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:35:25 GMT
via
1.1 google
server
OXGW/0.0.0
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
avjp
adpushup-d.openx.net/v/1.0/ 		106 B
504 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-jun-xin-yi-pi-sheng-chang-qi-ban-fei-xing-xue-yuan-jie-ye-you-ge-xin-tu-po.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=9fbaf97a-9c2d-415a-9572-135c05ac281a&nocache=1666380925613&pubcid=90c86acd-b13a-43fb-a859-3ae20d2f390c&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22api%22%3A%5B2%5D%2C%22playbackmethod%22%3A6%2C%22linearity%22%3A1%7D%7D%5D%7D&auid=545618481&vwd=728&vht=90&vos=101&vmimes=video%2Fmp4%2Cvideo%2Fwebm
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:35:25 GMT
via
1.1 google
server
OXGW/0.0.0
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
avjp
adpushup-d.openx.net/v/1.0/ 		106 B
296 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-jun-xin-yi-pi-sheng-chang-qi-ban-fei-xing-xue-yuan-jie-ye-you-ge-xin-tu-po.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=355f6473-5860-4e0a-b82d-997d9e0439e8&nocache=1666380925613&pubcid=90c86acd-b13a-43fb-a859-3ae20d2f390c&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A400%2C%22h%22%3A225%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22api%22%3A%5B2%5D%2C%22playbackmethod%22%3A6%2C%22linearity%22%3A1%7D%7D%5D%7D&auid=545618481&vwd=400&vht=225&vos=101&vmimes=video%2Fmp4%2Cvideo%2Fwebm
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:35:25 GMT
via
1.1 google
server
OXGW/0.0.0
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
cdb
bidder.criteo.com/ 		0
212 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.19.0&cb=20142934433
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.145 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 21 Oct 2022 19:35:25 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
bid-request
a.teads.tv/hb/ 		16 B
520 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.195.153.54 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-153-54.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:35:26 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Fri, 21 Oct 2022 19:35:26 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 93E9 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101901.js?cb=31070494
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:35:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 21 Oct 2022 19:35:26 GMT
integrator.json
adservice.google.com/adsid/ 		86 B
219 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.json?domain=www.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
cafe /
Resource Hash
14cfb5058acaf3af2f07088f1582f29941d7a4cc74fd1cea5050cecad862d154
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:35:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
83
x-xss-protection
0
nameframe.html
d-535395998747397289.ampproject.net/2210010655000/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://d-535395998747397289.ampproject.net/2210010655000/nameframe.html
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f94.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 8F20 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:35:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 21 Oct 2022 19:35:26 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 683F 		624 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CMDNlQEQgZDNoQMY6Nm30QEwAQ&v=APEucNU3cbTq8B3TJtUWVeF6xxxmAaWWBfjmnL0cMwp1BD3_G85BFDGsYBMxq6rTnx1jEQrYzMuXgs95vK_WLHVGQepFJsQi1A
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1666380924&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-jun-xin-yi-pi-sheng-chang-qi-ban-fei-xing-xue-yuan-jie-ye-you-ge-xin-tu-po.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666380923199&bpp=13&bdt=1569&idt=1785&shv=r20221019&mjsv=m202210130101&ptt=5&saldr=sa&correlator=6940085691434&frm=23&ife=1&pv=2&ga_vid=132312058.1666380925&ga_sid=1666380925&ga_hid=1805836802&ga_fc=0&ga_cid=amp-HZirLDaaJ-8PWpViWbHHdQ&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=856&biw=1600&bih=1200&isw=336&ish=280&ifk=3312327010&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C44775017%2C31060049&oid=2&pvsid=2672479170510720&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.oqtxlyn13en9&fsb=1&dtd=1805
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1666380924&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-jun-xin-yi-pi-sheng-chang-qi-ban-fei-xing-xue-yuan-jie-ye-you-ge-xin-tu-po.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666380923199&bpp=13&bdt=1569&idt=1785&shv=r20221019&mjsv=m202210130101&ptt=5&saldr=sa&correlator=6940085691434&frm=23&ife=1&pv=2&ga_vid=132312058.1666380925&ga_sid=1666380925&ga_hid=1805836802&ga_fc=0&ga_cid=amp-HZirLDaaJ-8PWpViWbHHdQ&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=856&biw=1600&bih=1200&isw=336&ish=280&ifk=3312327010&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C44775017%2C31060049&oid=2&pvsid=2672479170510720&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.oqtxlyn13en9&fsb=1&dtd=1805
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
276
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 21 Oct 2022 19:35:26 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame C9E6 		80 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BOTubWldF59j4kWg-91lp8lIcbJru1yPC8XVIXqtL8-2i89_Trory6krrmRDgtpTqJzx3d3oyxJjTgmeNTJHoCLbV7pw&cry=1&dbm_d=AKAmf-CSk28B_SG76bCDTUu6Gs6CImtq6kVR0I1ASW_OpAQ6PuIB7LMt6zoAl82BLXhiIwk9sO-cwKRJozOeT6986FZuJ16lzfIpQ6bG4Wj2Rvr5b3DA3G7B-YQNgFe8dfhlyhZVSGfrYxsvDQ7ok7yc9xPFVKwHJIOQFZRpLq5UMn6X_sDh5WaI0P_-NSIPqutM7uphrOn3Rx_JOHGxKQkjP6Remi2SLCPfhXb-HwGHO2zUJ3WyQY5MgldodB9cMF19lG4OW9isgQaK5XEEORpOucI9vsLsGp21VcjF3SVs6fcsIk2bx7dDsNC1ShY1fieTZd_eHtDkB6tai0__OUla7KU-Dq95O90j3Ug8UqSxd6wHAmRspnKcTSh7shpaFQU2UlDrkWHwHgZy6_XD2EjRfZJDhtfJzlcl6ekJT0B8gcZHt_aUEfilKXNxZjJPO4W3q5IxZRw4DhEKnm8Br-vzah7Dy_cuWMdh1ozxx6sJREs1EcpiVRv6g3k57PNM2BKQy5De1-BipIgOs5bcpVpL7nTQRkIkuBxBbH1vvVWvBmZI5t7JAoreLYK-5bzUVKOZ8HCxYnWUi9dndAkBoCk58JYwUi_0Szp1hB_AxoH4x6rLMBDLMPHLd5IeNQOMHXN1gtMdc3cY9IV6cvSkuAoD9VZ9kUAbkvvZ1c-TswRzFGEawwNG5dl5CqwSrny5uCY4a8OfBIIAzjd0CFHxvvb08ze34ooqLxCM1Qh3k1Re7i6aCucrMaxPumrvs7UGbWIT5pP86xVrQJuYX4U_Oh4ZrqmwTJWPHFAlvH_D0d5McvmnDQgwnsUAyNX_3B8M_enQWxDR8ciUTx3OE-WKMcgt857ZSszKknLNaBs8XaCMtD_lSocagKcGj-Xgbc3sLx1XERAC5coho6jzWN5-8IlLqcKz59ntQP4I30QR5zFwyN_b_YaR1wNSO_KVY6sLrIfzV1CFSRUegwla38aeUANZtW7uASsr8UwWF1rCT0mRwt9maCRJFtdvbsTJZSBGI3hOWje1GAqE99dkUsWcE_7XvUkO5oY_S1nCzB7wBz5PR-NDTIKG5X5ixBS6rsTqcVR4gT6bBeGX8kCsm5EKbrpY6MJdkYCjgc8ZOLkEK6v1vULJnY1PpX1pnJPlGty5hBVojtxTjFvbe537k0dkR0To4fm4FqafjG2GyUdENyPAwy1buGn3hBw8wzBoamsUC6d1tuMNCzXlqJ2YyNrukeuCgbbaJ4-iRTKD4D6mD_syaLmVrE5eJp5GbVltwzA66yIOREhP77RNGVufKca2a0hovBFHaqdHbNMObnMi65PEMt0qTqp1rnqGlXBfwv4BBgW7kdrf4mu0OA00FNALXgrmQ_eciKlQCUpkWn7M1gY-8-8ynU6ObQGtc7wA_p_LxM55TqJ0_a0oL83sdlDgURcmslSEQPKPOoe24azbPCD-loFmVB2vZLhFJKaf5jP2CBr45P7BOLOawEmFqEcM9LQ77ZfbcEW0RtoKI8C2mPxr4po2pMM3kRzy3SNLBfIEJInsC4YHkVCktk9kpePIbjGLqfnMYzgMmNO6WzFD7bqz1XZrjwqwBulQ6otpqvWEO2yrnsuMS87ct3a66NoAvlKA0JwNJKFRuY_Yp8-SQiTICdcxC1XLhyd00bJjFUeOyFC_vxfiK5EHFWkrW1_xfV03f5iY9W1eQOWhKYmNFF6xwvjZN5wCHZQsT3sQSRGRq5FXXimF7p1LFTpAzSVRi7uXcQgAsvbAVmhbo_TXci5XroB0NZv-DU3_TWHA949vLMc-afurUyx-Ypi2pp4FysmXJnIw6eqsV0VT7diMYFQTEslyq_aVpvcC_wy85p3773pFUpS0vAjKfEpLkRkUNPCbd2jZbPIWM2h9m-2_1akGFxI2UbYI676GKlibDUaKEu-VZl5-AblgmVI7LaxHFHhCok7rHj-aM06DarSh-88tnIxqD8h1tOQvo_F9gXzD_oF1C42zZu65Mw0c1lURF8-6bHjkj30AmzUXD2qmKOmJj02DU2gKHyRHC6mU95bpH037KztQCuLAtmGQhZ5VqkQkXn0XZMMgc2Fma8rxy9KxSLzgXXH7sijrWYpvzV64x6HeolhTlm_7hEhsN5Uh0WKjVvCfNzxV9YMhTESHU97u970LUMhkyIVZsrbhJmX6z26iDXfv-r2wuP9xRSdjqzi_GEzKFF5dSl6XRZlKC-rt7R_Mv-TyzVE7MbMxdZuwB5pXdYQdLHF1tM-eQ75nLX3P1iXK8XMkcBWQ-FhubsHftJ-jlCwsK-xXZiLYcu6dXklumvF22d9UiwB9WakfcLWgujdTRYwlkiOBO7R89mN4rw7ZTW8t0_w2VXz1aVDK65xvsUvzRC7Ua7NK52T5O0_mA1nWfZqtRf99qE18CqDI74ALi5S3pppRKxFqHs6EMssOMZBoxEOegYJXctwnTpHRprA2artAIJJTBfXLZp6pHF1YHL1pgZKbDVK1rhID3e5ZlkquHgSHuS0PMhgKKETo7hcQgNJyZoG3Nu1KvWDWv8YM3Ghsr2B-B4U4M_BeNkL-V-O-Fmw9fhqZRQRNmhYS834Tt62CLU5oc20fgNyhIynRyByawZLsu5a-IPldPfAh9BHS6IY6fACaI1QBzh_meewkitA-6JnswQP-nw3WX7O2h_NrkVJ6VOhSG_c5aUfq3HMB8PeTTZ5aPDR6gu582E57FCzkmb7qtR1UaqRiY9pdsyJxpLihVQLYjbv4CrmBx7iqUNeLwQbFjC4jwKrgbv8NrwYiRozAtev2npuTbEVhWnNXr5EemxlPKFU88hVXNJgnaHHfQcYiUmTQLCp_o2HZlnb9H-sfYQG06FG5kxMrCLaYF6yvh7GWciV_lINwxS2cvGkRoGErM4mQboPMbZb9950fY_6GBYAu8ezXjPCHqL9GQJRZTdfg0HcEcHj6Ch_OjEuRxjG0oIgssrbwdIMyJS3mRTt_SblN8ZWvJmA0Wb1ptmAueJbOM25Ry1NKsIUod89awTHUMapofFLEn_yaatRacMPDyxgKpBekXAt1pGdIiXE4woDUe-xJ_Tz5baYs5qwy2Lg-PGPMEdUMnlyikU4ItxvyVenw8oZhH3JTMwjjgEwzhnGhacNnAKvGXufTrjVP1rB8-klPMG9p6nL7RvJz4WhT1R2u72bCZmwAKvMTw_1qewGZEWb_VH76vIvKvNvHFBO08El8rit2GTOhJHHl_T5_MowonDPufm9cgriBALctHAFWbODbzPYaUCaMWNfOKvEb2K2-RBLCFHoYOjbI09SobBY69-tvO-6xptU1mfW2WU7h70Wn8QXvIoibErEQft4hyxABuCisxQy96ZZe2C2xXQc-VQsGZgnfWWo34f3AVggDMutSkBcOYx6FuNSo&cid=CAQSKQDq26N9Yryw3u6k7d6zKVODAB7Gb4q0IEhg5TCouksPzkqHV9JuybV9GAEgDg&rfl=3%2Chttps%253A%252F%252Fwww.bg3.co%242%2Chttps%253A%252F%252Fwww.bg3.co%252F%240
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-jun-xin-yi-pi-sheng-chang-qi-ban-fei-xing-xue-yuan-jie-ye-you-ge-xin-tu-po.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
098980589061ef1f96ebd793b2f82779ca5ec4e46316aacee1392b761c60b8ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1666380924&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-jun-xin-yi-pi-sheng-chang-qi-ban-fei-xing-xue-yuan-jie-ye-you-ge-xin-tu-po.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666380923199&bpp=13&bdt=1569&idt=1785&shv=r20221019&mjsv=m202210130101&ptt=5&saldr=sa&correlator=6940085691434&frm=23&ife=1&pv=2&ga_vid=132312058.1666380925&ga_sid=1666380925&ga_hid=1805836802&ga_fc=0&ga_cid=amp-HZirLDaaJ-8PWpViWbHHdQ&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=856&biw=1600&bih=1200&isw=336&ish=280&ifk=3312327010&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C44775017%2C31060049&oid=2&pvsid=2672479170510720&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.oqtxlyn13en9&fsb=1&dtd=1805
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:35:26 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34504
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221019/r20110914/client/ Frame C9E6 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221019/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1666380924&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-jun-xin-yi-pi-sheng-chang-qi-ban-fei-xing-xue-yuan-jie-ye-you-ge-xin-tu-po.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666380923199&bpp=13&bdt=1569&idt=1785&shv=r20221019&mjsv=m202210130101&ptt=5&saldr=sa&correlator=6940085691434&frm=23&ife=1&pv=2&ga_vid=132312058.1666380925&ga_sid=1666380925&ga_hid=1805836802&ga_fc=0&ga_cid=amp-HZirLDaaJ-8PWpViWbHHdQ&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=856&biw=1600&bih=1200&isw=336&ish=280&ifk=3312327010&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C44775017%2C31060049&oid=2&pvsid=2672479170510720&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.oqtxlyn13en9&fsb=1&dtd=1805
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 16:16:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
11927
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 04 Nov 2022 16:16:39 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221019/r20110914/client/ Frame C9E6 		17 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221019/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1666380924&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-jun-xin-yi-pi-sheng-chang-qi-ban-fei-xing-xue-yuan-jie-ye-you-ge-xin-tu-po.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666380923199&bpp=13&bdt=1569&idt=1785&shv=r20221019&mjsv=m202210130101&ptt=5&saldr=sa&correlator=6940085691434&frm=23&ife=1&pv=2&ga_vid=132312058.1666380925&ga_sid=1666380925&ga_hid=1805836802&ga_fc=0&ga_cid=amp-HZirLDaaJ-8PWpViWbHHdQ&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=856&biw=1600&bih=1200&isw=336&ish=280&ifk=3312327010&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C44775017%2C31060049&oid=2&pvsid=2672479170510720&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.oqtxlyn13en9&fsb=1&dtd=1805
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
cafe /
Resource Hash
f2dbee6e8cb9bff59607fadf14404bd7fca23c704c0677fc43b902e4e15de00f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 18:42:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3190
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7569
x-xss-protection
0
server
cafe
etag
4237063375490391177
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 04 Nov 2022 18:42:16 GMT
l
www.google.com/ads/measurement/ Frame C9E6 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTz_7cJ6ixhnDZV-DvUdGgFiJz7Tm2lVvgBZtcbP2DFMTHKN4r1tBhOW6P03_25rBMTlvAnXAzxw0fSfxXR7R4x2tWULg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1666380924&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-jun-xin-yi-pi-sheng-chang-qi-ban-fei-xing-xue-yuan-jie-ye-you-ge-xin-tu-po.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666380923199&bpp=13&bdt=1569&idt=1785&shv=r20221019&mjsv=m202210130101&ptt=5&saldr=sa&correlator=6940085691434&frm=23&ife=1&pv=2&ga_vid=132312058.1666380925&ga_sid=1666380925&ga_hid=1805836802&ga_fc=0&ga_cid=amp-HZirLDaaJ-8PWpViWbHHdQ&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=856&biw=1600&bih=1200&isw=336&ish=280&ifk=3312327010&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C44775017%2C31060049&oid=2&pvsid=2672479170510720&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.oqtxlyn13en9&fsb=1&dtd=1805
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f99.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C9E6 		152 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1666380924&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-jun-xin-yi-pi-sheng-chang-qi-ban-fei-xing-xue-yuan-jie-ye-you-ge-xin-tu-po.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666380923199&bpp=13&bdt=1569&idt=1785&shv=r20221019&mjsv=m202210130101&ptt=5&saldr=sa&correlator=6940085691434&frm=23&ife=1&pv=2&ga_vid=132312058.1666380925&ga_sid=1666380925&ga_hid=1805836802&ga_fc=0&ga_cid=amp-HZirLDaaJ-8PWpViWbHHdQ&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=856&biw=1600&bih=1200&isw=336&ish=280&ifk=3312327010&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C44775017%2C31060049&oid=2&pvsid=2672479170510720&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.oqtxlyn13en9&fsb=1&dtd=1805
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f155.1e100.net
Software
sffe /
Resource Hash
66acb48e5d896c024b5ce7003d0375794e4a6603e8454e902ea448db160884d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:35:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47476
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1666179788250400"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 21 Oct 2022 19:35:26 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C9E6 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CKqTI9IScDXvdRZKhsCPwFQvkTAV1sW8Np41ZCLyPOT0-S0KOiGIy1JX5S-ic8I27FxDNbnxZkGW4UnT_lfHycHRt3bNxTefWXIt9iXvZUrIxsPwM
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1666380924&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-jun-xin-yi-pi-sheng-chang-qi-ban-fei-xing-xue-yuan-jie-ye-you-ge-xin-tu-po.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666380923199&bpp=13&bdt=1569&idt=1785&shv=r20221019&mjsv=m202210130101&ptt=5&saldr=sa&correlator=6940085691434&frm=23&ife=1&pv=2&ga_vid=132312058.1666380925&ga_sid=1666380925&ga_hid=1805836802&ga_fc=0&ga_cid=amp-HZirLDaaJ-8PWpViWbHHdQ&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=856&biw=1600&bih=1200&isw=336&ish=280&ifk=3312327010&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C44775017%2C31060049&oid=2&pvsid=2672479170510720&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.oqtxlyn13en9&fsb=1&dtd=1805
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:35:26 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame AA0B 		624 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CMDNlQEQgZDNoQMY6Nm30QEwAQ&v=APEucNXH_SAEU9F0VSofdv2-jFgmCWWNieCAVGL-VWZ1o9-OozYeRleW1zWo2_8IH0MySnXy0NGaGKAbek5kuTaX4cVcmDI1xQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1666380925&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-jun-xin-yi-pi-sheng-chang-qi-ban-fei-xing-xue-yuan-jie-ye-you-ge-xin-tu-po.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666380923282&bpp=12&bdt=1667&idt=1810&shv=r20221019&mjsv=m202210130101&ptt=5&saldr=sa&correlator=6940085691434&frm=23&ife=1&pv=1&ga_vid=991348202.1666380925&ga_sid=1666380925&ga_hid=786545097&ga_fc=0&ga_cid=amp-HZirLDaaJ-8PWpViWbHHdQ&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=3533403246&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C31069972%2C44774605%2C44775016%2C44773747&oid=2&pvsid=746497570079959&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.8pw8mhuqgu1f&fsb=1&dtd=1826
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1666380925&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-jun-xin-yi-pi-sheng-chang-qi-ban-fei-xing-xue-yuan-jie-ye-you-ge-xin-tu-po.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666380923282&bpp=12&bdt=1667&idt=1810&shv=r20221019&mjsv=m202210130101&ptt=5&saldr=sa&correlator=6940085691434&frm=23&ife=1&pv=1&ga_vid=991348202.1666380925&ga_sid=1666380925&ga_hid=786545097&ga_fc=0&ga_cid=amp-HZirLDaaJ-8PWpViWbHHdQ&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=3533403246&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C31069972%2C44774605%2C44775016%2C44773747&oid=2&pvsid=746497570079959&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.8pw8mhuqgu1f&fsb=1&dtd=1826
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
276
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 21 Oct 2022 19:35:26 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 4A48 		80 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DvkoPcYkS5w05f50iVQ3KGyq02W6jO7H4oSGh8LsoPHEVooAx35Jqb-cqQd0Bq5AlJM4mzM7oF0aT44ftu84M7oouRfA&cry=1&dbm_d=AKAmf-Ali6hW9Lt5mEOkfwSBg9TOHh5y7-uqgyjCFCrEojMFWwHr-c6uLJvgu_-iZiMStFnxQQv7e9wdHX1Ot6RdBxlkpMj7tipn1V-KvvT9BvxvTOH_E1pA_gyUUin7xGc8m8mA_VmuggMY6U-9Uuw1DL2eqCIdcCYjn_aCXrQ2TFQxw2PWXhePHYywra60u-B2-FAkQSqF9lRdRQF1oSBFiviy4zfLfiPYtuPQpNuWA6Q_FgpBxw-m0rYI_Qvjy_XG7FwJDGVZxgrS2EmX_p-RYeOtbM-V8_20Yo3iUw4MKjj7mcF-Zr8OnrSZYkJddsju68_xbNlYCwEVcMSiUKydqjeB7Sr935AK_9426srBUYAH7W0kqi2vBiQf5HaQ_zqNAC7EKQCCa4zq6T7IcBG4ShDuV7urlAOJk1KJnQ4txU_IvUS8NOJ9yALpjfA-dDyTfrPb_diPoAHCLd-HqL4V-16c8uS8AFEFXR9paAJMvwCnddZ_pnsCIJTmtOQQ20bvjGDLEE1Fdfdab2Z5Z-Au61cQZCmtJUT0sOJJF88UjajpXBgZtMk3t2DpyNeAiYa8Hl3-Pb6xskro59-3xTe_SN0zFxTByjNVxNRhctM5R7YywwjMrpNQkn0rR4eQ1_2CQKK6Yyav-Y4hxQqc_kH9BCT4CeOVIS9Ku_hrpYFHx_7W_HxRhEXQTOrU_GiS2dUuVkmfVQjZBJZpJdviCGDq2LvMOPC_n1H6H-E1JW8CA-rVPw3njo-0NmX28cmlc95zaDATxuYKfRTPrAqMcoWQUMG2FesWX8dCXOPR8AmClXUXmXPd9IEjPbs49OkfvDEtsAg34lvf5k2ATwzluQjONE7OAylr9dcYcL9kGIAWfrRtU3KjMgLABkRBTNSron8TtAu1a49l2y_Lnd4S6-0QHpabnk2wg3ROx6sjvpgpjjHN52D_vuqj9mJ1tiiLONEBrpcpDhjL2E-qqgLC90Pdk-RGBCG6ruqyafYYduO39SmT0olA01ICT0bF3HZFg4pSDb0fTifSrrE1hhuL7rp-FfZkLUd2QBJAckq_wdrnswIKs83MZ70Np82NIEpexPPdZRFne0aCOKnWRwazzHYdJy8-INQqOXLKa-vBNugKy1TEizFuzEOud4Vx5bKftLrhZOe2XjlCYweqYSUtmWrcck02___Zen-cfcfPDpJPYOPgxPNwOuMDnJbyvIw7gg3Ge4MbyeISu4U-TlsBAW92mnl365ZN268uqtKMR2UIoK8ntuZo7iK_IvJ2EqGVQvYPq699Pc2_jJpdpccPiGhRO000aJT2Xd3zJ-qqILy2_igRBKXF0OILYPOhaNRGqQDtYOBgs2JFWA9iDbue5C-_lrr1fwxmyhs1wxFHhWHrKVzuWKWrHsLeuA_46E-Yut2It_4h4rQBT22zpLs9KusjSadnfRkvaCCkvgYR2RRXUUGojdHYz1WDf0_zH44MJicFB5_e3Ka9yAEKCMgHeOyBUXxF7rm3hg1a9QQUX1X8-rsY_RDHBO5VfVy3PcjDu0eKsXIuKEv3B1Gyj-9C6HPhQzwSRX_jOelxp3Dh75x6vjbxdFwDy_h_h-annNdRjwDqgBx68RqG72puv94zYRv4JOdi17GTTy7PADqiz4OdSLQC_9lqqSNNeqb0-bNclH197sTKbbWUdPKY-Vbk1dPrdchc7GUNr5VpqlqZ4c_7IpwGapGRv1N5FfouloPDNQG0v5Yey1_pkvWo_27_LO0Hue79evvEJoLAnts1LdES7G-qV_OX21BcH1tGaYaqiiEZKVyM3j4OshdL8dlaWbQu_fQmvDK7i58gXyk_6-dVw-4KyzGf3x2kAZ20LKnhvqF5N7Vm5COoJ-T53ZUqxsH8ec5Coa0qdJlxLYM63x9RxepG3J1n5OzCb4niXNJsORPuPLXK4oDrUIBfwcGTIWJhpygpReSHqNbFImFvgOixlZCT2XwuJvEi54WXKVx65Ij0bMXO8YeSw2tvHZIuWerLcvkxGcx8IR0QCj1U8cwBwusyCIEYAztWNuetPs7R4yDPgKPwdAu7TFuLn3LkygUL4cgv_aLFK9PBHcJRpgrwTE9Lb_N7MQMlUWFdckYxigBabUPr9CDl4h1UeQTc0p7SO_1ypncF-WjRDsxc9lJ_1Y8EVOFwyVNtTKowdqqp2-ftSrZUJqwG5EwwtwXmYk6f3WHz8JuPjNT7g-KMPl-nUnXUHaEIvGGQEBEZuhaeBtcSt5WN0qplZLygYSdT3di-xeC6hziIvhbBu1yfwlZW6JvNl3VGDiyCOiMCYFAvJLSSgER6dV6GrDtYYWaAmpsc8CMEdIVxWFTo0Yi_ofD_YVXnYjfqLMW31tSmw1RRdWLaaEQwuC6hei7KW2oe64R6Npy_v_oBgPsyVR_ksnnXgCQCg8NUjroPSKKDQs9oxQMqUXoUqFlyVI_OMaUwj0nEpAmvOUUWOXRDhlMBvvAa-POUw-q5LSpb0xulHcw8Iw_hWtMGHVHiMJdG5gSnceGRFdhV_oV0W2O7048z4shjq9ocZwWhs1PA41YBKBDAQy4oCiS01Agaoe-J_fiYodqtpGH0wKfQkH3cKjzC_RDBIZPS6mm9MbEiDNjdO-ZiQVk685ETWXW0axCSl9WtHBcli3nYRbpgpeATS00bx1x4MN9OgVnahYS6KymyDKAABHuEQl-MNP2G2AOt3MILDOcWIU0oZtDHfbh2qJMqPXK7wIpwxjvGhWx93e_0Pux7o65WeGFbDxJ0Kik0Olgdz-P-WUudGrPTbdWAVwfMbUSdzGHDDsm1SpNlXx9deAsr71cBl2x5TP_Tx6U7bFYhiRHboAJjzMRXwJhnX-I78JYFuV850fk_W4z1NImsZZkwHMv235fU7_RSgh5fb-CzO2_agrKC7zUt1nQ61ERFrt-TmleDVw8Ysz0PBAzZDWnGNefNnM0o2kjf_mIHURlc2lOSJPpn4oDChwvSRbCaslBHOvoh_YktpCt7Qi_1c493BwtZWoyjv55cICfY6u99yfzCDe7aSP96Xuyj3mWGHYwJ_mUDR0I_pwLms2HBT8CZPNJ4uh6delNix3o7vLnavttthBmNUny2AylBYieimv_R64j-CTrUZK1Ye--cutFNPuuhet23kC3EUhTGZewblcCTnzmRrkHMDur73-kzkNnRXHjgu7apKBCY60BKd0Fll6VFwxbD9Jg8qYGQvjEUxL6uPRqON6xOQfVhqzwsKXp9W9Wz_ntzq9OQQpFWynDFCLyGLsoQIjP_UqevbrUfHXZh8tmujwP99Sed_wfAY_9IEOUSPqYM0HCs-DnKr-uym25jG9xVUJwlrGUS2gqE8r1oWdMhH8v2UePyvguQlQC1YCCWo0iX9bhfxQcRzZ-JxtjsMd_XziXe5HKdQfscUWXORkm03lWX3w&cid=CAQSKQDq26N9NDRoRAxuNtaQp_9GhKXc-OO7oiDY2x4xDzLHGupY14wHRJ3CGAEgDg&rfl=3%2Chttps%253A%252F%252Fwww.bg3.co%242%2Chttps%253A%252F%252Fwww.bg3.co%252F%240
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-jun-xin-yi-pi-sheng-chang-qi-ban-fei-xing-xue-yuan-jie-ye-you-ge-xin-tu-po.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
b92fc84da1b620da13bd9c59c923d0b9cc03748b1f19c295a26e65e9d5e6de0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1666380925&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-jun-xin-yi-pi-sheng-chang-qi-ban-fei-xing-xue-yuan-jie-ye-you-ge-xin-tu-po.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666380923282&bpp=12&bdt=1667&idt=1810&shv=r20221019&mjsv=m202210130101&ptt=5&saldr=sa&correlator=6940085691434&frm=23&ife=1&pv=1&ga_vid=991348202.1666380925&ga_sid=1666380925&ga_hid=786545097&ga_fc=0&ga_cid=amp-HZirLDaaJ-8PWpViWbHHdQ&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=3533403246&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C31069972%2C44774605%2C44775016%2C44773747&oid=2&pvsid=746497570079959&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.8pw8mhuqgu1f&fsb=1&dtd=1826
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:35:26 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34371
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221019/r20110914/client/ Frame 4A48 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221019/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1666380925&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-jun-xin-yi-pi-sheng-chang-qi-ban-fei-xing-xue-yuan-jie-ye-you-ge-xin-tu-po.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666380923282&bpp=12&bdt=1667&idt=1810&shv=r20221019&mjsv=m202210130101&ptt=5&saldr=sa&correlator=6940085691434&frm=23&ife=1&pv=1&ga_vid=991348202.1666380925&ga_sid=1666380925&ga_hid=786545097&ga_fc=0&ga_cid=amp-HZirLDaaJ-8PWpViWbHHdQ&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=3533403246&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C31069972%2C44774605%2C44775016%2C44773747&oid=2&pvsid=746497570079959&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.8pw8mhuqgu1f&fsb=1&dtd=1826
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 16:16:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
11927
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 04 Nov 2022 16:16:39 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221019/r20110914/client/ Frame 4A48 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221019/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1666380925&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-jun-xin-yi-pi-sheng-chang-qi-ban-fei-xing-xue-yuan-jie-ye-you-ge-xin-tu-po.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666380923282&bpp=12&bdt=1667&idt=1810&shv=r20221019&mjsv=m202210130101&ptt=5&saldr=sa&correlator=6940085691434&frm=23&ife=1&pv=1&ga_vid=991348202.1666380925&ga_sid=1666380925&ga_hid=786545097&ga_fc=0&ga_cid=amp-HZirLDaaJ-8PWpViWbHHdQ&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=3533403246&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C31069972%2C44774605%2C44775016%2C44773747&oid=2&pvsid=746497570079959&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.8pw8mhuqgu1f&fsb=1&dtd=1826
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
cafe /
Resource Hash
f2dbee6e8cb9bff59607fadf14404bd7fca23c704c0677fc43b902e4e15de00f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 18:42:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3190
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7569
x-xss-protection
0
server
cafe
etag
4237063375490391177
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 04 Nov 2022 18:42:16 GMT
l
www.google.com/ads/measurement/ Frame 4A48 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaS0VwTizk2bX_kyd_4CFKC_XmrS3Sv4fExeuSOdn6Mf1CrouHPZp8bM2AU43C-wQC56hW7Z5SNdme7iN-6Syw7kAbkBzA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1666380925&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-jun-xin-yi-pi-sheng-chang-qi-ban-fei-xing-xue-yuan-jie-ye-you-ge-xin-tu-po.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666380923282&bpp=12&bdt=1667&idt=1810&shv=r20221019&mjsv=m202210130101&ptt=5&saldr=sa&correlator=6940085691434&frm=23&ife=1&pv=1&ga_vid=991348202.1666380925&ga_sid=1666380925&ga_hid=786545097&ga_fc=0&ga_cid=amp-HZirLDaaJ-8PWpViWbHHdQ&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=3533403246&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C31069972%2C44774605%2C44775016%2C44773747&oid=2&pvsid=746497570079959&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.8pw8mhuqgu1f&fsb=1&dtd=1826
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f99.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4A48 		152 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1666380925&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-jun-xin-yi-pi-sheng-chang-qi-ban-fei-xing-xue-yuan-jie-ye-you-ge-xin-tu-po.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666380923282&bpp=12&bdt=1667&idt=1810&shv=r20221019&mjsv=m202210130101&ptt=5&saldr=sa&correlator=6940085691434&frm=23&ife=1&pv=1&ga_vid=991348202.1666380925&ga_sid=1666380925&ga_hid=786545097&ga_fc=0&ga_cid=amp-HZirLDaaJ-8PWpViWbHHdQ&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=3533403246&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C31069972%2C44774605%2C44775016%2C44773747&oid=2&pvsid=746497570079959&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.8pw8mhuqgu1f&fsb=1&dtd=1826
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f155.1e100.net
Software
sffe /
Resource Hash
66acb48e5d896c024b5ce7003d0375794e4a6603e8454e902ea448db160884d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:35:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47476
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1666179788250400"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 21 Oct 2022 19:35:26 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4A48 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BLRio5binXPzRtRJe_QST54BM4OF8Pq1j2pcEpKJQwBAwVXSZm4mF9IcvE42iehbbZIm5CDYg6naCAp1-clkdTEWjnfxtqDGNMXMBjqTKw6aKwm0I
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1666380925&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-jun-xin-yi-pi-sheng-chang-qi-ban-fei-xing-xue-yuan-jie-ye-you-ge-xin-tu-po.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666380923282&bpp=12&bdt=1667&idt=1810&shv=r20221019&mjsv=m202210130101&ptt=5&saldr=sa&correlator=6940085691434&frm=23&ife=1&pv=1&ga_vid=991348202.1666380925&ga_sid=1666380925&ga_hid=786545097&ga_fc=0&ga_cid=amp-HZirLDaaJ-8PWpViWbHHdQ&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=3533403246&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C31069972%2C44774605%2C44775016%2C44773747&oid=2&pvsid=746497570079959&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.8pw8mhuqgu1f&fsb=1&dtd=1826
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:35:26 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 683F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJpyf3Wc-oyn0nQMmyIvIqs&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJpyf3Wc-oyn0nQMmyIvIqs&google_cver=1&C=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJpyf3Wc-oyn0nQMmyIvIqs&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMDNlQEQgZDNoQMY6Nm30QEwAQ&v=APEucNU3cbTq8B3TJtUWVeF6xxxmAaWWBfjmnL0cMwp1BD3_G85BFDGsYBMxq6rTnx1jEQrYzMuXgs95vK_WLHVGQepFJsQi1A
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 21 Oct 2022 19:35:27 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Fri, 21 Oct 2022 19:35:26 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
/rum?cm_dsp_id=45&external_user_id=CAESEJpyf3Wc-oyn0nQMmyIvIqs&google_cver=1&C=1
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
0
Expires
0
rum
dsum-sec.casalemedia.com/ Frame 683F
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y1L0fpUVRrvg7nfAfPh9bgAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJpyf3Wc-oyn0nQMmyIvIqs&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJpyf3Wc-oyn0nQMmyIvIqs&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMDNlQEQgZDNoQMY6Nm30QEwAQ&v=APEucNU3cbTq8B3TJtUWVeF6xxxmAaWWBfjmnL0cMwp1BD3_G85BFDGsYBMxq6rTnx1jEQrYzMuXgs95vK_WLHVGQepFJsQi1A
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 21 Oct 2022 19:35:27 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:35:27 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJpyf3Wc-oyn0nQMmyIvIqs&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bounce
ib.adnxs.com/ Frame 683F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEHlynJs02mHlFuymEVMl5Oo&google_cver=1
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEHlynJs02mHlFuymEVMl5Oo%26google_cver%3D1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEHlynJs02mHlFuymEVMl5Oo%26google_cver%3D1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMDNlQEQgZDNoQMY6Nm30QEwAQ&v=APEucNU3cbTq8B3TJtUWVeF6xxxmAaWWBfjmnL0cMwp1BD3_G85BFDGsYBMxq6rTnx1jEQrYzMuXgs95vK_WLHVGQepFJsQi1A
Protocol
HTTP/1.1
Server
104.254.151.120 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
908.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 21 Oct 2022 19:35:26 GMT
AN-X-Request-Uuid
f98cb87e-af0d-45b0-ab60-915bbb957522
Server
nginx/1.21.3
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
173.245.209.130; 173.245.209.130; 908.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 21 Oct 2022 19:35:26 GMT
AN-X-Request-Uuid
e5d119fa-dcbb-4dc5-814b-77df75c462e9
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEHlynJs02mHlFuymEVMl5Oo%26google_cver%3D1
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
173.245.209.130; 173.245.209.130; 908.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 683F
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzcwMDA5NDU4NjcwODkxNTcxNg%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzcwMDA5NDU4NjcwODkxNTcxNg%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMDNlQEQgZDNoQMY6Nm30QEwAQ&v=APEucNU3cbTq8B3TJtUWVeF6xxxmAaWWBfjmnL0cMwp1BD3_G85BFDGsYBMxq6rTnx1jEQrYzMuXgs95vK_WLHVGQepFJsQi1A
Protocol
H3
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:35:27 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 21 Oct 2022 19:35:26 GMT
AN-X-Request-Uuid
3369c9b6-88cb-4b9f-8501-103ca22a8f17
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzcwMDA5NDU4NjcwODkxNTcxNg%3D%3D
Connection
keep-alive
X-Proxy-Origin
173.245.209.130; 173.245.209.130; 908.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rules-p-54Nt-1NAaEEe0.js
rules.quantcount.com/ 		160 B
632 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-54Nt-1NAaEEe0.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.254.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-254-36.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:05:05 GMT
via
1.1 aba148aded8f2a574ac37012d8a4aeee.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN52-C3
age
1823
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
160
last-modified
Thu, 13 Oct 2022 15:29:19 GMT
server
AmazonS3
etag
"05b131079c67d484167fd1b1f6c79577"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
cR87cj6KpBTQ-ywCo0f2uMClM5SgzGki232a9P0wavqrLR3TAqg_yg==
rum
dsum-sec.casalemedia.com/ Frame AA0B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJpyf3Wc-oyn0nQMmyIvIqs&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJpyf3Wc-oyn0nQMmyIvIqs&google_cver=1&C=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJpyf3Wc-oyn0nQMmyIvIqs&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMDNlQEQgZDNoQMY6Nm30QEwAQ&v=APEucNXH_SAEU9F0VSofdv2-jFgmCWWNieCAVGL-VWZ1o9-OozYeRleW1zWo2_8IH0MySnXy0NGaGKAbek5kuTaX4cVcmDI1xQ
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 21 Oct 2022 19:35:27 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Fri, 21 Oct 2022 19:35:26 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
/rum?cm_dsp_id=45&external_user_id=CAESEJpyf3Wc-oyn0nQMmyIvIqs&google_cver=1&C=1
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
0
Expires
0
rum
dsum-sec.casalemedia.com/ Frame AA0B
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y1L0fn7yrPLoQcPWgjaiogAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJpyf3Wc-oyn0nQMmyIvIqs&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJpyf3Wc-oyn0nQMmyIvIqs&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMDNlQEQgZDNoQMY6Nm30QEwAQ&v=APEucNXH_SAEU9F0VSofdv2-jFgmCWWNieCAVGL-VWZ1o9-OozYeRleW1zWo2_8IH0MySnXy0NGaGKAbek5kuTaX4cVcmDI1xQ
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 21 Oct 2022 19:35:27 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:35:27 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJpyf3Wc-oyn0nQMmyIvIqs&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bounce
ib.adnxs.com/ Frame AA0B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEHlynJs02mHlFuymEVMl5Oo&google_cver=1
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEHlynJs02mHlFuymEVMl5Oo%26google_cver%3D1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEHlynJs02mHlFuymEVMl5Oo%26google_cver%3D1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMDNlQEQgZDNoQMY6Nm30QEwAQ&v=APEucNXH_SAEU9F0VSofdv2-jFgmCWWNieCAVGL-VWZ1o9-OozYeRleW1zWo2_8IH0MySnXy0NGaGKAbek5kuTaX4cVcmDI1xQ
Protocol
HTTP/1.1
Server
104.254.151.120 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
908.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 21 Oct 2022 19:35:27 GMT
AN-X-Request-Uuid
ba092cec-7607-41bf-8572-8306928b0dc7
Server
nginx/1.21.3
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
173.245.209.130; 173.245.209.130; 908.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 21 Oct 2022 19:35:26 GMT
AN-X-Request-Uuid
3469cfe3-0e6e-4b9e-85ea-a05e871e5db1
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEHlynJs02mHlFuymEVMl5Oo%26google_cver%3D1
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
173.245.209.130; 173.245.209.130; 908.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame AA0B
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzk4MzU0NzA0NzExODI0Njk5Ng%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzk4MzU0NzA0NzExODI0Njk5Ng%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMDNlQEQgZDNoQMY6Nm30QEwAQ&v=APEucNXH_SAEU9F0VSofdv2-jFgmCWWNieCAVGL-VWZ1o9-OozYeRleW1zWo2_8IH0MySnXy0NGaGKAbek5kuTaX4cVcmDI1xQ
Protocol
H3
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:35:27 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 21 Oct 2022 19:35:26 GMT
AN-X-Request-Uuid
28b8a183-791e-4201-a8f2-27fbd464e472
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzk4MzU0NzA0NzExODI0Njk5Ng%3D%3D
Connection
keep-alive
X-Proxy-Origin
173.245.209.130; 173.245.209.130; 908.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame C9E6 		106 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-jun-xin-yi-pi-sheng-chang-qi-ban-fei-xing-xue-yuan-jie-ye-you-ge-xin-tu-po.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f148.1e100.net
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 01:23:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
65518
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 22 Oct 2022 01:23:28 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20221019/r20110914/elements/html/ Frame C9E6 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221019/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BOTubWldF59j4kWg-91lp8lIcbJru1yPC8XVIXqtL8-2i89_Trory6krrmRDgtpTqJzx3d3oyxJjTgmeNTJHoCLbV7pw&cry=1&dbm_d=AKAmf-CSk28B_SG76bCDTUu6Gs6CImtq6kVR0I1ASW_OpAQ6PuIB7LMt6zoAl82BLXhiIwk9sO-cwKRJozOeT6986FZuJ16lzfIpQ6bG4Wj2Rvr5b3DA3G7B-YQNgFe8dfhlyhZVSGfrYxsvDQ7ok7yc9xPFVKwHJIOQFZRpLq5UMn6X_sDh5WaI0P_-NSIPqutM7uphrOn3Rx_JOHGxKQkjP6Remi2SLCPfhXb-HwGHO2zUJ3WyQY5MgldodB9cMF19lG4OW9isgQaK5XEEORpOucI9vsLsGp21VcjF3SVs6fcsIk2bx7dDsNC1ShY1fieTZd_eHtDkB6tai0__OUla7KU-Dq95O90j3Ug8UqSxd6wHAmRspnKcTSh7shpaFQU2UlDrkWHwHgZy6_XD2EjRfZJDhtfJzlcl6ekJT0B8gcZHt_aUEfilKXNxZjJPO4W3q5IxZRw4DhEKnm8Br-vzah7Dy_cuWMdh1ozxx6sJREs1EcpiVRv6g3k57PNM2BKQy5De1-BipIgOs5bcpVpL7nTQRkIkuBxBbH1vvVWvBmZI5t7JAoreLYK-5bzUVKOZ8HCxYnWUi9dndAkBoCk58JYwUi_0Szp1hB_AxoH4x6rLMBDLMPHLd5IeNQOMHXN1gtMdc3cY9IV6cvSkuAoD9VZ9kUAbkvvZ1c-TswRzFGEawwNG5dl5CqwSrny5uCY4a8OfBIIAzjd0CFHxvvb08ze34ooqLxCM1Qh3k1Re7i6aCucrMaxPumrvs7UGbWIT5pP86xVrQJuYX4U_Oh4ZrqmwTJWPHFAlvH_D0d5McvmnDQgwnsUAyNX_3B8M_enQWxDR8ciUTx3OE-WKMcgt857ZSszKknLNaBs8XaCMtD_lSocagKcGj-Xgbc3sLx1XERAC5coho6jzWN5-8IlLqcKz59ntQP4I30QR5zFwyN_b_YaR1wNSO_KVY6sLrIfzV1CFSRUegwla38aeUANZtW7uASsr8UwWF1rCT0mRwt9maCRJFtdvbsTJZSBGI3hOWje1GAqE99dkUsWcE_7XvUkO5oY_S1nCzB7wBz5PR-NDTIKG5X5ixBS6rsTqcVR4gT6bBeGX8kCsm5EKbrpY6MJdkYCjgc8ZOLkEK6v1vULJnY1PpX1pnJPlGty5hBVojtxTjFvbe537k0dkR0To4fm4FqafjG2GyUdENyPAwy1buGn3hBw8wzBoamsUC6d1tuMNCzXlqJ2YyNrukeuCgbbaJ4-iRTKD4D6mD_syaLmVrE5eJp5GbVltwzA66yIOREhP77RNGVufKca2a0hovBFHaqdHbNMObnMi65PEMt0qTqp1rnqGlXBfwv4BBgW7kdrf4mu0OA00FNALXgrmQ_eciKlQCUpkWn7M1gY-8-8ynU6ObQGtc7wA_p_LxM55TqJ0_a0oL83sdlDgURcmslSEQPKPOoe24azbPCD-loFmVB2vZLhFJKaf5jP2CBr45P7BOLOawEmFqEcM9LQ77ZfbcEW0RtoKI8C2mPxr4po2pMM3kRzy3SNLBfIEJInsC4YHkVCktk9kpePIbjGLqfnMYzgMmNO6WzFD7bqz1XZrjwqwBulQ6otpqvWEO2yrnsuMS87ct3a66NoAvlKA0JwNJKFRuY_Yp8-SQiTICdcxC1XLhyd00bJjFUeOyFC_vxfiK5EHFWkrW1_xfV03f5iY9W1eQOWhKYmNFF6xwvjZN5wCHZQsT3sQSRGRq5FXXimF7p1LFTpAzSVRi7uXcQgAsvbAVmhbo_TXci5XroB0NZv-DU3_TWHA949vLMc-afurUyx-Ypi2pp4FysmXJnIw6eqsV0VT7diMYFQTEslyq_aVpvcC_wy85p3773pFUpS0vAjKfEpLkRkUNPCbd2jZbPIWM2h9m-2_1akGFxI2UbYI676GKlibDUaKEu-VZl5-AblgmVI7LaxHFHhCok7rHj-aM06DarSh-88tnIxqD8h1tOQvo_F9gXzD_oF1C42zZu65Mw0c1lURF8-6bHjkj30AmzUXD2qmKOmJj02DU2gKHyRHC6mU95bpH037KztQCuLAtmGQhZ5VqkQkXn0XZMMgc2Fma8rxy9KxSLzgXXH7sijrWYpvzV64x6HeolhTlm_7hEhsN5Uh0WKjVvCfNzxV9YMhTESHU97u970LUMhkyIVZsrbhJmX6z26iDXfv-r2wuP9xRSdjqzi_GEzKFF5dSl6XRZlKC-rt7R_Mv-TyzVE7MbMxdZuwB5pXdYQdLHF1tM-eQ75nLX3P1iXK8XMkcBWQ-FhubsHftJ-jlCwsK-xXZiLYcu6dXklumvF22d9UiwB9WakfcLWgujdTRYwlkiOBO7R89mN4rw7ZTW8t0_w2VXz1aVDK65xvsUvzRC7Ua7NK52T5O0_mA1nWfZqtRf99qE18CqDI74ALi5S3pppRKxFqHs6EMssOMZBoxEOegYJXctwnTpHRprA2artAIJJTBfXLZp6pHF1YHL1pgZKbDVK1rhID3e5ZlkquHgSHuS0PMhgKKETo7hcQgNJyZoG3Nu1KvWDWv8YM3Ghsr2B-B4U4M_BeNkL-V-O-Fmw9fhqZRQRNmhYS834Tt62CLU5oc20fgNyhIynRyByawZLsu5a-IPldPfAh9BHS6IY6fACaI1QBzh_meewkitA-6JnswQP-nw3WX7O2h_NrkVJ6VOhSG_c5aUfq3HMB8PeTTZ5aPDR6gu582E57FCzkmb7qtR1UaqRiY9pdsyJxpLihVQLYjbv4CrmBx7iqUNeLwQbFjC4jwKrgbv8NrwYiRozAtev2npuTbEVhWnNXr5EemxlPKFU88hVXNJgnaHHfQcYiUmTQLCp_o2HZlnb9H-sfYQG06FG5kxMrCLaYF6yvh7GWciV_lINwxS2cvGkRoGErM4mQboPMbZb9950fY_6GBYAu8ezXjPCHqL9GQJRZTdfg0HcEcHj6Ch_OjEuRxjG0oIgssrbwdIMyJS3mRTt_SblN8ZWvJmA0Wb1ptmAueJbOM25Ry1NKsIUod89awTHUMapofFLEn_yaatRacMPDyxgKpBekXAt1pGdIiXE4woDUe-xJ_Tz5baYs5qwy2Lg-PGPMEdUMnlyikU4ItxvyVenw8oZhH3JTMwjjgEwzhnGhacNnAKvGXufTrjVP1rB8-klPMG9p6nL7RvJz4WhT1R2u72bCZmwAKvMTw_1qewGZEWb_VH76vIvKvNvHFBO08El8rit2GTOhJHHl_T5_MowonDPufm9cgriBALctHAFWbODbzPYaUCaMWNfOKvEb2K2-RBLCFHoYOjbI09SobBY69-tvO-6xptU1mfW2WU7h70Wn8QXvIoibErEQft4hyxABuCisxQy96ZZe2C2xXQc-VQsGZgnfWWo34f3AVggDMutSkBcOYx6FuNSo&cid=CAQSKQDq26N9Yryw3u6k7d6zKVODAB7Gb4q0IEhg5TCouksPzkqHV9JuybV9GAEgDg&rfl=3%2Chttps%253A%252F%252Fwww.bg3.co%242%2Chttps%253A%252F%252Fwww.bg3.co%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 18:17:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4660
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3181
x-xss-protection
0
server
cafe
etag
10699485926258732851
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 04 Nov 2022 18:17:46 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20221019/r20110914/ Frame C9E6 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221019/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BOTubWldF59j4kWg-91lp8lIcbJru1yPC8XVIXqtL8-2i89_Trory6krrmRDgtpTqJzx3d3oyxJjTgmeNTJHoCLbV7pw&cry=1&dbm_d=AKAmf-CSk28B_SG76bCDTUu6Gs6CImtq6kVR0I1ASW_OpAQ6PuIB7LMt6zoAl82BLXhiIwk9sO-cwKRJozOeT6986FZuJ16lzfIpQ6bG4Wj2Rvr5b3DA3G7B-YQNgFe8dfhlyhZVSGfrYxsvDQ7ok7yc9xPFVKwHJIOQFZRpLq5UMn6X_sDh5WaI0P_-NSIPqutM7uphrOn3Rx_JOHGxKQkjP6Remi2SLCPfhXb-HwGHO2zUJ3WyQY5MgldodB9cMF19lG4OW9isgQaK5XEEORpOucI9vsLsGp21VcjF3SVs6fcsIk2bx7dDsNC1ShY1fieTZd_eHtDkB6tai0__OUla7KU-Dq95O90j3Ug8UqSxd6wHAmRspnKcTSh7shpaFQU2UlDrkWHwHgZy6_XD2EjRfZJDhtfJzlcl6ekJT0B8gcZHt_aUEfilKXNxZjJPO4W3q5IxZRw4DhEKnm8Br-vzah7Dy_cuWMdh1ozxx6sJREs1EcpiVRv6g3k57PNM2BKQy5De1-BipIgOs5bcpVpL7nTQRkIkuBxBbH1vvVWvBmZI5t7JAoreLYK-5bzUVKOZ8HCxYnWUi9dndAkBoCk58JYwUi_0Szp1hB_AxoH4x6rLMBDLMPHLd5IeNQOMHXN1gtMdc3cY9IV6cvSkuAoD9VZ9kUAbkvvZ1c-TswRzFGEawwNG5dl5CqwSrny5uCY4a8OfBIIAzjd0CFHxvvb08ze34ooqLxCM1Qh3k1Re7i6aCucrMaxPumrvs7UGbWIT5pP86xVrQJuYX4U_Oh4ZrqmwTJWPHFAlvH_D0d5McvmnDQgwnsUAyNX_3B8M_enQWxDR8ciUTx3OE-WKMcgt857ZSszKknLNaBs8XaCMtD_lSocagKcGj-Xgbc3sLx1XERAC5coho6jzWN5-8IlLqcKz59ntQP4I30QR5zFwyN_b_YaR1wNSO_KVY6sLrIfzV1CFSRUegwla38aeUANZtW7uASsr8UwWF1rCT0mRwt9maCRJFtdvbsTJZSBGI3hOWje1GAqE99dkUsWcE_7XvUkO5oY_S1nCzB7wBz5PR-NDTIKG5X5ixBS6rsTqcVR4gT6bBeGX8kCsm5EKbrpY6MJdkYCjgc8ZOLkEK6v1vULJnY1PpX1pnJPlGty5hBVojtxTjFvbe537k0dkR0To4fm4FqafjG2GyUdENyPAwy1buGn3hBw8wzBoamsUC6d1tuMNCzXlqJ2YyNrukeuCgbbaJ4-iRTKD4D6mD_syaLmVrE5eJp5GbVltwzA66yIOREhP77RNGVufKca2a0hovBFHaqdHbNMObnMi65PEMt0qTqp1rnqGlXBfwv4BBgW7kdrf4mu0OA00FNALXgrmQ_eciKlQCUpkWn7M1gY-8-8ynU6ObQGtc7wA_p_LxM55TqJ0_a0oL83sdlDgURcmslSEQPKPOoe24azbPCD-loFmVB2vZLhFJKaf5jP2CBr45P7BOLOawEmFqEcM9LQ77ZfbcEW0RtoKI8C2mPxr4po2pMM3kRzy3SNLBfIEJInsC4YHkVCktk9kpePIbjGLqfnMYzgMmNO6WzFD7bqz1XZrjwqwBulQ6otpqvWEO2yrnsuMS87ct3a66NoAvlKA0JwNJKFRuY_Yp8-SQiTICdcxC1XLhyd00bJjFUeOyFC_vxfiK5EHFWkrW1_xfV03f5iY9W1eQOWhKYmNFF6xwvjZN5wCHZQsT3sQSRGRq5FXXimF7p1LFTpAzSVRi7uXcQgAsvbAVmhbo_TXci5XroB0NZv-DU3_TWHA949vLMc-afurUyx-Ypi2pp4FysmXJnIw6eqsV0VT7diMYFQTEslyq_aVpvcC_wy85p3773pFUpS0vAjKfEpLkRkUNPCbd2jZbPIWM2h9m-2_1akGFxI2UbYI676GKlibDUaKEu-VZl5-AblgmVI7LaxHFHhCok7rHj-aM06DarSh-88tnIxqD8h1tOQvo_F9gXzD_oF1C42zZu65Mw0c1lURF8-6bHjkj30AmzUXD2qmKOmJj02DU2gKHyRHC6mU95bpH037KztQCuLAtmGQhZ5VqkQkXn0XZMMgc2Fma8rxy9KxSLzgXXH7sijrWYpvzV64x6HeolhTlm_7hEhsN5Uh0WKjVvCfNzxV9YMhTESHU97u970LUMhkyIVZsrbhJmX6z26iDXfv-r2wuP9xRSdjqzi_GEzKFF5dSl6XRZlKC-rt7R_Mv-TyzVE7MbMxdZuwB5pXdYQdLHF1tM-eQ75nLX3P1iXK8XMkcBWQ-FhubsHftJ-jlCwsK-xXZiLYcu6dXklumvF22d9UiwB9WakfcLWgujdTRYwlkiOBO7R89mN4rw7ZTW8t0_w2VXz1aVDK65xvsUvzRC7Ua7NK52T5O0_mA1nWfZqtRf99qE18CqDI74ALi5S3pppRKxFqHs6EMssOMZBoxEOegYJXctwnTpHRprA2artAIJJTBfXLZp6pHF1YHL1pgZKbDVK1rhID3e5ZlkquHgSHuS0PMhgKKETo7hcQgNJyZoG3Nu1KvWDWv8YM3Ghsr2B-B4U4M_BeNkL-V-O-Fmw9fhqZRQRNmhYS834Tt62CLU5oc20fgNyhIynRyByawZLsu5a-IPldPfAh9BHS6IY6fACaI1QBzh_meewkitA-6JnswQP-nw3WX7O2h_NrkVJ6VOhSG_c5aUfq3HMB8PeTTZ5aPDR6gu582E57FCzkmb7qtR1UaqRiY9pdsyJxpLihVQLYjbv4CrmBx7iqUNeLwQbFjC4jwKrgbv8NrwYiRozAtev2npuTbEVhWnNXr5EemxlPKFU88hVXNJgnaHHfQcYiUmTQLCp_o2HZlnb9H-sfYQG06FG5kxMrCLaYF6yvh7GWciV_lINwxS2cvGkRoGErM4mQboPMbZb9950fY_6GBYAu8ezXjPCHqL9GQJRZTdfg0HcEcHj6Ch_OjEuRxjG0oIgssrbwdIMyJS3mRTt_SblN8ZWvJmA0Wb1ptmAueJbOM25Ry1NKsIUod89awTHUMapofFLEn_yaatRacMPDyxgKpBekXAt1pGdIiXE4woDUe-xJ_Tz5baYs5qwy2Lg-PGPMEdUMnlyikU4ItxvyVenw8oZhH3JTMwjjgEwzhnGhacNnAKvGXufTrjVP1rB8-klPMG9p6nL7RvJz4WhT1R2u72bCZmwAKvMTw_1qewGZEWb_VH76vIvKvNvHFBO08El8rit2GTOhJHHl_T5_MowonDPufm9cgriBALctHAFWbODbzPYaUCaMWNfOKvEb2K2-RBLCFHoYOjbI09SobBY69-tvO-6xptU1mfW2WU7h70Wn8QXvIoibErEQft4hyxABuCisxQy96ZZe2C2xXQc-VQsGZgnfWWo34f3AVggDMutSkBcOYx6FuNSo&cid=CAQSKQDq26N9Yryw3u6k7d6zKVODAB7Gb4q0IEhg5TCouksPzkqHV9JuybV9GAEgDg&rfl=3%2Chttps%253A%252F%252Fwww.bg3.co%242%2Chttps%253A%252F%252Fwww.bg3.co%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
06da16002b06a44b36022933c8aa72978db6661c4491e40f81ab16ac9b9833d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 18:38:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3437
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11726
x-xss-protection
0
server
cafe
etag
11376305771055881226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 04 Nov 2022 18:38:09 GMT
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 4A48 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-jun-xin-yi-pi-sheng-chang-qi-ban-fei-xing-xue-yuan-jie-ye-you-ge-xin-tu-po.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f148.1e100.net
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 01:23:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
65518
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 22 Oct 2022 01:23:28 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20221019/r20110914/elements/html/ Frame 4A48 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221019/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DvkoPcYkS5w05f50iVQ3KGyq02W6jO7H4oSGh8LsoPHEVooAx35Jqb-cqQd0Bq5AlJM4mzM7oF0aT44ftu84M7oouRfA&cry=1&dbm_d=AKAmf-Ali6hW9Lt5mEOkfwSBg9TOHh5y7-uqgyjCFCrEojMFWwHr-c6uLJvgu_-iZiMStFnxQQv7e9wdHX1Ot6RdBxlkpMj7tipn1V-KvvT9BvxvTOH_E1pA_gyUUin7xGc8m8mA_VmuggMY6U-9Uuw1DL2eqCIdcCYjn_aCXrQ2TFQxw2PWXhePHYywra60u-B2-FAkQSqF9lRdRQF1oSBFiviy4zfLfiPYtuPQpNuWA6Q_FgpBxw-m0rYI_Qvjy_XG7FwJDGVZxgrS2EmX_p-RYeOtbM-V8_20Yo3iUw4MKjj7mcF-Zr8OnrSZYkJddsju68_xbNlYCwEVcMSiUKydqjeB7Sr935AK_9426srBUYAH7W0kqi2vBiQf5HaQ_zqNAC7EKQCCa4zq6T7IcBG4ShDuV7urlAOJk1KJnQ4txU_IvUS8NOJ9yALpjfA-dDyTfrPb_diPoAHCLd-HqL4V-16c8uS8AFEFXR9paAJMvwCnddZ_pnsCIJTmtOQQ20bvjGDLEE1Fdfdab2Z5Z-Au61cQZCmtJUT0sOJJF88UjajpXBgZtMk3t2DpyNeAiYa8Hl3-Pb6xskro59-3xTe_SN0zFxTByjNVxNRhctM5R7YywwjMrpNQkn0rR4eQ1_2CQKK6Yyav-Y4hxQqc_kH9BCT4CeOVIS9Ku_hrpYFHx_7W_HxRhEXQTOrU_GiS2dUuVkmfVQjZBJZpJdviCGDq2LvMOPC_n1H6H-E1JW8CA-rVPw3njo-0NmX28cmlc95zaDATxuYKfRTPrAqMcoWQUMG2FesWX8dCXOPR8AmClXUXmXPd9IEjPbs49OkfvDEtsAg34lvf5k2ATwzluQjONE7OAylr9dcYcL9kGIAWfrRtU3KjMgLABkRBTNSron8TtAu1a49l2y_Lnd4S6-0QHpabnk2wg3ROx6sjvpgpjjHN52D_vuqj9mJ1tiiLONEBrpcpDhjL2E-qqgLC90Pdk-RGBCG6ruqyafYYduO39SmT0olA01ICT0bF3HZFg4pSDb0fTifSrrE1hhuL7rp-FfZkLUd2QBJAckq_wdrnswIKs83MZ70Np82NIEpexPPdZRFne0aCOKnWRwazzHYdJy8-INQqOXLKa-vBNugKy1TEizFuzEOud4Vx5bKftLrhZOe2XjlCYweqYSUtmWrcck02___Zen-cfcfPDpJPYOPgxPNwOuMDnJbyvIw7gg3Ge4MbyeISu4U-TlsBAW92mnl365ZN268uqtKMR2UIoK8ntuZo7iK_IvJ2EqGVQvYPq699Pc2_jJpdpccPiGhRO000aJT2Xd3zJ-qqILy2_igRBKXF0OILYPOhaNRGqQDtYOBgs2JFWA9iDbue5C-_lrr1fwxmyhs1wxFHhWHrKVzuWKWrHsLeuA_46E-Yut2It_4h4rQBT22zpLs9KusjSadnfRkvaCCkvgYR2RRXUUGojdHYz1WDf0_zH44MJicFB5_e3Ka9yAEKCMgHeOyBUXxF7rm3hg1a9QQUX1X8-rsY_RDHBO5VfVy3PcjDu0eKsXIuKEv3B1Gyj-9C6HPhQzwSRX_jOelxp3Dh75x6vjbxdFwDy_h_h-annNdRjwDqgBx68RqG72puv94zYRv4JOdi17GTTy7PADqiz4OdSLQC_9lqqSNNeqb0-bNclH197sTKbbWUdPKY-Vbk1dPrdchc7GUNr5VpqlqZ4c_7IpwGapGRv1N5FfouloPDNQG0v5Yey1_pkvWo_27_LO0Hue79evvEJoLAnts1LdES7G-qV_OX21BcH1tGaYaqiiEZKVyM3j4OshdL8dlaWbQu_fQmvDK7i58gXyk_6-dVw-4KyzGf3x2kAZ20LKnhvqF5N7Vm5COoJ-T53ZUqxsH8ec5Coa0qdJlxLYM63x9RxepG3J1n5OzCb4niXNJsORPuPLXK4oDrUIBfwcGTIWJhpygpReSHqNbFImFvgOixlZCT2XwuJvEi54WXKVx65Ij0bMXO8YeSw2tvHZIuWerLcvkxGcx8IR0QCj1U8cwBwusyCIEYAztWNuetPs7R4yDPgKPwdAu7TFuLn3LkygUL4cgv_aLFK9PBHcJRpgrwTE9Lb_N7MQMlUWFdckYxigBabUPr9CDl4h1UeQTc0p7SO_1ypncF-WjRDsxc9lJ_1Y8EVOFwyVNtTKowdqqp2-ftSrZUJqwG5EwwtwXmYk6f3WHz8JuPjNT7g-KMPl-nUnXUHaEIvGGQEBEZuhaeBtcSt5WN0qplZLygYSdT3di-xeC6hziIvhbBu1yfwlZW6JvNl3VGDiyCOiMCYFAvJLSSgER6dV6GrDtYYWaAmpsc8CMEdIVxWFTo0Yi_ofD_YVXnYjfqLMW31tSmw1RRdWLaaEQwuC6hei7KW2oe64R6Npy_v_oBgPsyVR_ksnnXgCQCg8NUjroPSKKDQs9oxQMqUXoUqFlyVI_OMaUwj0nEpAmvOUUWOXRDhlMBvvAa-POUw-q5LSpb0xulHcw8Iw_hWtMGHVHiMJdG5gSnceGRFdhV_oV0W2O7048z4shjq9ocZwWhs1PA41YBKBDAQy4oCiS01Agaoe-J_fiYodqtpGH0wKfQkH3cKjzC_RDBIZPS6mm9MbEiDNjdO-ZiQVk685ETWXW0axCSl9WtHBcli3nYRbpgpeATS00bx1x4MN9OgVnahYS6KymyDKAABHuEQl-MNP2G2AOt3MILDOcWIU0oZtDHfbh2qJMqPXK7wIpwxjvGhWx93e_0Pux7o65WeGFbDxJ0Kik0Olgdz-P-WUudGrPTbdWAVwfMbUSdzGHDDsm1SpNlXx9deAsr71cBl2x5TP_Tx6U7bFYhiRHboAJjzMRXwJhnX-I78JYFuV850fk_W4z1NImsZZkwHMv235fU7_RSgh5fb-CzO2_agrKC7zUt1nQ61ERFrt-TmleDVw8Ysz0PBAzZDWnGNefNnM0o2kjf_mIHURlc2lOSJPpn4oDChwvSRbCaslBHOvoh_YktpCt7Qi_1c493BwtZWoyjv55cICfY6u99yfzCDe7aSP96Xuyj3mWGHYwJ_mUDR0I_pwLms2HBT8CZPNJ4uh6delNix3o7vLnavttthBmNUny2AylBYieimv_R64j-CTrUZK1Ye--cutFNPuuhet23kC3EUhTGZewblcCTnzmRrkHMDur73-kzkNnRXHjgu7apKBCY60BKd0Fll6VFwxbD9Jg8qYGQvjEUxL6uPRqON6xOQfVhqzwsKXp9W9Wz_ntzq9OQQpFWynDFCLyGLsoQIjP_UqevbrUfHXZh8tmujwP99Sed_wfAY_9IEOUSPqYM0HCs-DnKr-uym25jG9xVUJwlrGUS2gqE8r1oWdMhH8v2UePyvguQlQC1YCCWo0iX9bhfxQcRzZ-JxtjsMd_XziXe5HKdQfscUWXORkm03lWX3w&cid=CAQSKQDq26N9NDRoRAxuNtaQp_9GhKXc-OO7oiDY2x4xDzLHGupY14wHRJ3CGAEgDg&rfl=3%2Chttps%253A%252F%252Fwww.bg3.co%242%2Chttps%253A%252F%252Fwww.bg3.co%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 18:17:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4660
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3181
x-xss-protection
0
server
cafe
etag
10699485926258732851
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 04 Nov 2022 18:17:46 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20221019/r20110914/ Frame 4A48 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221019/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DvkoPcYkS5w05f50iVQ3KGyq02W6jO7H4oSGh8LsoPHEVooAx35Jqb-cqQd0Bq5AlJM4mzM7oF0aT44ftu84M7oouRfA&cry=1&dbm_d=AKAmf-Ali6hW9Lt5mEOkfwSBg9TOHh5y7-uqgyjCFCrEojMFWwHr-c6uLJvgu_-iZiMStFnxQQv7e9wdHX1Ot6RdBxlkpMj7tipn1V-KvvT9BvxvTOH_E1pA_gyUUin7xGc8m8mA_VmuggMY6U-9Uuw1DL2eqCIdcCYjn_aCXrQ2TFQxw2PWXhePHYywra60u-B2-FAkQSqF9lRdRQF1oSBFiviy4zfLfiPYtuPQpNuWA6Q_FgpBxw-m0rYI_Qvjy_XG7FwJDGVZxgrS2EmX_p-RYeOtbM-V8_20Yo3iUw4MKjj7mcF-Zr8OnrSZYkJddsju68_xbNlYCwEVcMSiUKydqjeB7Sr935AK_9426srBUYAH7W0kqi2vBiQf5HaQ_zqNAC7EKQCCa4zq6T7IcBG4ShDuV7urlAOJk1KJnQ4txU_IvUS8NOJ9yALpjfA-dDyTfrPb_diPoAHCLd-HqL4V-16c8uS8AFEFXR9paAJMvwCnddZ_pnsCIJTmtOQQ20bvjGDLEE1Fdfdab2Z5Z-Au61cQZCmtJUT0sOJJF88UjajpXBgZtMk3t2DpyNeAiYa8Hl3-Pb6xskro59-3xTe_SN0zFxTByjNVxNRhctM5R7YywwjMrpNQkn0rR4eQ1_2CQKK6Yyav-Y4hxQqc_kH9BCT4CeOVIS9Ku_hrpYFHx_7W_HxRhEXQTOrU_GiS2dUuVkmfVQjZBJZpJdviCGDq2LvMOPC_n1H6H-E1JW8CA-rVPw3njo-0NmX28cmlc95zaDATxuYKfRTPrAqMcoWQUMG2FesWX8dCXOPR8AmClXUXmXPd9IEjPbs49OkfvDEtsAg34lvf5k2ATwzluQjONE7OAylr9dcYcL9kGIAWfrRtU3KjMgLABkRBTNSron8TtAu1a49l2y_Lnd4S6-0QHpabnk2wg3ROx6sjvpgpjjHN52D_vuqj9mJ1tiiLONEBrpcpDhjL2E-qqgLC90Pdk-RGBCG6ruqyafYYduO39SmT0olA01ICT0bF3HZFg4pSDb0fTifSrrE1hhuL7rp-FfZkLUd2QBJAckq_wdrnswIKs83MZ70Np82NIEpexPPdZRFne0aCOKnWRwazzHYdJy8-INQqOXLKa-vBNugKy1TEizFuzEOud4Vx5bKftLrhZOe2XjlCYweqYSUtmWrcck02___Zen-cfcfPDpJPYOPgxPNwOuMDnJbyvIw7gg3Ge4MbyeISu4U-TlsBAW92mnl365ZN268uqtKMR2UIoK8ntuZo7iK_IvJ2EqGVQvYPq699Pc2_jJpdpccPiGhRO000aJT2Xd3zJ-qqILy2_igRBKXF0OILYPOhaNRGqQDtYOBgs2JFWA9iDbue5C-_lrr1fwxmyhs1wxFHhWHrKVzuWKWrHsLeuA_46E-Yut2It_4h4rQBT22zpLs9KusjSadnfRkvaCCkvgYR2RRXUUGojdHYz1WDf0_zH44MJicFB5_e3Ka9yAEKCMgHeOyBUXxF7rm3hg1a9QQUX1X8-rsY_RDHBO5VfVy3PcjDu0eKsXIuKEv3B1Gyj-9C6HPhQzwSRX_jOelxp3Dh75x6vjbxdFwDy_h_h-annNdRjwDqgBx68RqG72puv94zYRv4JOdi17GTTy7PADqiz4OdSLQC_9lqqSNNeqb0-bNclH197sTKbbWUdPKY-Vbk1dPrdchc7GUNr5VpqlqZ4c_7IpwGapGRv1N5FfouloPDNQG0v5Yey1_pkvWo_27_LO0Hue79evvEJoLAnts1LdES7G-qV_OX21BcH1tGaYaqiiEZKVyM3j4OshdL8dlaWbQu_fQmvDK7i58gXyk_6-dVw-4KyzGf3x2kAZ20LKnhvqF5N7Vm5COoJ-T53ZUqxsH8ec5Coa0qdJlxLYM63x9RxepG3J1n5OzCb4niXNJsORPuPLXK4oDrUIBfwcGTIWJhpygpReSHqNbFImFvgOixlZCT2XwuJvEi54WXKVx65Ij0bMXO8YeSw2tvHZIuWerLcvkxGcx8IR0QCj1U8cwBwusyCIEYAztWNuetPs7R4yDPgKPwdAu7TFuLn3LkygUL4cgv_aLFK9PBHcJRpgrwTE9Lb_N7MQMlUWFdckYxigBabUPr9CDl4h1UeQTc0p7SO_1ypncF-WjRDsxc9lJ_1Y8EVOFwyVNtTKowdqqp2-ftSrZUJqwG5EwwtwXmYk6f3WHz8JuPjNT7g-KMPl-nUnXUHaEIvGGQEBEZuhaeBtcSt5WN0qplZLygYSdT3di-xeC6hziIvhbBu1yfwlZW6JvNl3VGDiyCOiMCYFAvJLSSgER6dV6GrDtYYWaAmpsc8CMEdIVxWFTo0Yi_ofD_YVXnYjfqLMW31tSmw1RRdWLaaEQwuC6hei7KW2oe64R6Npy_v_oBgPsyVR_ksnnXgCQCg8NUjroPSKKDQs9oxQMqUXoUqFlyVI_OMaUwj0nEpAmvOUUWOXRDhlMBvvAa-POUw-q5LSpb0xulHcw8Iw_hWtMGHVHiMJdG5gSnceGRFdhV_oV0W2O7048z4shjq9ocZwWhs1PA41YBKBDAQy4oCiS01Agaoe-J_fiYodqtpGH0wKfQkH3cKjzC_RDBIZPS6mm9MbEiDNjdO-ZiQVk685ETWXW0axCSl9WtHBcli3nYRbpgpeATS00bx1x4MN9OgVnahYS6KymyDKAABHuEQl-MNP2G2AOt3MILDOcWIU0oZtDHfbh2qJMqPXK7wIpwxjvGhWx93e_0Pux7o65WeGFbDxJ0Kik0Olgdz-P-WUudGrPTbdWAVwfMbUSdzGHDDsm1SpNlXx9deAsr71cBl2x5TP_Tx6U7bFYhiRHboAJjzMRXwJhnX-I78JYFuV850fk_W4z1NImsZZkwHMv235fU7_RSgh5fb-CzO2_agrKC7zUt1nQ61ERFrt-TmleDVw8Ysz0PBAzZDWnGNefNnM0o2kjf_mIHURlc2lOSJPpn4oDChwvSRbCaslBHOvoh_YktpCt7Qi_1c493BwtZWoyjv55cICfY6u99yfzCDe7aSP96Xuyj3mWGHYwJ_mUDR0I_pwLms2HBT8CZPNJ4uh6delNix3o7vLnavttthBmNUny2AylBYieimv_R64j-CTrUZK1Ye--cutFNPuuhet23kC3EUhTGZewblcCTnzmRrkHMDur73-kzkNnRXHjgu7apKBCY60BKd0Fll6VFwxbD9Jg8qYGQvjEUxL6uPRqON6xOQfVhqzwsKXp9W9Wz_ntzq9OQQpFWynDFCLyGLsoQIjP_UqevbrUfHXZh8tmujwP99Sed_wfAY_9IEOUSPqYM0HCs-DnKr-uym25jG9xVUJwlrGUS2gqE8r1oWdMhH8v2UePyvguQlQC1YCCWo0iX9bhfxQcRzZ-JxtjsMd_XziXe5HKdQfscUWXORkm03lWX3w&cid=CAQSKQDq26N9NDRoRAxuNtaQp_9GhKXc-OO7oiDY2x4xDzLHGupY14wHRJ3CGAEgDg&rfl=3%2Chttps%253A%252F%252Fwww.bg3.co%242%2Chttps%253A%252F%252Fwww.bg3.co%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
06da16002b06a44b36022933c8aa72978db6661c4491e40f81ab16ac9b9833d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 18:38:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3437
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11726
x-xss-protection
0
server
cafe
etag
11376305771055881226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 04 Nov 2022 18:38:09 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 1B06 		603 B
65 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=1600x250&w=1600&h=250&ptt=12&adk=2733026255&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-3531927353485263444&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=470780615&nhd=0&adx=0&ady=3129&oid=2&is_amp=5&amp_v=2210010655000&d_imp=1&c=8007105&ga_cid=amp-HZirLDaaJ-8PWpViWbHHdQ&ga_hid=7105&dt=1666380925943&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-jun-xin-yi-pi-sheng-chang-qi-ban-fei-xing-xue-yuan-jie-ye-you-ge-xin-tu-po.html&bdt=5494&dtd=364&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012210010655000/v0/amp-ad-0.1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 21 Oct 2022 19:35:26 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
log
aplogger.adpushup.com/ 		0
53 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://aplogger.adpushup.com/log?event=glimpse_pageView&data=eyJzZXNzaW9uSWQiOiI5MTc3MjhfMTY2NjM4MDkyNjMxNSIsInVzZXJJZCI6IjE5MjgzN18xNjY2MzgwOTI2MzE1Iiwic2l0ZUlkIjo0Mjc1MywicGxhdGZvcm0iOiJERVNLVE9QIiwicGFnZUlkIjoiMjczMzQwXzE2NjYzODA5MjYzMTUiLCJwYWdlUGF0aCI6IiUyRmElMkZoYWktanVuLXhpbi15aS1waS1zaGVuZy1jaGFuZy1xaS1iYW4tZmVpLXhpbmcteHVlLXl1YW4tamllLXllLXlvdS1nZS14aW4tdHUtcG8uaHRtbCIsImhvc3RuYW1lIjoid3d3LmJnMy5jbyIsInVybCI6Imh0dHBzJTNBJTJGJTJGd3d3LmJnMy5jbyUyRmElMkZoYWktanVuLXhpbi15aS1waS1zaGVuZy1jaGFuZy1xaS1iYW4tZmVpLXhpbmcteHVlLXl1YW4tamllLXllLXlvdS1nZS14aW4tdHUtcG8uaHRtbCIsInBoYXNlIjowLCJ1c2VyVHlwZSI6Ik5FVyIsInByZXZpZXdWYXJpYXRpb24iOiJub1ByZXZpZXdQYWdlIiwiZXhwZXJpbWVudFBhZ2UiOmZhbHNlLCJ0aW1lc3RhbXAiOjE2NjYzODA5MjYzMTV9
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.211.156.162 Mumbai, India, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:35:27 GMT
server
nginx/1.14.0 (Ubuntu)
L2EvaGFpLWp1bi14aW4teWktcGktc2hlbmctY2hhbmctcWktYmFuLWZlaS14aW5nLXh1ZS15dWFuLWppZS15ZS15b3UtZ2UteGluLXR1LXBvLmh0bWw=.json
cdn.adpushup.com/42753/ 		555 B
819 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/L2EvaGFpLWp1bi14aW4teWktcGktc2hlbmctY2hhbmctcWktYmFuLWZlaS14aW5nLXh1ZS15dWFuLWppZS15ZS15b3UtZ2UteGluLXR1LXBvLmh0bWw=.json
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.161 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-161.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AU
date
Fri, 21 Oct 2022 19:35:26 GMT
server
nginx/1.18.0
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
server-timing
cdn-cache; desc=MISS, edge; dur=100, origin; dur=198
content-length
555
expires
Fri, 21 Oct 2022 20:35:26 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame C9E6 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1666380924&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-jun-xin-yi-pi-sheng-chang-qi-ban-fei-xing-xue-yuan-jie-ye-you-ge-xin-tu-po.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666380923199&bpp=13&bdt=1569&idt=1785&shv=r20221019&mjsv=m202210130101&ptt=5&saldr=sa&correlator=6940085691434&frm=23&ife=1&pv=2&ga_vid=132312058.1666380925&ga_sid=1666380925&ga_hid=1805836802&ga_fc=0&ga_cid=amp-HZirLDaaJ-8PWpViWbHHdQ&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=856&biw=1600&bih=1200&isw=336&ish=280&ifk=3312327010&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C44775017%2C31060049&oid=2&pvsid=2672479170510720&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.oqtxlyn13en9&fsb=1&dtd=1805
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 09:50:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
35068
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 21 Oct 2023 09:50:58 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 3088 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1666380924&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-jun-xin-yi-pi-sheng-chang-qi-ban-fei-xing-xue-yuan-jie-ye-you-ge-xin-tu-po.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666380923199&bpp=13&bdt=1569&idt=1785&shv=r20221019&mjsv=m202210130101&ptt=5&saldr=sa&correlator=6940085691434&frm=23&ife=1&pv=2&ga_vid=132312058.1666380925&ga_sid=1666380925&ga_hid=1805836802&ga_fc=0&ga_cid=amp-HZirLDaaJ-8PWpViWbHHdQ&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=856&biw=1600&bih=1200&isw=336&ish=280&ifk=3312327010&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C44775017%2C31060049&oid=2&pvsid=2672479170510720&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.oqtxlyn13en9&fsb=1&dtd=1805
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
9563
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 21 Oct 2022 16:56:03 GMT
etag
48472445140208031
expires
Sat, 22 Oct 2022 16:56:03 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame C9E6 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6e27b570cde961f5f085e18cb07156e5a5c7d74c3562ef8be547c6fcb7e5851b

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 4A48 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1666380925&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-jun-xin-yi-pi-sheng-chang-qi-ban-fei-xing-xue-yuan-jie-ye-you-ge-xin-tu-po.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666380923282&bpp=12&bdt=1667&idt=1810&shv=r20221019&mjsv=m202210130101&ptt=5&saldr=sa&correlator=6940085691434&frm=23&ife=1&pv=1&ga_vid=991348202.1666380925&ga_sid=1666380925&ga_hid=786545097&ga_fc=0&ga_cid=amp-HZirLDaaJ-8PWpViWbHHdQ&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=3533403246&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C31069972%2C44774605%2C44775016%2C44773747&oid=2&pvsid=746497570079959&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.8pw8mhuqgu1f&fsb=1&dtd=1826
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 09:50:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
35068
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 21 Oct 2023 09:50:58 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 57D0 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1666380925&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-jun-xin-yi-pi-sheng-chang-qi-ban-fei-xing-xue-yuan-jie-ye-you-ge-xin-tu-po.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666380923282&bpp=12&bdt=1667&idt=1810&shv=r20221019&mjsv=m202210130101&ptt=5&saldr=sa&correlator=6940085691434&frm=23&ife=1&pv=1&ga_vid=991348202.1666380925&ga_sid=1666380925&ga_hid=786545097&ga_fc=0&ga_cid=amp-HZirLDaaJ-8PWpViWbHHdQ&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=3533403246&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C31069972%2C44774605%2C44775016%2C44773747&oid=2&pvsid=746497570079959&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.8pw8mhuqgu1f&fsb=1&dtd=1826
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
9563
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 21 Oct 2022 16:56:03 GMT
etag
48472445140208031
expires
Sat, 22 Oct 2022 16:56:03 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 4A48 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
31d90e88b42cb190992b056a8e6964bcdf46a93116a99e4c2511957fa3fff4dd

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
pixel
cm.g.doubleclick.net/ Frame 3088
Redirect Chain
  • https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEAwbsdt1bcSzPQ_u8S7Hogw&google_cver=1&google_push=AZmPxg9yGimQNtTIN7wcFDPLD0HFgUf08BcpitlPM2LSt4utgzYJHeX...
  • https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=26e8ebc23f1020af&is_secure=true&networkId=14000&version=1&google_gid=CAESEAwbsdt1bcSzPQ_u8S7Hogw&google_cver=1&google_push=AZmPxg9yGimQ...
  • https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAALh0NjBEZh2gMyvvE1AAAAAAA&expiration=1666467327&google_cver=1&is_secure=true&google_gid=CAESEAwbsdt1bcSzPQ_u8S7Ho...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAALh0NjBEZh2gMyvvE1AAAAAAA&expiration=1666467327&google_cver=1&is_secure=true&google_gid=CAESEAwbsdt1bcSzPQ_u8S7Hogw&google_push=AZmPxg9yGimQNtTIN7wcFDPLD0HFgUf08BcpitlPM2LSt4utgzYJHeXSn3I7VCF5ttKBDgTt5RFO17xK-1QBxvJW4ihz8iAaL5RklwyMfaRCHXjm7rz29jadJ9wOnGHzt-E4Y65g2mnD7XGmGtlkrtJ8Qso
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1666380924&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-jun-xin-yi-pi-sheng-chang-qi-ban-fei-xing-xue-yuan-jie-ye-you-ge-xin-tu-po.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666380923199&bpp=13&bdt=1569&idt=1785&shv=r20221019&mjsv=m202210130101&ptt=5&saldr=sa&correlator=6940085691434&frm=23&ife=1&pv=2&ga_vid=132312058.1666380925&ga_sid=1666380925&ga_hid=1805836802&ga_fc=0&ga_cid=amp-HZirLDaaJ-8PWpViWbHHdQ&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=856&biw=1600&bih=1200&isw=336&ish=280&ifk=3312327010&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C44775017%2C31060049&oid=2&pvsid=2672479170510720&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.oqtxlyn13en9&fsb=1&dtd=1805
Protocol
H3
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:35:27 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:35:27 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAALh0NjBEZh2gMyvvE1AAAAAAA&expiration=1666467327&google_cver=1&is_secure=true&google_gid=CAESEAwbsdt1bcSzPQ_u8S7Hogw&google_push=AZmPxg9yGimQNtTIN7wcFDPLD0HFgUf08BcpitlPM2LSt4utgzYJHeXSn3I7VCF5ttKBDgTt5RFO17xK-1QBxvJW4ihz8iAaL5RklwyMfaRCHXjm7rz29jadJ9wOnGHzt-E4Y65g2mnD7XGmGtlkrtJ8Qso
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
pixel
cm.g.doubleclick.net/ Frame 3088
Redirect Chain
  • https://v9999.adv.admeme.net/drtb/n?google_gid=CAESENYLK-SP1o0H_FdvpwGH2L8&google_cver=1&google_push=AZmPxg-soIVojACutkMJHepcDoJvaxJmdhCKEuU318SxKeE8jBwdZp0nX7B8VI4zBfEUBQ8Vypmd-SG3k0lRMjRn-a1F2cBo...
  • https://cm.g.doubleclick.net/pixel?google_nid=kpis&google_push=AZmPxg-soIVojACutkMJHepcDoJvaxJmdhCKEuU318SxKeE8jBwdZp0nX7B8VI4zBfEUBQ8Vypmd-SG3k0lRMjRn-a1F2cBoPxtIq68_pHJ6dlBUvkzNgALt5HHG4R7hvDhZP_...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=kpis&google_push=AZmPxg-soIVojACutkMJHepcDoJvaxJmdhCKEuU318SxKeE8jBwdZp0nX7B8VI4zBfEUBQ8Vypmd-SG3k0lRMjRn-a1F2cBoPxtIq68_pHJ6dlBUvkzNgALt5HHG4R7hvDhZP_nvA9gA7e7q1DMNQ35CGa8
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-jun-xin-yi-pi-sheng-chang-qi-ban-fei-xing-xue-yuan-jie-ye-you-ge-xin-tu-po.html
Protocol
H3
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:35:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
http://cm.g.doubleclick.net/pixel?google_nid=kpis&google_push=AZmPxg-soIVojACutkMJHepcDoJvaxJmdhCKEuU318SxKeE8jBwdZp0nX7B8VI4zBfEUBQ8Vypmd-SG3k0lRMjRn-a1F2cBoPxtIq68_pHJ6dlBUvkzNgALt5HHG4R7hvDhZP_nvA9gA7e7q1DMNQ35CGa8
Date
Fri, 21 Oct 2022 19:35:28 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 3088 		0
173 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEHToa5Nxz8-YvSuZMcPucj4&google_cver=1&google_push=AZmPxg_-FBdh1fsBZ7J5FNsza0e873Zfxi8gbbuv2-_o32dcaJqqA7hqpqy0OJ-GfSBhMOM-kv8MKX81jckG37mf6XcQZpea9BVP9DmtjVlRceg-vpHMJOyMY6X-NEhfuv-B3DaEjjDktDUihj8JTsWeBQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1666380924&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-jun-xin-yi-pi-sheng-chang-qi-ban-fei-xing-xue-yuan-jie-ye-you-ge-xin-tu-po.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666380923199&bpp=13&bdt=1569&idt=1785&shv=r20221019&mjsv=m202210130101&ptt=5&saldr=sa&correlator=6940085691434&frm=23&ife=1&pv=2&ga_vid=132312058.1666380925&ga_sid=1666380925&ga_hid=1805836802&ga_fc=0&ga_cid=amp-HZirLDaaJ-8PWpViWbHHdQ&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=856&biw=1600&bih=1200&isw=336&ish=280&ifk=3312327010&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C44775017%2C31060049&oid=2&pvsid=2672479170510720&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.oqtxlyn13en9&fsb=1&dtd=1805
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:35:26 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pixel
cm.g.doubleclick.net/ Frame 3088
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google_jp&google_gid=CAESEHXnqUuupIMieD5QbRVCBxw&google_cver=1&google_push=AZmPxg-xMbhA0pVtMo7Teljcu015w6TtdNDjJpZPekCyFVI60-3yoF-eetlL3097xY3fDmsHMz1xpQHgSYJBbY8df...
  • https://x.bidswitch.net/ul_cb/sync?ssp=google_jp&google_gid=CAESEHXnqUuupIMieD5QbRVCBxw&google_cver=1&google_push=AZmPxg-xMbhA0pVtMo7Teljcu015w6TtdNDjJpZPekCyFVI60-3yoF-eetlL3097xY3fDmsHMz1xpQHgSYJ...
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=e8e30d2f-61ec-4802-a103-57a098722b8a&ssp=google_jp&gdpr=&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10524560487958652797&gdpr=&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.vis...
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2910&partner_device_id=10524560487958652797&gdpr=&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26s...
  • https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=e6dd36e3-0a67-4488-b839-23f315d550e5&ssp=google_jp&gdpr_consent=&gdpr=
  • https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=10524560487958652797&ssp=google_jp&gdpr=&gdpr_consent=
  • https://odr.mookie1.com/t/v2?tagid=V2_785409&src.visitorId=208840804311005467984&ssp=google_jp&gdpr=&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10524560487958652797&ssp=google_jp&gdpr=&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=iponweb_japan&google_push=AZmPxg-xMbhA0pVtMo7Teljcu015w6TtdNDjJpZPekCyFVI60-3yoF-eetlL3097xY3fDmsHMz1xpQHgSYJBbY8df4w2GA4NbkFm11SuxCByKS8omIJY2BOMOiNJQ...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=iponweb_japan&google_push=AZmPxg-xMbhA0pVtMo7Teljcu015w6TtdNDjJpZPekCyFVI60-3yoF-eetlL3097xY3fDmsHMz1xpQHgSYJBbY8df4w2GA4NbkFm11SuxCByKS8omIJY2BOMOiNJQlliFXl0uiquRbO6v7ehWo73MEYeo9Y&google_hm=6OMNL2HsSAKhA1egmHIrig==
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-jun-xin-yi-pi-sheng-chang-qi-ban-fei-xing-xue-yuan-jie-ye-you-ge-xin-tu-po.html
Protocol
H3
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:35:30 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
//cm.g.doubleclick.net/pixel?google_nid=iponweb_japan&google_push=AZmPxg-xMbhA0pVtMo7Teljcu015w6TtdNDjJpZPekCyFVI60-3yoF-eetlL3097xY3fDmsHMz1xpQHgSYJBbY8df4w2GA4NbkFm11SuxCByKS8omIJY2BOMOiNJQlliFXl0uiquRbO6v7ehWo73MEYeo9Y&google_hm=6OMNL2HsSAKhA1egmHIrig==
Date
Fri, 21 Oct 2022 19:35:30 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 3088
Redirect Chain
  • https://cs.media.net/cksync?type=g&google_gid=CAESEL4KwZeaQbdPxnxKiujSprU&google_cver=1&google_push=AZmPxg_MQr8f5wKAuC2fdcvPXWUB-vJshC8tp0albh7CgbZ0UUrMvQzrnlUyWgwIDOSY1V35X_r5AkpywS-YWdGtcMuZzBPSv...
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzA5MzgyNTI3NjgzMjI2NjAwMFYxMA%3d%3d&mn_hm=MzA5MzgyNTI3NjgzMjI2NjAwMFYxMA%3d%3d&google_sc=1&google_push=AZmPxg_MQr8f5wKAuC2fdcvPXWUB-vJ...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzA5MzgyNTI3NjgzMjI2NjAwMFYxMA%3d%3d&mn_hm=MzA5MzgyNTI3NjgzMjI2NjAwMFYxMA%3d%3d&google_sc=1&google_push=AZmPxg_MQr8f5wKAuC2fdcvPXWUB-vJshC8tp0albh7CgbZ0UUrMvQzrnlUyWgwIDOSY1V35X_r5AkpywS-YWdGtcMuZzBPSvMeqzbr1MbIbCAXSQobaof96aIJiHe_fk5D3yEVe5mKQPL6gTcdNWxVnP9A&gdpr=&gdpr_consent=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1666380924&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-jun-xin-yi-pi-sheng-chang-qi-ban-fei-xing-xue-yuan-jie-ye-you-ge-xin-tu-po.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666380923199&bpp=13&bdt=1569&idt=1785&shv=r20221019&mjsv=m202210130101&ptt=5&saldr=sa&correlator=6940085691434&frm=23&ife=1&pv=2&ga_vid=132312058.1666380925&ga_sid=1666380925&ga_hid=1805836802&ga_fc=0&ga_cid=amp-HZirLDaaJ-8PWpViWbHHdQ&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=856&biw=1600&bih=1200&isw=336&ish=280&ifk=3312327010&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C44775017%2C31060049&oid=2&pvsid=2672479170510720&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.oqtxlyn13en9&fsb=1&dtd=1805
Protocol
H3
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:35:27 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 21 Oct 2022 19:35:27 GMT
Server
Apache
P3P
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzA5MzgyNTI3NjgzMjI2NjAwMFYxMA%3d%3d&mn_hm=MzA5MzgyNTI3NjgzMjI2NjAwMFYxMA%3d%3d&google_sc=1&google_push=AZmPxg_MQr8f5wKAuC2fdcvPXWUB-vJshC8tp0albh7CgbZ0UUrMvQzrnlUyWgwIDOSY1V35X_r5AkpywS-YWdGtcMuZzBPSvMeqzbr1MbIbCAXSQobaof96aIJiHe_fk5D3yEVe5mKQPL6gTcdNWxVnP9A&gdpr=&gdpr_consent=
Content-Type
text/html
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
154
X-MNET-HL2
E
Expires
Fri, 21 Oct 2022 19:35:27 GMT
pub
cs.chocolateplatform.com/ Frame 3088 		0
0
pixel
cm.g.doubleclick.net/ Frame 3088
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEIIboHTTsozzfCS4eJaVejQ&google_cver=1&google_push=AZmPxg880dbapl3HIPIpZjxVd8LXqbPoC7mUvdK_vkcmXycCfVUw294US9Fsv3l15ww7J-6yPrsPEP...
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AZmPxg880dbapl3HIPIpZjxVd8LXqbPoC7mUvdK_vkcmXycCfVUw294US9Fsv3l15ww7J-6yPrsPEPg2wz-oI4RiaZ694GHDxMeojhH3QAvuLfjmPa6csBk70...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AZmPxg880dbapl3HIPIpZjxVd8LXqbPoC7mUvdK_vkcmXycCfVUw294US9Fsv3l15ww7J-6yPrsPEPg2wz-oI4RiaZ694GHDxMeojhH3QAvuLfjmPa6csBk702iuPDfdAQAWYN9iBR_EBN09XBBmPw9QFEs&google_hm=NDE1NDE5ODQwMzIyMTU5MjAxOQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1666380924&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-jun-xin-yi-pi-sheng-chang-qi-ban-fei-xing-xue-yuan-jie-ye-you-ge-xin-tu-po.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666380923199&bpp=13&bdt=1569&idt=1785&shv=r20221019&mjsv=m202210130101&ptt=5&saldr=sa&correlator=6940085691434&frm=23&ife=1&pv=2&ga_vid=132312058.1666380925&ga_sid=1666380925&ga_hid=1805836802&ga_fc=0&ga_cid=amp-HZirLDaaJ-8PWpViWbHHdQ&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=856&biw=1600&bih=1200&isw=336&ish=280&ifk=3312327010&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C44775017%2C31060049&oid=2&pvsid=2672479170510720&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.oqtxlyn13en9&fsb=1&dtd=1805
Protocol
H3
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:35:27 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AZmPxg880dbapl3HIPIpZjxVd8LXqbPoC7mUvdK_vkcmXycCfVUw294US9Fsv3l15ww7J-6yPrsPEPg2wz-oI4RiaZ694GHDxMeojhH3QAvuLfjmPa6csBk702iuPDfdAQAWYN9iBR_EBN09XBBmPw9QFEs&google_hm=NDE1NDE5ODQwMzIyMTU5MjAxOQ%3D%3D
date
Fri, 21 Oct 2022 19:35:27 GMT
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame 3088 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LZxAOUgq2m-nZ1_nSTgtkgnCnSzreLwJ6_nLFkSmx3dWJY185-Ly20z9tTlrnNoZ2NYjfg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1666380924&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-jun-xin-yi-pi-sheng-chang-qi-ban-fei-xing-xue-yuan-jie-ye-you-ge-xin-tu-po.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666380923199&bpp=13&bdt=1569&idt=1785&shv=r20221019&mjsv=m202210130101&ptt=5&saldr=sa&correlator=6940085691434&frm=23&ife=1&pv=2&ga_vid=132312058.1666380925&ga_sid=1666380925&ga_hid=1805836802&ga_fc=0&ga_cid=amp-HZirLDaaJ-8PWpViWbHHdQ&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=856&biw=1600&bih=1200&isw=336&ish=280&ifk=3312327010&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C44775017%2C31060049&oid=2&pvsid=2672479170510720&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.oqtxlyn13en9&fsb=1&dtd=1805
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:35:26 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 57D0
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEDwBlTfwKxqB0J6MbnYP9pY&google_cver=1&google_push=AZmPxg_SyI3MDr35L6p0G7wm7EGbpwP0sWaKuI9vMk90G1E1fWPIY35B4O6dQN4mBauOgVmPpEkTkcMeoQXhB5dLSc9lmfdqR8cuS...
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODg0MzY5MjMyMjIwODE1MjM5MA==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEDwBlTfwKxqB0J6MbnYP9pY&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEDwBlTfwKxqB0J6MbnYP9pY&google_cver=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-jun-xin-yi-pi-sheng-chang-qi-ban-fei-xing-xue-yuan-jie-ye-you-ge-xin-tu-po.html
Protocol
H2
Server
50.116.239.135 , United States, ASN6336 (TURN-US-ASN, US),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 21 Oct 2022 19:35:28 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:35:28 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEDwBlTfwKxqB0J6MbnYP9pY&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 57D0
Redirect Chain
  • https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEAr5zVl5rtirNsF9goc9rM4&google_cver=1&google_push=AZmPxg9Iwaz6oFvU1e3gmgA5V2QffRl_YOqZ9wP0m9LtEXQ1z6PYcHSq0wF1h3SvGbRVgYLCac4ZH...
  • https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AZmPxg9Iwaz6oFvU1e3gmgA5V2QffRl_YOqZ9wP0m9LtEXQ1z6PYcHSq0wF1h3SvGbRVgYLCac4ZHcPIrqDXf3cl5lncMWiW9ZKvPZm8YlHFb_K4LhYhR3oX-1YzZ28Tis...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AZmPxg9Iwaz6oFvU1e3gmgA5V2QffRl_YOqZ9wP0m9LtEXQ1z6PYcHSq0wF1h3SvGbRVgYLCac4ZHcPIrqDXf3cl5lncMWiW9ZKvPZm8YlHFb_K4LhYhR3oX-1YzZ28TisTdp9MPcNBloegm2m15KEQQpd8
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1666380925&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-jun-xin-yi-pi-sheng-chang-qi-ban-fei-xing-xue-yuan-jie-ye-you-ge-xin-tu-po.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666380923282&bpp=12&bdt=1667&idt=1810&shv=r20221019&mjsv=m202210130101&ptt=5&saldr=sa&correlator=6940085691434&frm=23&ife=1&pv=1&ga_vid=991348202.1666380925&ga_sid=1666380925&ga_hid=786545097&ga_fc=0&ga_cid=amp-HZirLDaaJ-8PWpViWbHHdQ&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=3533403246&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C31069972%2C44774605%2C44775016%2C44773747&oid=2&pvsid=746497570079959&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.8pw8mhuqgu1f&fsb=1&dtd=1826
Protocol
H3
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:35:27 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 21 Oct 2022 19:35:26 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 490AA43BE69844B9898CE4A7BBCF5408 Ref B: SYD03EDGE1617 Ref C: 2022-10-21T19:35:26Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
location
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AZmPxg9Iwaz6oFvU1e3gmgA5V2QffRl_YOqZ9wP0m9LtEXQ1z6PYcHSq0wF1h3SvGbRVgYLCac4ZHcPIrqDXf3cl5lncMWiW9ZKvPZm8YlHFb_K4LhYhR3oX-1YzZ28TisTdp9MPcNBloegm2m15KEQQpd8
x-li-proto
http/2
content-length
0
x-li-uuid
AAXrkIs2oT+mChgRdm67dg==
pixel
cm.g.doubleclick.net/ Frame 57D0
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=lRrSz3puQA6p9M_CmtddPA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=lRrSz3puQA6p9M_CmtddPA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AZmPxg9EKWAtSXwD-NnvCMl-K7vd2Au4zW906j_aSMoyMYXQrHG_58zQDHxjxFkaQhKUaoRXGfXD8Q7PgQ_8bo5nUJs01dpbvKzMHibqp2KlNq_oLw8aHniUfg2-kYyn9p32aST9j_CSthbxHseDGPwScJc
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1666380925&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-jun-xin-yi-pi-sheng-chang-qi-ban-fei-xing-xue-yuan-jie-ye-you-ge-xin-tu-po.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666380923282&bpp=12&bdt=1667&idt=1810&shv=r20221019&mjsv=m202210130101&ptt=5&saldr=sa&correlator=6940085691434&frm=23&ife=1&pv=1&ga_vid=991348202.1666380925&ga_sid=1666380925&ga_hid=786545097&ga_fc=0&ga_cid=amp-HZirLDaaJ-8PWpViWbHHdQ&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=3533403246&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C31069972%2C44774605%2C44775016%2C44773747&oid=2&pvsid=746497570079959&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.8pw8mhuqgu1f&fsb=1&dtd=1826
Protocol
H3
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:35:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=lRrSz3puQA6p9M_CmtddPA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AZmPxg9EKWAtSXwD-NnvCMl-K7vd2Au4zW906j_aSMoyMYXQrHG_58zQDHxjxFkaQhKUaoRXGfXD8Q7PgQ_8bo5nUJs01dpbvKzMHibqp2KlNq_oLw8aHniUfg2-kYyn9p32aST9j_CSthbxHseDGPwScJc
date
Fri, 21 Oct 2022 19:35:27 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 57D0
Redirect Chain
  • https://dsp.adkernel.com/sync?exchange=11&google_gid=CAESEL9v3wG3my3GYiUzRx9RDdI&google_cver=1&google_push=AZmPxg9LwFaevysXbVXXQGxWesUpWy9-IOvWpstYhy0R6co--bYAY3pDRYpQdOtICVOcnAIMds4NfO3CrLXqXNkXlV...
  • https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTM1NzE1NTAwNTMwMTMyNDMyOTA&google_push=AZmPxg9LwFaevysXbVXXQGxWesUpWy9-IOvWpstYhy0R6co--bYAY3pDRYpQdOtICVOcnAIMds4NfO3CrLXqXNkXlVgv...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTM1NzE1NTAwNTMwMTMyNDMyOTA&google_push=AZmPxg9LwFaevysXbVXXQGxWesUpWy9-IOvWpstYhy0R6co--bYAY3pDRYpQdOtICVOcnAIMds4NfO3CrLXqXNkXlVgv2J_E7GbNPMQvhFxaL8YMxgNSDTxrN0DX3Mk3z0ZUABZk_Q274X2dhB_FfBvFQRg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1666380925&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-jun-xin-yi-pi-sheng-chang-qi-ban-fei-xing-xue-yuan-jie-ye-you-ge-xin-tu-po.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666380923282&bpp=12&bdt=1667&idt=1810&shv=r20221019&mjsv=m202210130101&ptt=5&saldr=sa&correlator=6940085691434&frm=23&ife=1&pv=1&ga_vid=991348202.1666380925&ga_sid=1666380925&ga_hid=786545097&ga_fc=0&ga_cid=amp-HZirLDaaJ-8PWpViWbHHdQ&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=3533403246&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C31069972%2C44774605%2C44775016%2C44773747&oid=2&pvsid=746497570079959&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.8pw8mhuqgu1f&fsb=1&dtd=1826
Protocol
H3
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:35:27 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTM1NzE1NTAwNTMwMTMyNDMyOTA&google_push=AZmPxg9LwFaevysXbVXXQGxWesUpWy9-IOvWpstYhy0R6co--bYAY3pDRYpQdOtICVOcnAIMds4NfO3CrLXqXNkXlVgv2J_E7GbNPMQvhFxaL8YMxgNSDTxrN0DX3Mk3z0ZUABZk_Q274X2dhB_FfBvFQRg
Date
Fri, 21 Oct 2022 19:35:27 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 57D0
Redirect Chain
  • https://ds.uncn.jp/doubleclick/0/sync_push?google_gid=CAESEAqS46O0O9JYu2T3YjKBK1o&google_cver=1&google_push=AZmPxg-6w74hkk4hP7333Zj1JgINkHumo1-aAyMC6A5s0Y4GJv031tuJpeSEEpitOKTe_-9wjxiQycthi3j11KROI...
  • https://cm.g.doubleclick.net/pixel?google_nid=unicorn&google_push=AZmPxg-6w74hkk4hP7333Zj1JgINkHumo1-aAyMC6A5s0Y4GJv031tuJpeSEEpitOKTe_-9wjxiQycthi3j11KROIusjZqrAVd33dQK_lhs9Zu3--0bcPTtRvSBLOD_RjAH...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=unicorn&google_push=AZmPxg-6w74hkk4hP7333Zj1JgINkHumo1-aAyMC6A5s0Y4GJv031tuJpeSEEpitOKTe_-9wjxiQycthi3j11KROIusjZqrAVd33dQK_lhs9Zu3--0bcPTtRvSBLOD_RjAHQEYck2I5PaDOi6I2bt4txXA&google_hm=ASI4XNKEKkn7kCrlL855c3s
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1666380925&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-jun-xin-yi-pi-sheng-chang-qi-ban-fei-xing-xue-yuan-jie-ye-you-ge-xin-tu-po.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666380923282&bpp=12&bdt=1667&idt=1810&shv=r20221019&mjsv=m202210130101&ptt=5&saldr=sa&correlator=6940085691434&frm=23&ife=1&pv=1&ga_vid=991348202.1666380925&ga_sid=1666380925&ga_hid=786545097&ga_fc=0&ga_cid=amp-HZirLDaaJ-8PWpViWbHHdQ&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=3533403246&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C31069972%2C44774605%2C44775016%2C44773747&oid=2&pvsid=746497570079959&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.8pw8mhuqgu1f&fsb=1&dtd=1826
Protocol
H3
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:35:27 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=unicorn&google_push=AZmPxg-6w74hkk4hP7333Zj1JgINkHumo1-aAyMC6A5s0Y4GJv031tuJpeSEEpitOKTe_-9wjxiQycthi3j11KROIusjZqrAVd33dQK_lhs9Zu3--0bcPTtRvSBLOD_RjAHQEYck2I5PaDOi6I2bt4txXA&google_hm=ASI4XNKEKkn7kCrlL855c3s
Date
Fri, 21 Oct 2022 19:35:27 GMT
Server
Apache
Connection
keep-alive
Content-Length
285
Content-Type
text/html; charset=utf-8
pixel
cm.g.doubleclick.net/ Frame 57D0
Redirect Chain
  • https://cs.media.net/cksync?type=g&google_gid=CAESEHaJwhN9HoK9davzUl4o34I&google_cver=1&google_push=AZmPxg8CEqpQokPi5IyNtnIjmkH6Araa34dbh5eCw_tkslTJR4B9ALCyGNiJc7gMPLrN2zVgeZrkvDLFEqKlZ7BJvwsVN7bMc...
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzA5MzgyNTI3NjgzMjIwNDAwMFYxMA%3d%3d&mn_hm=MzA5MzgyNTI3NjgzMjIwNDAwMFYxMA%3d%3d&google_sc=1&google_push=AZmPxg8CEqpQokPi5IyNtnIjmkH6Ara...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzA5MzgyNTI3NjgzMjIwNDAwMFYxMA%3d%3d&mn_hm=MzA5MzgyNTI3NjgzMjIwNDAwMFYxMA%3d%3d&google_sc=1&google_push=AZmPxg8CEqpQokPi5IyNtnIjmkH6Araa34dbh5eCw_tkslTJR4B9ALCyGNiJc7gMPLrN2zVgeZrkvDLFEqKlZ7BJvwsVN7bMcmX6mR2YFoVr0qIPBHfobSMZ_KL38B7vY5n6S5B6ktLqC13xUPY3zy18Fyg&gdpr=&gdpr_consent=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1666380925&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-jun-xin-yi-pi-sheng-chang-qi-ban-fei-xing-xue-yuan-jie-ye-you-ge-xin-tu-po.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666380923282&bpp=12&bdt=1667&idt=1810&shv=r20221019&mjsv=m202210130101&ptt=5&saldr=sa&correlator=6940085691434&frm=23&ife=1&pv=1&ga_vid=991348202.1666380925&ga_sid=1666380925&ga_hid=786545097&ga_fc=0&ga_cid=amp-HZirLDaaJ-8PWpViWbHHdQ&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=3533403246&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C31069972%2C44774605%2C44775016%2C44773747&oid=2&pvsid=746497570079959&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.8pw8mhuqgu1f&fsb=1&dtd=1826
Protocol
H3
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:35:27 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 21 Oct 2022 19:35:27 GMT
Server
Apache
P3P
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzA5MzgyNTI3NjgzMjIwNDAwMFYxMA%3d%3d&mn_hm=MzA5MzgyNTI3NjgzMjIwNDAwMFYxMA%3d%3d&google_sc=1&google_push=AZmPxg8CEqpQokPi5IyNtnIjmkH6Araa34dbh5eCw_tkslTJR4B9ALCyGNiJc7gMPLrN2zVgeZrkvDLFEqKlZ7BJvwsVN7bMcmX6mR2YFoVr0qIPBHfobSMZ_KL38B7vY5n6S5B6ktLqC13xUPY3zy18Fyg&gdpr=&gdpr_consent=
Content-Type
text/html
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
154
X-MNET-HL2
E
Expires
Fri, 21 Oct 2022 19:35:27 GMT
pixel
cm.g.doubleclick.net/ Frame 57D0
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESECnMMGLcPCYJYcav9rLpdOs&google_cver=1&google_push=AZmPxg-3VeF5Yly-SQNWbKpXD9LM1-PohUC2jpW2LYGB5zafz_U9FXqEQLPIEzRxiqoafm3YVM...
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESECnMMGLcPCYJYcav9rLpdOs&google_cver=1&google_push=AZmPxg-3VeF5Yly-SQNWbKpXD9LM1-PohUC2jpW2LYGB5zafz_U9FXqEQLPIEzRxiqoafm3YVM...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS11MHh1WWQxRTJ1R29JaUZobko5TTJDZzNyY0Q5NGk2b35B&google_push=AZmPxg-3VeF5Yly-SQNWbKpXD9LM1-PohUC2jpW2LYGB5zafz_U9FXqEQ...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS11MHh1WWQxRTJ1R29JaUZobko5TTJDZzNyY0Q5NGk2b35B&google_push=AZmPxg-3VeF5Yly-SQNWbKpXD9LM1-PohUC2jpW2LYGB5zafz_U9FXqEQLPIEzRxiqoafm3YVMeoNtF-UJ7UyHPDrqbXw-pwFsWD-m-72VLeVajRXQCRjJo8SMrdAs_K0IWujRus7SolXaLsXJI-BJM2Fvj2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1666380925&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-jun-xin-yi-pi-sheng-chang-qi-ban-fei-xing-xue-yuan-jie-ye-you-ge-xin-tu-po.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666380923282&bpp=12&bdt=1667&idt=1810&shv=r20221019&mjsv=m202210130101&ptt=5&saldr=sa&correlator=6940085691434&frm=23&ife=1&pv=1&ga_vid=991348202.1666380925&ga_sid=1666380925&ga_hid=786545097&ga_fc=0&ga_cid=amp-HZirLDaaJ-8PWpViWbHHdQ&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=3533403246&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C31069972%2C44774605%2C44775016%2C44773747&oid=2&pvsid=746497570079959&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.8pw8mhuqgu1f&fsb=1&dtd=1826
Protocol
H3
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:35:27 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS11MHh1WWQxRTJ1R29JaUZobko5TTJDZzNyY0Q5NGk2b35B&google_push=AZmPxg-3VeF5Yly-SQNWbKpXD9LM1-PohUC2jpW2LYGB5zafz_U9FXqEQLPIEzRxiqoafm3YVMeoNtF-UJ7UyHPDrqbXw-pwFsWD-m-72VLeVajRXQCRjJo8SMrdAs_K0IWujRus7SolXaLsXJI-BJM2Fvj2
date
Fri, 21 Oct 2022 19:35:27 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
attr
cm.g.doubleclick.net/pixel/ Frame 57D0 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KlWZW9cfrmgM_UK_h9C2E8bBMgou6oenlLFVU3MYyKi4zMK7rmwVPyXIOnF74OMkbQgIcUHw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1666380925&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-jun-xin-yi-pi-sheng-chang-qi-ban-fei-xing-xue-yuan-jie-ye-you-ge-xin-tu-po.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666380923282&bpp=12&bdt=1667&idt=1810&shv=r20221019&mjsv=m202210130101&ptt=5&saldr=sa&correlator=6940085691434&frm=23&ife=1&pv=1&ga_vid=991348202.1666380925&ga_sid=1666380925&ga_hid=786545097&ga_fc=0&ga_cid=amp-HZirLDaaJ-8PWpViWbHHdQ&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=3533403246&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C31069972%2C44774605%2C44775016%2C44773747&oid=2&pvsid=746497570079959&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.8pw8mhuqgu1f&fsb=1&dtd=1826
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:35:26 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
js
www.googletagmanager.com/gtag/ 		219 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
fed06c1400cc3a474a7faf63e6c8d1777e69d96c2797ef3553a5fee2a0d22f30
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:35:27 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
77860
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 21 Oct 2022 19:35:27 GMT
log
aplogger.adpushup.com/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://aplogger.adpushup.com/log?event=linkPreview_failed_JSONRequest&data=eyJzaXRlSWQiOjQyNzUzLCJ1cmwiOiIvYS9oYWktanVuLXhpbi15aS1waS1zaGVuZy1jaGFuZy1xaS1iYW4tZmVpLXhpbmcteHVlLXl1YW4tamllLXllLXlvdS1nZS14aW4tdHUtcG8uaHRtbCIsInRpbWUiOjE2NjYzODA5MjY4MTZ9
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.211.156.162 Mumbai, India, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:35:27 GMT
server
nginx/1.14.0 (Ubuntu)
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame F9E1 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
2463
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 21 Oct 2022 18:54:23 GMT
expires
Sat, 21 Oct 2023 18:54:23 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 9C38 		783 B
1002 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f99.1e100.net
Software
GSE /
Resource Hash
e6847141df7f757562d3f101846b5ae90afba1d62b9c9b72c90cc9b82f2de64c
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-hcRcG4SRvMGM2T_xkjHBaQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-hcRcG4SRvMGM2T_xkjHBaQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 21 Oct 2022 19:35:27 GMT
expires
Fri, 21 Oct 2022 19:35:27 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4B1B 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
2463
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 21 Oct 2022 18:54:23 GMT
expires
Sat, 21 Oct 2023 18:54:23 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 59FE 		783 B
740 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f99.1e100.net
Software
GSE /
Resource Hash
a281705044bd22ec622b7eca6581587c6fd9aa238deb788ac5cc3ebb6de436d3
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-JbLxI3geP_UybBn0ZwKxJg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-JbLxI3geP_UybBn0ZwKxJg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 21 Oct 2022 19:35:27 GMT
expires
Fri, 21 Oct 2022 19:35:27 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame ED89 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
189423
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 19 Oct 2022 14:58:24 GMT
expires
Thu, 19 Oct 2023 14:58:24 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 6ADF 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
189423
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 19 Oct 2022 14:58:24 GMT
expires
Thu, 19 Oct 2023 14:58:24 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
index.html
s0.2mdn.net/sadbundle/15194225437936141310/ Frame BF8C 		105 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/15194225437936141310/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f148.1e100.net
Software
sffe /
Resource Hash
a22fc455e0d3e4665ac22b063ab3ca326c2ac4d9a1b251d0a9e7dafb7cc3e6d0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Fri, 21 Oct 2022 19:35:27 GMT
expires
Sat, 21 Oct 2023 19:35:27 GMT
last-modified
Tue, 16 Aug 2022 23:39:57 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame C9E6 		0
256 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssISvhwqE3dBEx7MSI6hUrsnZbusdw0zY5ovM4wxeCtq8vkSsb8h4rakbsllk_E56Bpooj3B0izXPeBs1vL3AYM7CqH44vXU1VOnIK5sOeVkeO7_da096xVeDMqDaDRLvZFVpV7zAcyKjY9H8wGBjoPu4DBQAoCXpNmpJMSMlrzvtbMmKP95xRB1-CzBCbwOQCAlmrUTKnLTz-IKaK3aFWWQQ5KxvCpr3zKM79qmgCwaam26T5ex9JKPtUxxpu4uN8BE3TD5Vmu1e9inVHVCQTsnB6iCJW9w9rVz6wXkreUph6fULMHYwaH8ll7JFeqR7vpE5QMljQw3dOSBCwwc4QB2yoFcAkf4HJ34Hx4YpL7A-Vu4UcWnPDonhQaUXhUANOFQEfAbMtIqja6j-M_C2IJ6bJFQ8DEPLCBroanAQmmk3gd1d0s8hdm89byJJxuQfb2TX6t-0oIjI4sFDaS4Uq8zXpulBgZXrCB9jmRXffu896Su62w1cjCmXWxSk5MiXgl-fHaThouUVRnq3x5w1yki2Y_egZdTtKWGQ-3kiCAkpRIDjkiN84DjF6UOYUkZM3EPUTB2JQ2wFnZf73wK6Hol46Xr3UzGmeJDb9VX2yfPmni9VMIBzNKzvzX_M9BsKDTSEFzqoXPThzjH7uJx2LxXVElfzfIj7NSK3tiIxktEqiKiOy_-qUPTThC2ip4hb2Y_glrny3PWT-jo6l4isDpsp8EAL7LmmUSBAho1nmKtbHRrv4NzkAqao0BYEZ5cl8UVgPzkGHqJDHrSzw77CcSFcUM74XCa2tfnHx0YFEfjkPBjJ6mFb2FLj9yXyRk3BYwhRedm6XGAxHPNharO3rXl7bBaJ7lDpJ3G0MEydDI4KGPhCEtDalaNGxcFjdP6xK_fq2MLsM8YRepjQ7ELNhibunHd0LgDD8OhMndjnjm4ODxm1nyuf683QSw-pfFd0rgGFrxOFwJcPZFSR2aYnkQOXNeIv8QMZzdiQs7VzbSRwEEXDDusuxi_bDd06PzLOWkjDekvKT4stg1aJn9r-QqjZy-ngJe1FdYtNjmyjtR077TWoi_6j6_-xhYJc2voyA3gioT7lXOoE85TrKIacFXyBkKSLlTvr6n_-_-KcLEAEedouEIrj0_xUvGf6sZbJQqUkWJb796pnyr2UgcZVjyao0umW6xSpQb3lezua--SrF46XDOoUfcWkSG70ds1utnWQoJ8yHAl_EiOvDVw838WiHHMiYZELI2&sai=AMfl-YSeTHnZeGlaSMNHfm-DVzE9LcST3MhoeWcLJgffVFF21fmDK5DVcgRuh5oL-zcjv4vDy_x8DWSs4QC-MBlCb1VPghZ7cBGOjR6JqdI02hk6ZccF7ZAuVrtvOs8N4IL2p8wB928vX3NMrWSA0Wen-v1W17s5IGSaAl-otuDUh8vfSS4pZrMBNff2_kAjmmYA37fpxWWgL-4Ok1NxO0Y&sig=Cg0ArKJSzASB1RjAOuuVEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=841&cbvp=1&cstd=837&cisv=r20221019.22876&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-jun-xin-yi-pi-sheng-chang-qi-ban-fei-xing-xue-yuan-jie-ye-you-ge-xin-tu-po.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 21 Oct 2022 19:35:27 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
integrator.js
adservice.google.com.au/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:35:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:35:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		165 KB
42 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2331321163313916&correlator=1583513013704487&eid=31068457%2C31070117&output=ldjh&gdfp_req=1&vrg=2022101801&ptt=17&impl=fifs&iu_parts=103512698%3A22574853003%2C22477626096%2C22479095528%2C22579309510&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3&prev_iu_szs=320x50%7C728x250%7C728x90%7C690x90%7C690x250%7C675x90%7C675x250%7C670x90%7C670x250%7C650x90%7C650x250%7C650x150%7C630x90%7C630x250%7C602x100%7C600x90%7C600x250%7C580x90%7C570x90%7C550x150%7C468x60%7C320x50%7C320x100%7C300x50%7C300x100%7C300x75%7C300x250%7C250x250%7C200x200%2C320x50%7C728x90%7C690x90%7C675x90%7C670x90%7C650x90%7C630x90%7C600x90%7C580x90%7C570x90%7C468x60%7C320x50%7C300x50%7C300x75%2C320x50%7C120x600&fluid=height%2Cheight%2Cheight&ifi=1&adks=1420297610%2C2857874404%2C4082231052&sfv=1-0-38&prev_scp=adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26refreshcount%3D0%26refreshrate%3D30%26hb_ap_format%3Dbanner%26hb_ap_pb%3D0.06%26hb_ap_adid%3D743ad233c5ec6bd%26hb_ap_bidder%3Dappnexus%7Cadpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26refreshcount%3D0%26refreshrate%3D30%7Cadpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26refreshcount%3D0%26refreshrate%3D30%26hb_ap_format%3Dbanner%26hb_ap_pb%3D0.00%26hb_ap_adid%3D75b5bfe8cc0f2ab%26hb_ap_bidder%3Dappnexus&eri=1&cust_params=da%3Dadx%26outbrain%3Dtrue&sc=1&cookie=ID%3D08798c37c58cd3ec-2230270a43b4007c%3AT%3D1666380925%3ART%3D1666380925%3AS%3DALNI_MavnulzBKsoOQ5XfLTNM7QQPj3RDg&gpic=UID%3D00000b6890e0b8df%3AT%3D1666380925%3ART%3D1666380925%3AS%3DALNI_MZKHonCvIprHGydGlOIg6pEVH02hA&arp=1&abxe=1&dt=1666380927049&lmt=1666380927&dlt=1666380920449&idt=5310&adxs=236%2C436%2C5&adys=60%2C1110%2C300&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0&ucis=1%7C2%7C3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-jun-xin-yi-pi-sheng-chang-qi-ban-fei-xing-xue-yuan-jie-ye-you-ge-xin-tu-po.html&frm=20&vis=1&psz=728x-1%7C728x-1%7C120x-1&msz=728x-1%7C728x-1%7C120x-1&fws=4%2C516%2C516&ohw=728%2C1600%2C1600&ga_vid=577634872.1666380927&ga_sid=1666380927&ga_hid=7105&ga_fc=false&ga_cid=amp-HZirLDaaJ-8PWpViWbHHdQ
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
cafe /
Resource Hash
1565e86901dcdf16855f1391694c60dec54949ab61e7043e1672d73c96a9cac3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:35:27 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43025
x-xss-protection
0
google-lineitem-id
5221734842,-1,-1
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138294466384,-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
4d6f72d0e14a2586548118fd7cc8457d.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame A76B 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://4d6f72d0e14a2586548118fd7cc8457d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 21 Oct 2022 19:35:27 GMT
expires
Sat, 21 Oct 2023 19:35:27 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
uorw1Q15Z41enm5ok1wjUR_2roEciA9rCBWFXmlrAj4.js
pagead2.googlesyndication.com/bg/ Frame F9E1 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/uorw1Q15Z41enm5ok1wjUR_2roEciA9rCBWFXmlrAj4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
sffe /
Resource Hash
ba8af0d50d79678d5e9e6e68935c23511ff6ae811c880f6b0815855e696b023e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 20:06:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
170940
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15900
x-xss-protection
0
last-modified
Tue, 18 Oct 2022 15:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 19 Oct 2023 20:06:27 GMT
uorw1Q15Z41enm5ok1wjUR_2roEciA9rCBWFXmlrAj4.js
pagead2.googlesyndication.com/bg/ Frame 4B1B 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/uorw1Q15Z41enm5ok1wjUR_2roEciA9rCBWFXmlrAj4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
sffe /
Resource Hash
ba8af0d50d79678d5e9e6e68935c23511ff6ae811c880f6b0815855e696b023e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 20:06:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
170940
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15900
x-xss-protection
0
last-modified
Tue, 18 Oct 2022 15:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 19 Oct 2023 20:06:27 GMT
index.html
s0.2mdn.net/sadbundle/15194225437936141310/ Frame D3D3 		105 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/15194225437936141310/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f148.1e100.net
Software
sffe /
Resource Hash
a22fc455e0d3e4665ac22b063ab3ca326c2ac4d9a1b251d0a9e7dafb7cc3e6d0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Fri, 21 Oct 2022 19:35:27 GMT
expires
Sat, 21 Oct 2023 19:35:27 GMT
last-modified
Tue, 16 Aug 2022 23:39:57 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 4A48 		0
55 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss43WVxekLv9YQktFPGXvsZlS9uUNKf_1dq6wDNYgnk9a0Z8OoycEvnEBryOf4iyKhMd4VwWx5l3fyJxnXk9Cdu9ZBvAs_qs9pvlKuXd80xC1jtOMEwbZM_UsPEQ04qQ-7P71hj85BtzQl21Zr49zzP3AfyvHE8pLpLgmQEsKCZnQZ7Fr0DaKbxCfDtyMgKqkB812ccJdO-5_4TweQYes53yCGXpsa5JX6jREMFM2f-jc9CyUMFay6qOPJPR-yhsAKH_g4mLcs_lAcgROPt65IKc1KhvDIJRy2NwagYTr1KZpucJyfNrllmbatNJnJwBuD9LxxCNZfGEoB_prid4smunxE46N_uslZ1es-va4h5WmQOTmCJA431ctzsEmhXuBgPuncm4JQqr5PY-9srD8AToScanWCCnzhdk9DD90HHFVYreGBTupURcy-nPmrraHwsW_coIZqVtFNRSWgsSS4vftIzwmIBU_aaLGhOeUCrMKamBZO6_pgkM925v2XcFKbKENaeQX-fZf_TcSrvFg5xkz8FZtjyZo7U6d7nr_vkS4Pt_h5f3D_ZCfo0UczFHFH8L1KXPIit230CTgciL3Xgb6wZE6J3Cg7Ni75mR-1yw1EeO3Nl2WunZo-EtgKinjfcbkCqgCBYUT_G9TuG92VEwS81qyW9RaWwGiHhp3F5_fIQNKDqT9AHmFw4jI5nMtWvKpaosUNyk6dlI6_Cj27lr4kyBl-UYVfriyDXXMWwo1u2Wvmc67E8iDlB5wSo1janilgdyl8vsPLIC18Ltm5BmkFA9mJ3jDO1WS-ifSUecB_ukpio0V5tUXtIk6U-g-LAcUHpIm7q0U2CU4cceMbSIoDi2ZveG5VjRDC6ceOZqq1yQxEAt166txvGRWtg1Z3Hiyfufono6IdbFPyC-uXE8EUDdHXFEj51cUE8jpb2SBdiHchS_-aL17B3BQklysZ4MHlbNTU8HHDyKrmRrH7EJrFe0ClPGSpw4TKpgTsz8gISkPnJOInU_YXzIP652aNv3zkJVC-_DyYNvH4LAeE-l9vOFcht9vu8Cz28S_nt5HmDE1_P0L1b4dl77QicURTBXEZxAF5HGIH9n9YEhopE0WXs7SX6tBBJsvpWEPzxfl4fvm2R1URbNXRu5LSzrymcNkloiMhE3d--lUSYQQel4SaOvaL_ZvudO76SVK4xdpKDuNMex-sS28lSHGVugy0V5pvPErLlFzJ01cxRFz8LtDStrGTikrXbedOFnRBy5HM&sai=AMfl-YSbUa41TYTit88BaLiSa8EXQ9ONGmEGhcXWoCxlhPdnmKdR7uRoU2Pr3QJIHKJ-3E1SCfjYRkIZKPy3NfiTk8VSfwfgdqEz3uWDRrv9gbGQv400DxpWPMp5Y7l0tcicON2YqVOlRnT0oDHnOTDWAbr4AI-hws61sGYuiX8ItaG26VTT1K4tat8vl9wldUVBkdajHRFSmKqFQfQUK4g&sig=Cg0ArKJSzGHyMzdLhrVzEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=946&cbvp=1&cstd=943&cisv=r20221019.45347&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-jun-xin-yi-pi-sheng-chang-qi-ban-fei-xing-xue-yuan-jie-ye-you-ge-xin-tu-po.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 21 Oct 2022 19:35:27 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
uorw1Q15Z41enm5ok1wjUR_2roEciA9rCBWFXmlrAj4.js
pagead2.googlesyndication.com/bg/ Frame ED89 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/uorw1Q15Z41enm5ok1wjUR_2roEciA9rCBWFXmlrAj4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
sffe /
Resource Hash
ba8af0d50d79678d5e9e6e68935c23511ff6ae811c880f6b0815855e696b023e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 20:06:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
170940
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15900
x-xss-protection
0
last-modified
Tue, 18 Oct 2022 15:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 19 Oct 2023 20:06:27 GMT
uorw1Q15Z41enm5ok1wjUR_2roEciA9rCBWFXmlrAj4.js
pagead2.googlesyndication.com/bg/ Frame 6ADF 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/uorw1Q15Z41enm5ok1wjUR_2roEciA9rCBWFXmlrAj4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
sffe /
Resource Hash
ba8af0d50d79678d5e9e6e68935c23511ff6ae811c880f6b0815855e696b023e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 20:06:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
170940
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15900
x-xss-protection
0
last-modified
Tue, 18 Oct 2022 15:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 19 Oct 2023 20:06:27 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 9C38 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022101801&jk=2352701535788158&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-jun-xin-yi-pi-sheng-chang-qi-ban-fei-xing-xue-yuan-jie-ye-you-ge-xin-tu-po.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 59FE 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022101901&jk=116958584231556&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-jun-xin-yi-pi-sheng-chang-qi-ban-fei-xing-xue-yuan-jie-ye-you-ge-xin-tu-po.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame F9E1 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?im6Leg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-jun-xin-yi-pi-sheng-chang-qi-ban-fei-xing-xue-yuan-jie-ye-you-ge-xin-tu-po.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:35:27 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
generate_204
tpc.googlesyndication.com/ Frame 4B1B 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?qLJ4zg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-jun-xin-yi-pi-sheng-chang-qi-ban-fei-xing-xue-yuan-jie-ye-you-ge-xin-tu-po.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:35:27 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
pixel;r=769260015;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-jun-xin-yi-pi-sheng-chang-qi-ban-fei-xing-xue-yuan-jie-ye-you-ge-xin-tu-po.html;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33b...
pixel.quantserve.com/ 		35 B
372 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=769260015;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-jun-xin-yi-pi-sheng-chang-qi-ban-fei-xing-xue-yuan-jie-ye-you-ge-xin-tu-po.html;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=1;fpa=P0-1672687719-1666380927554;pbc=90c86acd-b13a-43fb-a859-3ae20d2f390c;ns=0;ce=1;qjs=1;qv=7a1cba14-20221011131736;cm=;gdpr=0;ref=;d=bg3.co;dst=0;et=1666380927554;tzo=0;ogl=;ses=767b8201-000e-4d61-9174-ddd0851b9982
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-jun-xin-yi-pi-sheng-chang-qi-ban-fei-xing-xue-yuan-jie-ye-you-ge-xin-tu-po.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.229.10.211 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:35:27 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 6FF7 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvfT6-BUUCnWGiDxr730s6_g9UURrxYnbzDWg4I8k0ep2ufhP1Y431ZcVKQJ60MD27dUWX9J0nb2ij7x_tTsJB5nFzUZwulCiq6t2MtjELofuRByXsfTYahBX8CfD05GNR44ohsKTxYg6Zt4NMYN4EbfhsTMTax9SSAedjuLoPMfj9A7MQWSJUKH9gac9hymlinoQ4mnqFw5v46GGiNGOvWL0IDw0XOHR6SjSRFWIlSGbQcQEL1Skzats38EJFkeNVbUlW9AXeWgziH7cCej7aH-9Fuku3gDmsaNhxZLiudhBvlovbyujAPr5FN&sai=AMfl-YS4cV92VQ-BbQ71NJAgTaPMfMSGKBM9NypH7rBu4laHPrZZBqWsrchdin_JQZPD5baCoDtBJuLbr_nJJAZkvfnJjRmMhUMMV3KUVblD9OEz7gOcavRZBkBpXk3R-Vsj&sig=Cg0ArKJSzHhshKJcAtm_EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-jun-xin-yi-pi-sheng-chang-qi-ban-fei-xing-xue-yuan-jie-ye-you-ge-xin-tu-po.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:35:27 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
placement.js
displayf-tm.everesttech.net/feed/ Frame 6FF7 		21 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://displayf-tm.everesttech.net/feed/placement.js?id=hnv92jmlYKlXCcdNwYv2&preview=0&tm_auction_id=2033177727147589838.3843878600110830905&price=0.08&a=1&site_id=Ob1VXBcfZdjnlVjOeJ7f&tm_os_group=windows&tm_mobile_app_type=&tm_device_group=unknown&tm_device_model=&bi=B0982Yz394Jy1ttN1CTWAIvGF-2Yo8UUq2jZLTb2k2Jda78KAGGuEfZEj3FUVzPu0Wa8yLuR8S7dO42jX4YW8icEZz5f4IdWsC_O8FKDKGlzT81L9Bahjc8YoRrAwLpnHCJynS6c_taNxSYQ-Pc6wioMIIU6FBKrQVAI-p2UhPmoOAPRcOt17Vyiud731ZCExpsqCPkRC1v0WE-h9xZLlBLhA5JirXXx93K0BzmqyVwSkM&id=I5GLwcZkBqWgaO9IIcO5&site_id=Ob1VXBcfZdjnlVjOeJ7f&tm_auction_id=2033177727147589838.3843878600110830905&rand=-8919240158493815073&page_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-jun-xin-yi-pi-sheng-chang-qi-ban-fei-xing-xue-yuan-jie-ye-you-ge-xin-tu-po.html&seller_id=11901&tm_user_agent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F89.0.4389.72+Safari%2F537.36&pt=imp&q=H4sIAAAAAAAAAGWRz0_TcBjGabsNWEwky0gMXsoubsR23_5u4aAbG6yyX9CxMS6ma7_dyrq2tJ0beDFEPXjkSPQfkMQYToL_gBfjDWO8ezAxUY6crKJefA_Pm7zJ58mb55n-9P7hh_rJ7Ons_pPzx3NPo_GFYM-FZNdxuhZUXdMnNWeQ7Zi6Dj0ypyvQewC9Dbg7hH6Q-Bi58fxtNJWUudXySNvu53dbXbUmybJW49Kvjl8gdLLYHtKlwGkMaa004jYEsSjY4uvzz8fX88m1IdduCy5Yzw3WextM32Op7iHiVZx907LULEcCPN0ybd0Z-Xi1gVOABEt4eODZJXzMsxk857oWbMHOmhlkOUYgGR5Pr5UalfJt3DL7EF-FWt_J4Ms9zxnArCiRgGSZcAk0rqiG6pl_qCME1ygDajoPWV3qGBQfCquLkiGqmqZByOlnyC0aMAwlCAItUKzAiZLIiCQjhoaCyANAUUBkgAS4rwgxdfqNTiRrHaq5ldeMbX3Htpo7NXhPMOZinS4TRopj0sTv-X7nAolSlASoSyRZKZSLssXuyjpXpHsVbblEsQfoDAx6jg94wvUcnXA8-hCd8YIOcVUKYZieH7xEI74ZwBN0cmj3bWdkv0ORCzQd_49NxK6w1DWGBIRSzdWVUq1xiU7Go3DsWsEBVoxPqa5rw_HQn3n0IzKHbSqF1C_J_P14ETMHbv7mSphqcRxAz1atumdqcNkdFJywOc-vTz_DJo6wf0ZnGBFHc5sJrKq0UjFlT7fh3kKEBhRHx1Y2y2W5vhiv5LYqcrVwv0nfRebns28SX1Yy7Z8D1jesoAIAAA**&q=H4sIAAAAAAAAAAGYAGf_Cc1iLgf3VxryFTQxzr8afwoqdHlwZS5nb29nbGVhcGlzLmNvbS9iaWRkZXIuQWRTZXJ2ZXJSZXF1ZXN0ElEYxZ0LIhRobnY5MmptbFlLbFhDY2ROd1l2Miiuq50BMhRFWXUySHRvVHUyY0h3NVI3OEU3bjiw1turD0IUS3U1WVk3cDBRQW1RaFIza3I0MWchCHiA2aTgQe-lUjoRmAAAAA**
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
adobe /
Resource Hash
c65b0337ee76472a1fbc1adf89bf03f91d33a27a05cf505c3aec6124b48323cd

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-served-by
cache-syd10151-SYD
date
Fri, 21 Oct 2022 19:35:28 GMT
content-encoding
gzip
via
1.1 varnish
x-pt
P=2260 0=0
server
adobe
x-timer
S1666380928.951555,VS0,VE98
x-failover
none
x-cache
MISS
access-control-allow-origin
*
vary
Accept-Encoding, User-Agent
access-control-allow-credentials
true
x-region
APAC
accept-ranges
bytes
x-cache-hits
0
trk.js
cdn.adnxs.com/v/s/229/ Frame 6FF7 		85 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/229/trk.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
1f848d12e0c73ffe76cce049dd372c19fd257214e8ec43be66bd27a4d335837f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Expires
Thu, 05 Oct 2023 09:41:59 GMT
Date
Fri, 21 Oct 2022 19:35:27 GMT
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Age
1418008
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
29365
X-Served-By
cache-lga21966-LGA, cache-syd10120-SYD
Last-Modified
Wed, 05 Oct 2022 09:41:41 GMT
Server
AkamaiNetStorage
X-Timer
S1666380928.950027,VS0,VE0
ETag
"e4a20054d2e3bd70bee1fab0cc606a4f:1664962901.362129"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*, *
Cache-Control
max-age=31536000
Accept-Ranges
bytes
X-Cache-Hits
2, 612114
it
lax1-ib.adnxs.com/ Frame 6FF7 		0
819 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lax1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fwww.bg3.co%252Fa%252Fhai-jun-xin-yi-pi-sheng-chang-qi-ban-fei-xing-xue-yuan-jie-ye-you-ge-xin-tu-po.html&e=wqT_3QKNCugNBQAAAwDWAAUBCP7oy5oGELnq07qJ54ysNRgAKjYJexSuR-F6tD8RnMQgsHJosT8ZAAAAIIXrwT8hnA0SACkRJNAxAAAAQOF6lD8w8uzGCjj9XEDjHkieAVC12_i3AVi5tIoBYABotZGzAXgAgAEBigEDVVNEkgUG8IaYAdgFoAFaqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AIA4AKN6lrqAmhodHRwczovL3d3dy5iZzMuY28vYS9oYWktanVuLXhpbi15aS1waS1zaGVuZy1jaGFuZy1xaS1iYW4tZmVpLXhpbmcteHVlLXl1YW4tamllLXllLXlvdS1nZS0BPXx0dS1wby5odG1sgAMAiAMBkAMAmAMXoAMBqgObBQrcBBF-9FUDcnRiLWxiLWV2ZW50LWFkY2xvdWQtcHJvZC11cy13ZXN0LTItdG0uZXZlcmVzdHRlY2gubmV0L3J0Yi9lLnBuZz9lPXdpbiZhaWQ9MjAzMzE3NzcyNzE0NzU4OTgzOC4zODQzODc4NjAwMTEwODMwOTA1JmNwPTI1Nzc4Mzgmc2xvdD0xJnhfcHJpY2U9JHtBVUNUSU9OX1BSSUNFfSZldHM9MTY2NjM4MDkyNjMzMyZ0ej1BbWVyaWNhJTJGTG9zX0FuZ2VsZXMmc291cmNlPWFwcG5leHVzJmZjPTMmZmNpPTEmY291bnRyeT1BVSZyZWdpb249TlNXJm1jPTQ4JmFwPTAmdXQ9MCZ2aXM9VU5LTk9XTiZzaXRlPU9iMVZYQmNmWmRqbmxWak9lSjdmJmJwPTgwMDAwJmN1cnI9VVNEJmV4cj0xLjAmZmlkPUk1R0x3Y1prQnFXZ2FPOUlJY081JmM9NDExODIxMTM3NiZjY3Vycj1VU0QmY3V4cj0xLjAmYT00NjE0MjgmY2E9NzIzNzIwJnN0PURJU1BMQVkmc2g9MTAwJnN3PTMwMCZyaWQ9MTg4Jm1wPTI0OSZwc2s9T2IxVlhCY2ZaZGpubFZqT2VKN2YmY2ZjPTAmY2ZjaT0wJmR1cj0tMSZjaXR5aWQ9NjEmbWV0cm9pZD0tMSZjb3VudHJ5aWQ9MTMmcG9zdGFsaWQ9LTEmZHVyYXRpb249MTAmdj0xJmF1dGg9SkFCb0hiRk9HM2hFRzFvbkc1ME9yUUJtVDUwJnhfcj05WDk5YWcaEzM4NDM4Nzg2MDAxMTA4MzA5MDUiCTM4NTc1NjU5NyoEMzkzOToUTi4yNTc3ODM4LjQxMTgyMTEzNzbAA6wCyAMA2AP0wMQB4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDzE3My4yNDUuMjA5LjEzMKgEALIEEAgAEAQY2AUg-gEoATAAOAK4BADABADIBADaBAIIAeAEAfAEtdv4twGIBQGYBQCgBc6B-f7ti9ObHMAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQDgBQHwBaPARfoFBAgAEACQBgCYBgC4BgDBBgAAAAAAAPA_2gYWChAAAAAAAAABNAkB8EYQABgA4AYB8gYCCACABwGIBwCgBwGqBxRNRExFSWw0cUlkNUUyaE1jQ0gxNLoHDwgAEAAYACAAMAA4iAFAAMgHANIHDQkAABlNCNoHBgklaOAHAOoHAggA8AeY0AqKCAIQAJUIAACAP5gIAQ..&s=3dc46d1d374d53e0073c42d34589f71e303e0d2b
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.148.251 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
893.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 21 Oct 2022 19:35:28 GMT
AN-X-Request-Uuid
d6fc577d-12db-4c11-a176-af505710e776
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
173.245.209.130; 173.245.209.130; 893.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6FF7 		152 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f155.1e100.net
Software
sffe /
Resource Hash
66acb48e5d896c024b5ce7003d0375794e4a6603e8454e902ea448db160884d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:35:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47476
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1666179788250400"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 21 Oct 2022 19:35:28 GMT
aphb
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb?data=eyJzaXRlSWQiOjQyNzUzLCJ1cmwiOiJodHRwczovL3d3dy5iZzMuY28vYS9oYWktanVuLXhpbi15aS1waS1zaGVuZy1jaGFuZy1xaS1iYW4tZmVpLXhpbmcteHVlLXl1YW4tamllLXllLXlvdS1nZS14aW4tdHUtcG8uaHRtbCIsInNpdGVEb21haW4iOiJodHRwczovL2JnMy5jby8iLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJwYWNrZXRJZCI6IjAwMDBBNzAxLTI0N2MyNmVkLTUyNDUtNDY3MC1iNzA5LTkzYWY4NDNhN2ZlNyIsImJpZHMiOlt7ImJpZGRlciI6ImFwcG5leHVzIiwicmV2ZW51ZSI6MC4wMDAwNjgsInJlc3BvbnNlVGltZSI6MTE3MSwibmV0d29ya1JlbGF0aW9uIjoxfV0sIm1vZGUiOjEsImVycm9yQ29kZSI6MSwid2lubmVyIjoiYXBwbmV4dXMiLCJ3aW5uZXJOZXR3b3JrUmVsYXRpb24iOjEsIndpbm5pbmdSZXZlbnVlIjowLjAwMDA2OCwid2lubmVyQWRVbml0SWQiOiI3NDNhZDIzM2M1ZWM2YmQiLCJ0aW1lZE91dEJpZGRlcnMiOltdLCJzZXJ2aWNlcyI6WzEsM10sInNlY3Rpb25JZCI6Ijc3YTljMjJmLWFjMDItNDVkZC05NmJjLWIwODk2YThhN2Q1YSIsInNlY3Rpb25OYW1lIjoiQVBfTF9EX0FSVElDTEVfNzI4WDI1MF83N2E5YyIsImZvcm1hdFR5cGUiOiJiYW5uZXIiLCJyZWZyZXNoQ291bnQiOjAsInBsYWNlbWVudCI6MSwicmVuZGVyZWRBZFNpemUiOiI3Mjh4OTAiLCJwcmViaWRBdWN0aW9uSWQiOiJhMGNjN2U3Ny05YjJkLTQwMDQtYjU0Ni03ZmQxNDNjNmYwZDYiLCJoZWFkZXJCaWRkaW5nVHlwZSI6MX0%3D&c_b=8654.699999809265
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-jun-xin-yi-pi-sheng-chang-qi-ban-fei-xing-xue-yuan-jie-ye-you-ge-xin-tu-po.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:35:27 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
container.html
4d6f72d0e14a2586548118fd7cc8457d.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame EC58 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://4d6f72d0e14a2586548118fd7cc8457d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 21 Oct 2022 19:35:27 GMT
expires
Sat, 21 Oct 2023 19:35:27 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
4d6f72d0e14a2586548118fd7cc8457d.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2750 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://4d6f72d0e14a2586548118fd7cc8457d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 21 Oct 2022 19:35:27 GMT
expires
Sat, 21 Oct 2023 19:35:27 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
DcmEnabler_01_247.js
s0.2mdn.net/879366/ Frame BF8C 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/DcmEnabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15194225437936141310/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f148.1e100.net
Software
sffe /
Resource Hash
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15194225437936141310/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 01:03:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
66690
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10136
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 22 Oct 2022 01:03:57 GMT
DcmEnabler_01_247.js
s0.2mdn.net/879366/ Frame D3D3 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/DcmEnabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15194225437936141310/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f148.1e100.net
Software
sffe /
Resource Hash
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15194225437936141310/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 01:03:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
66690
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10136
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 22 Oct 2022 01:03:57 GMT
collect
www.google-analytics.com/g/ 		0
106 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=2oeaj0&_p=7105&cid=577634872.1666380927&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1666380927&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-jun-xin-yi-pi-sheng-chang-qi-ban-fei-xing-xue-yuan-jie-ye-you-ge-xin-tu-po.html&dt=%E6%B5%B7%E8%BB%8D%E6%96%B0%E4%B8%80%E6%89%B9%E7%94%9F%E9%95%B7%E6%9C%9F%E7%8F%AD%E9%A3%9B%E8%A1%8C%E5%AD%B8%E5%93%A1%E7%B5%90%E6%A5%AD%EF%BC%8C%E6%9C%89%E5%80%8B%E6%96%B0%E7%AA%81%E7%A0%B4%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_fv=1&_ss=1&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_success
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f113.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:35:28 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame ED89 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B7ap8fvRSY4vbAobmowOPs6eQBwAAAAA4AeAEAg&bg=!kZKlktbNAAaaxvStusY7ACkAdvg8WgqFMCWw5GTqfA2sw0aYjl-x-ExV_Ri1bSDYjPGXPxat6wyEZQIAAAEsUgAAAAJoAQeZAwPU33PIb3LeIA558jFjbjKgEdCnAycXMz2r6mOE9wSdSxcgkatreKNrmej4qqBDNbSW7QIHxybjt4f1zHwHqoFiwedv_eGjIXTq0TwZhlmUzVXZ0jTuKqxkiZeO5vPVXc4pN8Tzvj7CasXROlbPIgB07Ywo2QwuYjqlbEBIxdvONWILYHSfz4xpj8A3VHJl6H1bWg2gNOU-NWeAFUI17dR1L5iZJ83JhzdRuzTElJuNlMFlW0RzeH-VCLMsE1l9GkwQH5SVoyKPrfy9mJv_DovVJcIbnE8OqWv_g2bEqwLLnMmRLgnLg8rN7SgbFbwwHMbxE4_VI62-PMaSVhmsmRdCNvm_gcKjK2BuyxqS3_o97FJUpvgirv6r4iZ1ku8i4jOTKZbwgk-O1B0cIpgloSeKOgI_w6qyX6bKzorOSkZ73bfAeg9nQwwCyY8H2NWnQPsVsFOEpsI-c6rvXG3q3a20myvZKCyWxx1TmFCRX2mtbPGTRyANeAX6z2UstnCeEoFxXguJGwJVtj9NVo5uzmlPKcgnS-1YwGIPG1TrBfhERufe1DLZLltAG_gBKaT7_9UuQHvq8zSIl8L25d5Dz3aT2gKj0Z2zuyuBn4y2Su6pxbs2VZ4U5uK3uaM-NecAFgFt2dhesDCl1n9Zy4M98nS1UwQvUIL82m_V-EgdhpCD-gid-cCzVP9CdWSRb_EFni3B3QNgbofVlhleFB5-5OpqrbKcFWCoM_1xkXGNyVHu1UhmcmHxBis-pxRFPqemP4B0FRzSu8yACGG6H_96_c9GjEFZENKAdDHtQvW0F2i-lsF1MHzYFalm-ODV-UVnnecRgtCYCukCvtvNoXvXKYUGtecGzWnkBh1m-XxqHVcH8uk8ZVWZMYzB-pExVrrZfo4Uz5IcJuEgXEHfLhbmk4ZnEfEyvkgEzOU2L-mSSrYuW6gVxUKoP7rrmofKzwtWo3lp9Emkwf920UJlbcnCQCpUoxUqgT11pFng8jFiHrzZr8lKB4uFbzDis9R_4IyjTZGpj24
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1666380924&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-jun-xin-yi-pi-sheng-chang-qi-ban-fei-xing-xue-yuan-jie-ye-you-ge-xin-tu-po.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666380923199&bpp=13&bdt=1569&idt=1785&shv=r20221019&mjsv=m202210130101&ptt=5&saldr=sa&correlator=6940085691434&frm=23&ife=1&pv=2&ga_vid=132312058.1666380925&ga_sid=1666380925&ga_hid=1805836802&ga_fc=0&ga_cid=amp-HZirLDaaJ-8PWpViWbHHdQ&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=856&biw=1600&bih=1200&isw=336&ish=280&ifk=3312327010&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C44775017%2C31060049&oid=2&pvsid=2672479170510720&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.oqtxlyn13en9&fsb=1&dtd=1805
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:35:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6ADF 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B5JSafvRSY9fmBKeT1AbN17SwAQAAAAA4AeAEAg&bg=!2Nul25_NAAaaxvStusY7ACkAdvg8WireqlPqVhqLYoZwftAYS0gRtzbOIPfnUssIHj7h9yAGWTDKkAIAAAEJUgAAAAJoAQeZAv0DslZToxSotbyimOJXkLSp0vOtVZKMBEPOOD1Uvr5sqtZpOui90jgqosvhx-KqjzGzIB5tErBov_nYqLYUF_9pl_po1k9jVwd5MAfhcwzd2lUXpplpxubkoTCkH7Yz9VCmxLLCT4WTf1KiFTo2Ty-0OPSwAjHbwLA3rsSR4uBGJ0vGHiyFPWKus_TfJ3bQzwDEk6kljAoX4IFlXKQ7Iuq4bYwoFd2oIrLiO2Bu1kFN7nd-PFFFGntJZSW-zmexyL7COAspxCJyrKw1-ekNtzIQXgWCnwNbIolYXcrs5b6HyueDoTaOOMiKR4HZ3_dP_a50hBKmsLdrlA3sM3WATdF4AATxy3knOa9SoicMAAuNoXLMdWOYIhm-USSxp7gV8vgGC01YWp-07XKlmrZlcXyoV7FPf_kbP68aQRF_ChuEPwIojMXl33HlRpsE5CYVBldo-zAWwOJ7AmzL6QlnFjDf0V53-io47RNBq6EGvmiiHhLCylSV6mYxYRzFGThaJeEi5RvVbHZIZP29Eq8pOeEPTlXJ494xIYr2UqrVHldu5T6Jg-FygTyZ4HK4dqtqGQQrfCnd3qVZLT4_BCA7NgozYwXlgVv13QrgZSwPKEkiDa54e2rlKEsdCOuEy50iRF1VIR6eHlwiFqhYSTI2O8Z4nh2d0iZ8dDVGF2-4NE8q-Iz4nUs3cM4GzWjS4NsolinLZ7SgMZJNM9JTTtIky5eBjyhQICzdBDekKiW0zSlAySEfN1TxUtdd61FjJSkqHj2cl39HqEBPxbtfQqj9HbKxERCzq3qB4Ps5xi7Vy-LweOy6bF5VjOEjJLMriGCRb8VMvld4JD1zMpJ3_WNwofDtmyIt7btJYmE3jSHZmmKxxq1Nsh6dzdz-SsyPxJMIoqw6CrTLzA3N5JfWlJ05mTFZXtozv5uA82kJw4f6H4yCM9xoE4VpwhqsnLrVxosNsqnIb64HynjGMavG-svLOwTvO61INvxGqSY0JfvWA6E2TyvO-LZjxSoqsB_vp_c
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1666380925&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-jun-xin-yi-pi-sheng-chang-qi-ban-fei-xing-xue-yuan-jie-ye-you-ge-xin-tu-po.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666380923282&bpp=12&bdt=1667&idt=1810&shv=r20221019&mjsv=m202210130101&ptt=5&saldr=sa&correlator=6940085691434&frm=23&ife=1&pv=1&ga_vid=991348202.1666380925&ga_sid=1666380925&ga_hid=786545097&ga_fc=0&ga_cid=amp-HZirLDaaJ-8PWpViWbHHdQ&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=3533403246&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C31069972%2C44774605%2C44775016%2C44773747&oid=2&pvsid=746497570079959&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.8pw8mhuqgu1f&fsb=1&dtd=1826
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:35:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame C9E6 		0
27 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssISvhwqE3dBEx7MSI6hUrsnZbusdw0zY5ovM4wxeCtq8vkSsb8h4rakbsllk_E56Bpooj3B0izXPeBs1vL3AYM7CqH44vXU1VOnIK5sOeVkeO7_da096xVeDMqDaDRLvZFVpV7zAcyKjY9H8wGBjoPu4DBQAoCXpNmpJMSMlrzvtbMmKP95xRB1-CzBCbwOQCAlmrUTKnLTz-IKaK3aFWWQQ5KxvCpr3zKM79qmgCwaam26T5ex9JKPtUxxpu4uN8BE3TD5Vmu1e9inVHVCQTsnB6iCJW9w9rVz6wXkreUph6fULMHYwaH8ll7JFeqR7vpE5QMljQw3dOSBCwwc4QB2yoFcAkf4HJ34Hx4YpL7A-Vu4UcWnPDonhQaUXhUANOFQEfAbMtIqja6j-M_C2IJ6bJFQ8DEPLCBroanAQmmk3gd1d0s8hdm89byJJxuQfb2TX6t-0oIjI4sFDaS4Uq8zXpulBgZXrCB9jmRXffu896Su62w1cjCmXWxSk5MiXgl-fHaThouUVRnq3x5w1yki2Y_egZdTtKWGQ-3kiCAkpRIDjkiN84DjF6UOYUkZM3EPUTB2JQ2wFnZf73wK6Hol46Xr3UzGmeJDb9VX2yfPmni9VMIBzNKzvzX_M9BsKDTSEFzqoXPThzjH7uJx2LxXVElfzfIj7NSK3tiIxktEqiKiOy_-qUPTThC2ip4hb2Y_glrny3PWT-jo6l4isDpsp8EAL7LmmUSBAho1nmKtbHRrv4NzkAqao0BYEZ5cl8UVgPzkGHqJDHrSzw77CcSFcUM74XCa2tfnHx0YFEfjkPBjJ6mFb2FLj9yXyRk3BYwhRedm6XGAxHPNharO3rXl7bBaJ7lDpJ3G0MEydDI4KGPhCEtDalaNGxcFjdP6xK_fq2MLsM8YRepjQ7ELNhibunHd0LgDD8OhMndjnjm4ODxm1nyuf683QSw-pfFd0rgGFrxOFwJcPZFSR2aYnkQOXNeIv8QMZzdiQs7VzbSRwEEXDDusuxi_bDd06PzLOWkjDekvKT4stg1aJn9r-QqjZy-ngJe1FdYtNjmyjtR077TWoi_6j6_-xhYJc2voyA3gioT7lXOoE85TrKIacFXyBkKSLlTvr6n_-_-KcLEAEedouEIrj0_xUvGf6sZbJQqUkWJb796pnyr2UgcZVjyao0umW6xSpQb3lezua--SrF46XDOoUfcWkSG70ds1utnWQoJ8yHAl_EiOvDVw838WiHHMiYZELI2&sai=AMfl-YSeTHnZeGlaSMNHfm-DVzE9LcST3MhoeWcLJgffVFF21fmDK5DVcgRuh5oL-zcjv4vDy_x8DWSs4QC-MBlCb1VPghZ7cBGOjR6JqdI02hk6ZccF7ZAuVrtvOs8N4IL2p8wB928vX3NMrWSA0Wen-v1W17s5IGSaAl-otuDUh8vfSS4pZrMBNff2_kAjmmYA37fpxWWgL-4Ok1NxO0Y&sig=Cg0ArKJSzASB1RjAOuuVEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1794&vt=11&dtpt=953&dett=3&cstd=837&cisv=r20221019.22876&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-jun-xin-yi-pi-sheng-chang-qi-ban-fei-xing-xue-yuan-jie-ye-you-ge-xin-tu-po.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:35:28 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 7ACF 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221019&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210130101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
766a4ae1c2dde75b07dfc2636ad893d9b09866102de3b8c8b749236b5d63b8ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:35:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11063
x-xss-protection
0
Replay.png
s0.2mdn.net/sadbundle/15194225437936141310/ Frame BF8C 		518 B
544 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/15194225437936141310/Replay.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-jun-xin-yi-pi-sheng-chang-qi-ban-fei-xing-xue-yuan-jie-ye-you-ge-xin-tu-po.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f148.1e100.net
Software
sffe /
Resource Hash
9f83dfac786ddc2fc1caf524cc26f599bf41beb09f6ec104a8919a2f0b81ed67
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15194225437936141310/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:35:28 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
518
x-xss-protection
0
last-modified
Tue, 16 Aug 2022 23:39:57 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 21 Oct 2023 19:35:28 GMT
LOGO.png
s0.2mdn.net/sadbundle/15194225437936141310/ Frame BF8C 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/15194225437936141310/LOGO.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-jun-xin-yi-pi-sheng-chang-qi-ban-fei-xing-xue-yuan-jie-ye-you-ge-xin-tu-po.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f148.1e100.net
Software
sffe /
Resource Hash
72fd305802da3df496970d7aed342cd911ea0f1f85d733e48aa7dea1292f47d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15194225437936141310/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:35:28 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5992
x-xss-protection
0
last-modified
Tue, 16 Aug 2022 23:39:57 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 21 Oct 2023 19:35:28 GMT
Text-04.png
s0.2mdn.net/sadbundle/15194225437936141310/ Frame BF8C 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/15194225437936141310/Text-04.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-jun-xin-yi-pi-sheng-chang-qi-ban-fei-xing-xue-yuan-jie-ye-you-ge-xin-tu-po.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f148.1e100.net
Software
sffe /
Resource Hash
3ff03beeeb122d5f8398574a1a72263b6d2ab17e949298892816bfdf71758819
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15194225437936141310/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:35:28 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3413
x-xss-protection
0
last-modified
Tue, 16 Aug 2022 23:39:57 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 21 Oct 2023 19:35:28 GMT
Text-03.png
s0.2mdn.net/sadbundle/15194225437936141310/ Frame BF8C 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/15194225437936141310/Text-03.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-jun-xin-yi-pi-sheng-chang-qi-ban-fei-xing-xue-yuan-jie-ye-you-ge-xin-tu-po.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f148.1e100.net
Software
sffe /
Resource Hash
5056e3a41bc800617739913c478c6e504b9b0fc3968525e6de98824437107a3a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15194225437936141310/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:35:28 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1729
x-xss-protection
0
last-modified
Tue, 16 Aug 2022 23:39:57 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 21 Oct 2023 19:35:28 GMT
Text-02.png
s0.2mdn.net/sadbundle/15194225437936141310/ Frame BF8C 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/15194225437936141310/Text-02.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-jun-xin-yi-pi-sheng-chang-qi-ban-fei-xing-xue-yuan-jie-ye-you-ge-xin-tu-po.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f148.1e100.net
Software
sffe /
Resource Hash
0ab4d6d723781eb281e8a39a304e8f0c17d907c41c62c1bdfff487030f959deb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15194225437936141310/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:35:28 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1808
x-xss-protection
0
last-modified
Tue, 16 Aug 2022 23:39:57 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 21 Oct 2023 19:35:28 GMT
Text.png
s0.2mdn.net/sadbundle/15194225437936141310/ Frame BF8C 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/15194225437936141310/Text.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-jun-xin-yi-pi-sheng-chang-qi-ban-fei-xing-xue-yuan-jie-ye-you-ge-xin-tu-po.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f148.1e100.net
Software
sffe /
Resource Hash
ca1fb699a2983a06644e63512aad064b0b32c9cf4f286cb98b19153ec42c6cfb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15194225437936141310/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:35:28 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6670
x-xss-protection
0
last-modified
Tue, 16 Aug 2022 23:39:57 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 21 Oct 2023 19:35:28 GMT
Img-03.jpg
s0.2mdn.net/sadbundle/15194225437936141310/ Frame BF8C 		72 KB
72 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/15194225437936141310/Img-03.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-jun-xin-yi-pi-sheng-chang-qi-ban-fei-xing-xue-yuan-jie-ye-you-ge-xin-tu-po.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f148.1e100.net
Software
sffe /
Resource Hash
4f6f824ff25abb1b43611e3813fe33e3641f03fc1a57366737405a3d6dd92064
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15194225437936141310/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:35:28 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
73964
x-xss-protection
0
last-modified
Tue, 16 Aug 2022 23:39:57 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 21 Oct 2023 19:35:28 GMT
Img-02.jpg
s0.2mdn.net/sadbundle/15194225437936141310/ Frame BF8C 		109 KB
109 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/15194225437936141310/Img-02.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-jun-xin-yi-pi-sheng-chang-qi-ban-fei-xing-xue-yuan-jie-ye-you-ge-xin-tu-po.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f148.1e100.net
Software
sffe /
Resource Hash
6df78d976052a9da6f359fa4cf3160afadc95c3488dbef812129f9ff9a762453
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15194225437936141310/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:35:28 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
111454
x-xss-protection
0
last-modified
Tue, 16 Aug 2022 23:39:57 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 21 Oct 2023 19:35:28 GMT
Img-01.jpg
s0.2mdn.net/sadbundle/15194225437936141310/ Frame BF8C 		93 KB
93 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/15194225437936141310/Img-01.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-jun-xin-yi-pi-sheng-chang-qi-ban-fei-xing-xue-yuan-jie-ye-you-ge-xin-tu-po.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f148.1e100.net
Software
sffe /
Resource Hash
f240ff3997fe588de46cdba36eec7155b129235fa80c878110393c51e38b4c04
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15194225437936141310/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:35:28 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
94877
x-xss-protection
0
last-modified
Tue, 16 Aug 2022 23:39:57 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 21 Oct 2023 19:35:28 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 4A48 		0
27 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss43WVxekLv9YQktFPGXvsZlS9uUNKf_1dq6wDNYgnk9a0Z8OoycEvnEBryOf4iyKhMd4VwWx5l3fyJxnXk9Cdu9ZBvAs_qs9pvlKuXd80xC1jtOMEwbZM_UsPEQ04qQ-7P71hj85BtzQl21Zr49zzP3AfyvHE8pLpLgmQEsKCZnQZ7Fr0DaKbxCfDtyMgKqkB812ccJdO-5_4TweQYes53yCGXpsa5JX6jREMFM2f-jc9CyUMFay6qOPJPR-yhsAKH_g4mLcs_lAcgROPt65IKc1KhvDIJRy2NwagYTr1KZpucJyfNrllmbatNJnJwBuD9LxxCNZfGEoB_prid4smunxE46N_uslZ1es-va4h5WmQOTmCJA431ctzsEmhXuBgPuncm4JQqr5PY-9srD8AToScanWCCnzhdk9DD90HHFVYreGBTupURcy-nPmrraHwsW_coIZqVtFNRSWgsSS4vftIzwmIBU_aaLGhOeUCrMKamBZO6_pgkM925v2XcFKbKENaeQX-fZf_TcSrvFg5xkz8FZtjyZo7U6d7nr_vkS4Pt_h5f3D_ZCfo0UczFHFH8L1KXPIit230CTgciL3Xgb6wZE6J3Cg7Ni75mR-1yw1EeO3Nl2WunZo-EtgKinjfcbkCqgCBYUT_G9TuG92VEwS81qyW9RaWwGiHhp3F5_fIQNKDqT9AHmFw4jI5nMtWvKpaosUNyk6dlI6_Cj27lr4kyBl-UYVfriyDXXMWwo1u2Wvmc67E8iDlB5wSo1janilgdyl8vsPLIC18Ltm5BmkFA9mJ3jDO1WS-ifSUecB_ukpio0V5tUXtIk6U-g-LAcUHpIm7q0U2CU4cceMbSIoDi2ZveG5VjRDC6ceOZqq1yQxEAt166txvGRWtg1Z3Hiyfufono6IdbFPyC-uXE8EUDdHXFEj51cUE8jpb2SBdiHchS_-aL17B3BQklysZ4MHlbNTU8HHDyKrmRrH7EJrFe0ClPGSpw4TKpgTsz8gISkPnJOInU_YXzIP652aNv3zkJVC-_DyYNvH4LAeE-l9vOFcht9vu8Cz28S_nt5HmDE1_P0L1b4dl77QicURTBXEZxAF5HGIH9n9YEhopE0WXs7SX6tBBJsvpWEPzxfl4fvm2R1URbNXRu5LSzrymcNkloiMhE3d--lUSYQQel4SaOvaL_ZvudO76SVK4xdpKDuNMex-sS28lSHGVugy0V5pvPErLlFzJ01cxRFz8LtDStrGTikrXbedOFnRBy5HM&sai=AMfl-YSbUa41TYTit88BaLiSa8EXQ9ONGmEGhcXWoCxlhPdnmKdR7uRoU2Pr3QJIHKJ-3E1SCfjYRkIZKPy3NfiTk8VSfwfgdqEz3uWDRrv9gbGQv400DxpWPMp5Y7l0tcicON2YqVOlRnT0oDHnOTDWAbr4AI-hws61sGYuiX8ItaG26VTT1K4tat8vl9wldUVBkdajHRFSmKqFQfQUK4g&sig=Cg0ArKJSzGHyMzdLhrVzEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1799&vt=11&dtpt=853&dett=3&cstd=943&cisv=r20221019.45347&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-jun-xin-yi-pi-sheng-chang-qi-ban-fei-xing-xue-yuan-jie-ye-you-ge-xin-tu-po.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:35:28 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame FC56 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221019&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210130101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
e78cc98217eae227b1399697ff18c30d3a7a8f0bddabe2295c3e6799e053e612
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:35:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11117
x-xss-protection
0
Replay.png
s0.2mdn.net/sadbundle/15194225437936141310/ Frame D3D3 		518 B
544 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/15194225437936141310/Replay.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15194225437936141310/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f148.1e100.net
Software
sffe /
Resource Hash
9f83dfac786ddc2fc1caf524cc26f599bf41beb09f6ec104a8919a2f0b81ed67
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15194225437936141310/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:35:28 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
518
x-xss-protection
0
last-modified
Tue, 16 Aug 2022 23:39:57 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 21 Oct 2023 19:35:28 GMT
LOGO.png
s0.2mdn.net/sadbundle/15194225437936141310/ Frame D3D3 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/15194225437936141310/LOGO.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15194225437936141310/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f148.1e100.net
Software
sffe /
Resource Hash
72fd305802da3df496970d7aed342cd911ea0f1f85d733e48aa7dea1292f47d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15194225437936141310/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:35:28 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5992
x-xss-protection
0
last-modified
Tue, 16 Aug 2022 23:39:57 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 21 Oct 2023 19:35:28 GMT
Text-04.png
s0.2mdn.net/sadbundle/15194225437936141310/ Frame D3D3 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/15194225437936141310/Text-04.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15194225437936141310/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f148.1e100.net
Software
sffe /
Resource Hash
3ff03beeeb122d5f8398574a1a72263b6d2ab17e949298892816bfdf71758819
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15194225437936141310/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:35:28 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3413
x-xss-protection
0
last-modified
Tue, 16 Aug 2022 23:39:57 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 21 Oct 2023 19:35:28 GMT
Text-03.png
s0.2mdn.net/sadbundle/15194225437936141310/ Frame D3D3 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/15194225437936141310/Text-03.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15194225437936141310/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f148.1e100.net
Software
sffe /
Resource Hash
5056e3a41bc800617739913c478c6e504b9b0fc3968525e6de98824437107a3a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15194225437936141310/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:35:28 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1729
x-xss-protection
0
last-modified
Tue, 16 Aug 2022 23:39:57 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 21 Oct 2023 19:35:28 GMT
Text-02.png
s0.2mdn.net/sadbundle/15194225437936141310/ Frame D3D3 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/15194225437936141310/Text-02.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15194225437936141310/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f148.1e100.net
Software
sffe /
Resource Hash
0ab4d6d723781eb281e8a39a304e8f0c17d907c41c62c1bdfff487030f959deb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15194225437936141310/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:35:28 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1808
x-xss-protection
0
last-modified
Tue, 16 Aug 2022 23:39:57 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 21 Oct 2023 19:35:28 GMT
Text.png
s0.2mdn.net/sadbundle/15194225437936141310/ Frame D3D3 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/15194225437936141310/Text.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15194225437936141310/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f148.1e100.net
Software
sffe /
Resource Hash
ca1fb699a2983a06644e63512aad064b0b32c9cf4f286cb98b19153ec42c6cfb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15194225437936141310/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:35:28 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6670
x-xss-protection
0
last-modified
Tue, 16 Aug 2022 23:39:57 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 21 Oct 2023 19:35:28 GMT
Img-03.jpg
s0.2mdn.net/sadbundle/15194225437936141310/ Frame D3D3 		72 KB
72 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/15194225437936141310/Img-03.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15194225437936141310/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f148.1e100.net
Software
sffe /
Resource Hash
4f6f824ff25abb1b43611e3813fe33e3641f03fc1a57366737405a3d6dd92064
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15194225437936141310/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:35:28 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
73964
x-xss-protection
0
last-modified
Tue, 16 Aug 2022 23:39:57 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 21 Oct 2023 19:35:28 GMT
Img-02.jpg
s0.2mdn.net/sadbundle/15194225437936141310/ Frame D3D3 		109 KB
109 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/15194225437936141310/Img-02.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15194225437936141310/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f148.1e100.net
Software
sffe /
Resource Hash
6df78d976052a9da6f359fa4cf3160afadc95c3488dbef812129f9ff9a762453
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15194225437936141310/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:35:28 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
111454
x-xss-protection
0
last-modified
Tue, 16 Aug 2022 23:39:57 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 21 Oct 2023 19:35:28 GMT
Img-01.jpg
s0.2mdn.net/sadbundle/15194225437936141310/ Frame D3D3 		93 KB
93 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/15194225437936141310/Img-01.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15194225437936141310/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f148.1e100.net
Software
sffe /
Resource Hash
f240ff3997fe588de46cdba36eec7155b129235fa80c878110393c51e38b4c04
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15194225437936141310/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:35:28 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
94877
x-xss-protection
0
last-modified
Tue, 16 Aug 2022 23:39:57 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 21 Oct 2023 19:35:28 GMT
rd_log
lax1-ib.adnxs.com/ Frame 6FF7 		0
819 B 		Script
General
Check archive.org
Download Go to
Full URL
https://lax1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-jun-xin-yi-pi-sheng-chang-qi-ban-fei-xing-xue-yuan-jie-ye-you-ge-xin-tu-po.html&e=wqT_3QLqIOhqEAAAAwDWAAUBCP7oy5oGELnq07qJ54ysNRgAKjYJexSuR-F6tD8RnMQgsHJosT8ZAAAAIIXrwT8hnA0SACkRJNAxAAAAQOF6lD8w8uzGCjj9XEDjHkieAVC12_i3AVi5tIoBYABotZGzAXgAgAEBigEDVVNEkgUG8IaYAdgFoAFaqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AIA4AKN6lrqAmhodHRwczovL3d3dy5iZzMuY28vYS9oYWktanVuLXhpbi15aS1waS1zaGVuZy1jaGFuZy1xaS1iYW4tZmVpLXhpbmcteHVlLXl1YW4tamllLXllLXlvdS1nZS0BPfB1dHUtcG8uaHRtbPIC6wwKFFRNX0FEX1RBR19QQVJBTUVURVJTEtIMJnNpdGVfaWQ9T2IxVlhCY2ZaZGpubFZqT2VKN2YmdG1fb3NfZ3JvdXA9d2luZG93cyZ0bV9tb2JpbGVfYXBwX3R5cGU9JnRtX2RldmljZQ0sGHVua25vd24BQARkZQUY9BcBbW9kZWw9JmJpPUIwOTgyWXozOTRKeTF0dE4xQ1RXQUl2R0YtMllvOFVVcTJqWkxUYjJrMkpkYTc4S0FHR3VFZlpFajNGVVZ6UHUwV2E4eUx1UjhTN2RPNDJqWDRZVzhpY0VaejVmNElkV3NDX084RktES0dselQ4MUw5QmFoamM4WW9SckF3THBuSENKeW5TNmNfdGFOeFNZUS1QYzZ3aW9NSUlVNkZCS3JRVkFJLXAyVWhQbW9PQVBSY090MTdWeWl1ZDczMVpDRXhwc3FDUGtSQzF2MFdFLWg5eFpMbEJMaEE1SmlyWFh4OTNLMEJ6bXF5VndTa00maWQ9STVHTHdjWmtCcVdnYU85SUljTzUmc2l0ZV9pZGJ4AfBVYXVjdGlvbl9pZD0yMDMzMTc3NzI3MTQ3NTg5ODM4LjM4NDM4Nzg2MDAxMTA4MzA5MDUmcmFuZD0tODkxOTI0MDE1ODQ5MzgxNTA3MyZwYWdlX3VybD1FdCAlM0ElMkYlMkZZeiAlMkZhJTJGaGH-fgJCfgIYJnNlbGxlcgHIEDExOTAxQRRAdXNlcl9hZ2VudD1Nb3ppbGwBfCA1LjArJTI4V2lFZ0ArTlQrMTAuMCUzQitXaW42NAEJaHg2NCUyOStBcHBsZVdlYktpdCUyRjUzNy4zNgE7SEtIVE1MJTJDK2xpa2UrR2Vja28BL2xDaHJvbWUlMkY4OS4wLjQzODkuNzIrU2FmYXJpFUA4JnB0PWltcCZxPUg0c0lBEQH0VQNHV1J6MF9UY0JqR2Fic05XRXdreTBnTVhzb3Vic1IyM181dTRhQWJHNnl5WDlDeE1TNm1hN19keXJxMnRKMGJlREZFUFhqa1NQUWZrTVFZVG9MX2dCZmpEV084ZXpBeFVZNmNyS0plZkFfUG03eko1OG1iNTVuLTlQN2hoX3JKN09uc19wUHp4M05Qb19HRllNLUZaTmR4dWhaVVhkTW5OV2VRN1ppNkRqMHlweXZRZXdDOURiZzdoSDZRLUJpNThmeHROSldVdWRYeVNOdnU1M2RiWGJVbXliSlc0OUt2amw4Z2RMTFlIdEtsd0drTWFhMDA0allFc1NqWTR1dnp6OGZYODhtMUlkZHVDeTVZenczV2V4dE0zMk9wN2lIaVZaeDkwN0xVTEVjQ1BOMHliZDBaLVhpMWdWT0FCRXQ0ZU9EWkpYek1zeGs4NTdvV2JNSE9taGxrT1VZZ0dSNVByNVVhbGZKdDNETDdFRi1GV3RfSjRNczl6eG5BckNpUmdHU1pjQWswcnFpRzZwbF9xQ01FMXlnRGFqb1BXVjNxR0JRZkNxdUxraUdxbXFaQnlPbG55QzBhTUF3bENBSXRVS3pBaVpMSWlDUWpob2FDeUFOQVVVQmtnQVM0cndneGRmcU5UaVJySGFxNWxkZU1iWDNIdHBvN05YaFBNT1ppblM0VFJvcGowc1R2LVg3bkFvbFNsQVNvU3lSWktaU0xzc1h1eWpwWHBIc1ZiYmxFc1Fmb0RBeDZqZzk0d3ZVY25YQTgtaENkOFlJT2NWVUtZWmllSDd4RUk3NFp3Qk4wY21qM2JXZGt2ME9SQ3pRZF80OU54SzZ3MURXR0JJUlN6ZFdWVXExeGlVN0dvM0RzV3NFQlZveFBxYTVyd19IUW4zbjBJektIYlNxRjFDX0pfUDE0RVRNSGJ2N21TcGhxY1J4QXoxYXR1bWRxY05rZEZKeXdPYy12VHpfREpvNndmMFpuR0JGSGM1c0pyS3EwVWpGbFQ3Zmgza0tFQmhSSHgxWTJ5Mlc1dmhpdjVMWXFjclZ3djBuZlJlYm5zMjhTWDFZeTdaOEQxamVzb0FJQUFBKiryAoMHChFUTV9JTVBfUEFSQU1FVEVSUxLtBiZ0bV9vc19ncv5PBv5PBv5PBv5PBupPBmxjcEtleT1FWXUySHRvVHUyY0h3NVI3OEU3biZtBRsESTVKbQYEYWQBNlRLdTVZWTdwMFFBbVFoUjNrcjQxZyZzNvEE9A4BQUd3QUVfX18wNHZKRnNCWjBNVnoxOTFheGJRZnR2OVpkY0RHMk1mcFlPbGpqQzVjVDltOVBBX1FfM0pnQ2ZBY3BOOWVaYmlpdHFYdW01QXJ6SlNDeDFNMXNjXzBCcGpyVEZnTmNEWFF1MmwyX2F2RTBaVEVvSENNWnJpRWV3aXhDUTEyN2NJbWV5QkJoRC1WdEhGYjJXbjQydm85TEF1ZzByU2ZfNDliNjdSR3ZmbXVkbng2bHRlamxyUFA0YlVnczFiOHpDWkJ6cVFEdjJ2clF4d0Z0QWxsd0V5LUx3dVNqdExXUXpGTzhZSXg0YU1wUnRPUVZ2NXNBQUFBQSZ3PTcyOCZoPTkwJnNlc3NJZKJ8Bwxwc0lkVswHBGJ1_ngH0ngHKPICxAcKEFRNX0NULvIJGK8HJTI2dG0i1wkMJTNEd-lyCRg62wkIJTNECRgaxwkMZ3JvdQE0GuEJMhwAEuMJCTEQYmklM0T-6Qn-6Qn-6Qm26QkIJTI2ZZwIJTNETp4DCCUyNmWgCCUzRE6iAwglMjZlpAglM0ROpgMYJTI2cyUzRDKbCP6qA_6qA_6qA_KqA0glMjZ3JTNENzI4JTI2aCUzRDkwISQgZXNzSWQlM0QyljILCCUyNmG4DCUzRE9K_gwIJTI2YbwIJTNEFjYLBDI1DjgLADUOOgsANTY8CwA1Ej4LADX-QAtSQAtM8gI4Cg1UTV9TRVNTSU9OX0lEEiea3wDweYADAIgDAZADAJgDF6ADAaoDAMADrALIAwDYA_TAxAHgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQPMTczLjI0NS4yMDkuMTMwqAQAsgQQCAAQBBjYBSD6ASgBMAA4ArgEAMAEAMgEANoEAggB4AQB8AS1DikPWIgFAZgFAKAFzoH5_u2L05scwAUAyQUABQEU8D_SBQkJBQt8AAAA2AUA4AUB8AWjwEX6BQQIABAAkAYAmAYAuAYAwQYBISAAAPA_2gYWChAJDRkBuBAAGADgBgHyBgIIAIAHAYgHAKAHAaoHFE1ETEVJbDRxSWQ1RTJoTWNDSDE0ugcPAVtAGAAgADAAOIgBQADIBwDSBw0VhwFNCNoHBgklaOAHAOoHAggA8AeY0AqKCAIQAJUIAACAP5gIAQ..&s=044a5434a32f547a5e7d8e6becb8671730a9a802&bdref=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-jun-xin-yi-pi-sheng-chang-qi-ban-fei-xing-xue-yuan-jie-ye-you-ge-xin-tu-po.html&bdtop=true&bdifs=1&bstk=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-jun-xin-yi-pi-sheng-chang-qi-ban-fei-xing-xue-yuan-jie-ye-you-ge-xin-tu-po.html,https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-jun-xin-yi-pi-sheng-chang-qi-ban-fei-xing-xue-yuan-jie-ye-you-ge-xin-tu-po.html&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-jun-xin-yi-pi-sheng-chang-qi-ban-fei-xing-xue-yuan-jie-ye-you-ge-xin-tu-po.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.148.251 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
893.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 21 Oct 2022 19:35:28 GMT
AN-X-Request-Uuid
a16f1c31-b659-4efb-8344-95953670c687
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
173.245.209.130; 173.245.209.130; 893.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 8F20 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022101801&jk=2352701535788158&bg=!HxylHFjNAAaaxvStusY7ACkAdvg8WiBWlXa2wwsByEXYPDIbgVSgHWWmuKqNDWKj4Y8Ppj5R2Xj-RAIAAAD9UgAAAANoAQeZArfKT5-4qoyiuFNp05MYq1rqnSsmhKM1wnJh2B5w9Rhd2m6p7cbGhZDNAXdKCql3FncHTVZogu7OHO9OFa0gJ-9tZjqEN255Ni9zGn0lAIRYzuPTKYvYBhCyiATXlGyJLucJJfsxpG-y835X1upkxkN1aghNH5WtFkC_7IEU64IwTq5x9iggXzMylAzU_UuLvKcRNYr4C5EuLmI7WcW44agn09ZJ2b8FBDEIWXZbMaBvPHlvVURDtdhFYN3ZDD7tEyg93gxc_zFGqueLugoMaP_7QJ_E9GUVAus7V18B5YTbmBQJ414E0PbOTAttNNAWukp6obJjhIiyqhZI610btGIG5WNAdF_7tedv4Ngf4zwFgzEdksxgc5s4E3LqHP5RioHnI9Pwh1cjJadwIWE9vl_aT0-LSWh9BA0CCqmqpV3od5pHq7Gk8y2xTl6jLKnu4P0fYCgzAL5oTaIQTlgITg1umFZALyE8GJDE1p1je7ttPwUAUWryAUkNpvWugWtS5SHR9hlBZSYU1r4k1tTR9FizjUkEcqYG9grK__7a3ENXfLkjvg0rgrg1gLQ-ocbXt0Bc8OhPXLQb4UTcGk-JUHpcEP1smefGqhSTZCpHkidANhYutxz_ssPE0W8fg7bBnVKC7Gj0Zi0VelMefOJ0HCxX1IAEk479N1b5nV6P94P3mpIfIV20fLOWWxlzEPaAT_ZQYgdw1ZQ90fIzxSLKqOOz4fd4YYaWau0TzQIzSkR0Gs6Ayqj-EwM5QdUeW1joIpqQl8CRVOU6aV6Ux_EmPbZMpCbgrcl-lBFc2M1DG5wf0JFl4uTi2cjuuRzYl6AVh0tNX4mtQUfsaXQ-zBZlwDsME3YhtaDtYa_p_ndSi8Zv661NuV-rVwQjVV6wkqZaz6GSvXWHGYJw9FeOK6zQmlfqMzgq4nbZCg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-jun-xin-yi-pi-sheng-chang-qi-ban-fei-xing-xue-yuan-jie-ye-you-ge-xin-tu-po.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 93E9 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022101901&jk=116958584231556&bg=!FxSlFFDNAAaaxvStusY7ACkAdvg8WvASoTFqqoQopK_dabpJIsKsF7SJeb8Gaq0HruyJu90GRmNfZgIAAAEAUgAAAAJoAQeZAtU924bGoYrQzfMQTv-Vb8yz8qmxS7m5EKy2QZ0cgCzcrh5doPBglpF1yglKaEQ1ZAW2UuwLdDJlMTZW1qIx1GRVLC_dgDFxjREK-FFc3lIt49Sp_HoU603J6vXSsC8sYKta8_0vHy_38-2sEw-Ub2W_r-YvsdbpJD2lhP8Zv8W0VUzIxEvZ8zjj3dQb-62d9fQBDVSIqMBBLo4XgpxWK9Gl43WAd7X2Z2Z388GrKNBCMo4RysUhHZX--Z_WsdBhLN_vZUNC2PIEWv5WxYRfIHIGpVmSdDAcADomzKPP3haM9cITXAh68dVci5bRPSQbbscTw-pwQ00iklrI4mtaOxV4cHj2B6q1cbPM81xtIUNPLmO0MuU3oXavOIic5HyatTLl4fVyZUxdXMAbV-hEAz-Zyfgt6a1JtMDA1ozm6ZmIA8u6pP1wKHNGhdBHUmPscPxhkAjPwehknjXNSNdwGQiCppXW35ZFTL2tzUOasWAom7hoYlG5nf3NSMM6L5J_Jx0L4vrkRzLIEb4G8PAPiXlCazCCU_LOWTbzVg4dIKS0TnXnddJ6WY5fys_S9s9Za1Tya1_iRHmacueQl-ssddHNmS6Nsos2DufDYGJBPUtfi9Z5ARQwAXqbhQeHg86kcncRx18aFLGajThJKFDl_grU9ITXQlA2-0TwiPMC3lOQlG-U7tcjWBfyeicrQqPjor5Q4lAS9i-2u_1RkxgN3zcaLrOvlNib-Sn9WoJLMo3Lp2bV9jqxCx2lRMIkLVkSUU2U5HcMdqXLA4XxGo3_FTI5afXrR2mUJgQxxQMsF0Zc8YtVXqUywn4H9PIYqPpLxsAKa-GNvVco1qqMLFF6xT29hdywHghrA5nVtqqpAkX2rbRgd2dGrgXVebVaMn2uw8OjXjQNR15FjYa3anWMhC6rDdN81W6oPUg59wegCM6qtwJY92S609MTi8viCLpveyApapmS5A
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-jun-xin-yi-pi-sheng-chang-qi-ban-fei-xing-xue-yuan-jie-ye-you-ge-xin-tu-po.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 7ACF 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210130101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:35:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 21 Oct 2022 19:35:28 GMT
displayproxy-20201012.js
playtime.tubemogul.com/ud/prod/ad_plugins/release/ Frame 48C1 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://playtime.tubemogul.com/ud/prod/ad_plugins/release/displayproxy-20201012.js?auction_id=2033177727147589838.3843878600110830905
Requested by
Host: displayf-tm.everesttech.net
URL: https://displayf-tm.everesttech.net/feed/placement.js?id=hnv92jmlYKlXCcdNwYv2&preview=0&tm_auction_id=2033177727147589838.3843878600110830905&price=0.08&a=1&site_id=Ob1VXBcfZdjnlVjOeJ7f&tm_os_group=windows&tm_mobile_app_type=&tm_device_group=unknown&tm_device_model=&bi=B0982Yz394Jy1ttN1CTWAIvGF-2Yo8UUq2jZLTb2k2Jda78KAGGuEfZEj3FUVzPu0Wa8yLuR8S7dO42jX4YW8icEZz5f4IdWsC_O8FKDKGlzT81L9Bahjc8YoRrAwLpnHCJynS6c_taNxSYQ-Pc6wioMIIU6FBKrQVAI-p2UhPmoOAPRcOt17Vyiud731ZCExpsqCPkRC1v0WE-h9xZLlBLhA5JirXXx93K0BzmqyVwSkM&id=I5GLwcZkBqWgaO9IIcO5&site_id=Ob1VXBcfZdjnlVjOeJ7f&tm_auction_id=2033177727147589838.3843878600110830905&rand=-8919240158493815073&page_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-jun-xin-yi-pi-sheng-chang-qi-ban-fei-xing-xue-yuan-jie-ye-you-ge-xin-tu-po.html&seller_id=11901&tm_user_agent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F89.0.4389.72+Safari%2F537.36&pt=imp&q=H4sIAAAAAAAAAGWRz0_TcBjGabsNWEwky0gMXsoubsR23_5u4aAbG6yyX9CxMS6ma7_dyrq2tJ0beDFEPXjkSPQfkMQYToL_gBfjDWO8ezAxUY6crKJefA_Pm7zJ58mb55n-9P7hh_rJ7Ons_pPzx3NPo_GFYM-FZNdxuhZUXdMnNWeQ7Zi6Dj0ypyvQewC9Dbg7hH6Q-Bi58fxtNJWUudXySNvu53dbXbUmybJW49Kvjl8gdLLYHtKlwGkMaa004jYEsSjY4uvzz8fX88m1IdduCy5Yzw3WextM32Op7iHiVZx907LULEcCPN0ybd0Z-Xi1gVOABEt4eODZJXzMsxk857oWbMHOmhlkOUYgGR5Pr5UalfJt3DL7EF-FWt_J4Ms9zxnArCiRgGSZcAk0rqiG6pl_qCME1ygDajoPWV3qGBQfCquLkiGqmqZByOlnyC0aMAwlCAItUKzAiZLIiCQjhoaCyANAUUBkgAS4rwgxdfqNTiRrHaq5ldeMbX3Htpo7NXhPMOZinS4TRopj0sTv-X7nAolSlASoSyRZKZSLssXuyjpXpHsVbblEsQfoDAx6jg94wvUcnXA8-hCd8YIOcVUKYZieH7xEI74ZwBN0cmj3bWdkv0ORCzQd_49NxK6w1DWGBIRSzdWVUq1xiU7Go3DsWsEBVoxPqa5rw_HQn3n0IzKHbSqF1C_J_P14ETMHbv7mSphqcRxAz1atumdqcNkdFJywOc-vTz_DJo6wf0ZnGBFHc5sJrKq0UjFlT7fh3kKEBhRHx1Y2y2W5vhiv5LYqcrVwv0nfRebns28SX1Yy7Z8D1jesoAIAAA**&q=H4sIAAAAAAAAAAGYAGf_Cc1iLgf3VxryFTQxzr8afwoqdHlwZS5nb29nbGVhcGlzLmNvbS9iaWRkZXIuQWRTZXJ2ZXJSZXF1ZXN0ElEYxZ0LIhRobnY5MmptbFlLbFhDY2ROd1l2Miiuq50BMhRFWXUySHRvVHUyY0h3NVI3OEU3bjiw1turD0IUS3U1WVk3cDBRQW1RaFIza3I0MWchCHiA2aTgQe-lUjoRmAAAAA**
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
117.18.232.64 , Australia, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nwa/E798) /
Resource Hash
848c2b11a39d6af4a9cb08e516faaa87f05227446e5af4e2a1b7634e929806d4

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:35:28 GMT
content-encoding
gzip
last-modified
Mon, 12 Oct 2020 21:43:55 GMT
server
ECAcc (nwa/E798)
age
73157
etag
"261452876"
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
content-length
5891
expires
Sat, 22 Oct 2022 19:35:28 GMT
css
fonts.googleapis.com/ Frame EC58 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: 4d6f72d0e14a2586548118fd7cc8457d.safeframe.googlesyndication.com
URL: https://4d6f72d0e14a2586548118fd7cc8457d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f95.1e100.net
Software
ESF /
Resource Hash
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://4d6f72d0e14a2586548118fd7cc8457d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 21 Oct 2022 19:35:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 21 Oct 2022 18:38:56 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 21 Oct 2022 19:35:28 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221019/r20110914/client/ Frame EC58 		2 KB
902 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221019/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: 4d6f72d0e14a2586548118fd7cc8457d.safeframe.googlesyndication.com
URL: https://4d6f72d0e14a2586548118fd7cc8457d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
cafe /
Resource Hash
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://4d6f72d0e14a2586548118fd7cc8457d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 00:56:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
67166
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
875
x-xss-protection
0
server
cafe
etag
16974406330603315520
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 04 Nov 2022 00:56:02 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame EC58 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CizzNf_RSY-fVC4yCjMwP1qGpgAWJxM6Cbf24vYmgEGQQASC6hMAzYKWAgICQAaABm-K4hgPIAQmpAkAcsHYzLKU-4AIAqAMByAPLBKoE7AJP0N8bEJ7S_tPqYB9cBHK_Ie5oBrh98J8Jgm2z9TJkI1mJ6F-l5L0SeExlHM_XZDe__K8E0zal2ImZisc4GELSihqTClF-f3HMv-L2ru0-l30f0ugCu2ROLbNH7szj1Wf24dmIzgMz2HIdca-cf0etbSK9zaZ2z8IoR4bROuXTMLGThqi4LJOZgmz0nztr7o48fm73rksSF01v9hea6tMQRUZYH9h6qvISC27UruOWvgyBpXWzAudwZgklQJYkxKxWv__L9T-RKMtJJGePfRkts3IDTxEBb92wZLhGJGT0VP2TYn-InHLBQ1g45Z0tdiBkaqw4wa_hInR-OLo_UPwY6vxiAEwuzyhiamJGZg0QA1_y7KeA3ILM6K2gjSRyWjjaR9JwZVMEzdeRVCADGiFtFCl6stu5lwSKlpStQivOoy-liFncFIKCKxlTcp396TSA-JIZyNA9Vt4GOLCJ0rthh0-wGfX1gJkA2RjQwATF_YjpiQTgBAGSBQQIBBgBkgUECAUYBKAGLoAHzZ3HeagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcDELJg0ggPCIBhEAEYHTICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgwgAoDyAsBmAyB857SgwS4E4ME2BMO0BUBmBYBgBcBshceChwIABIUcHViLTg5MzMzMjk5OTkzOTExMDQYyqse&sigh=XsWEfj3aMd8&uach_m=[UACH]&cid=CAQSOwDq26N9an9sLa9IdXpRgzeOlSS34DTtENQD4yGJH65o10pSS5bIPgdw5zemAmtep7bcbnJxtijx-Yh6GAEgDg&template_id=515
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-jun-xin-yi-pi-sheng-chang-qi-ban-fei-xing-xue-yuan-jie-ye-you-ge-xin-tu-po.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
/
Resource Hash

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://4d6f72d0e14a2586548118fd7cc8457d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221019/r20110914/ Frame EC58 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221019/r20110914/abg_lite_fy2021.js
Requested by
Host: 4d6f72d0e14a2586548118fd7cc8457d.safeframe.googlesyndication.com
URL: https://4d6f72d0e14a2586548118fd7cc8457d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
cafe /
Resource Hash
3772c62c6a77a8e84e253b4fee14543a7d93e79ddbeb0327948349a70dc84e45
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://4d6f72d0e14a2586548118fd7cc8457d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 18:42:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3192
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9571
x-xss-protection
0
server
cafe
etag
15799940544776262544
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 04 Nov 2022 18:42:16 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221019/r20110914/client/ Frame EC58 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221019/r20110914/client/window_focus_fy2021.js
Requested by
Host: 4d6f72d0e14a2586548118fd7cc8457d.safeframe.googlesyndication.com
URL: https://4d6f72d0e14a2586548118fd7cc8457d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://4d6f72d0e14a2586548118fd7cc8457d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 16:16:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
11929
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 04 Nov 2022 16:16:39 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221019/r20110914/client/ Frame EC58 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221019/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 4d6f72d0e14a2586548118fd7cc8457d.safeframe.googlesyndication.com
URL: https://4d6f72d0e14a2586548118fd7cc8457d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
cafe /
Resource Hash
f2dbee6e8cb9bff59607fadf14404bd7fca23c704c0677fc43b902e4e15de00f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://4d6f72d0e14a2586548118fd7cc8457d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 18:42:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3192
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7569
x-xss-protection
0
server
cafe
etag
4237063375490391177
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 04 Nov 2022 18:42:16 GMT
l
www.google.com/ads/measurement/ Frame EC58 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTqlGTNDdWxI8Oqc2iQTbPsSijWAzDlOySYjeyNCqgEqX75-9F1ZzDThcR9gXgQV02EH-XBEiD3RsKa9d0DsfQUlRfHnA
Requested by
Host: 4d6f72d0e14a2586548118fd7cc8457d.safeframe.googlesyndication.com
URL: https://4d6f72d0e14a2586548118fd7cc8457d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f99.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://4d6f72d0e14a2586548118fd7cc8457d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame EC58 		152 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 4d6f72d0e14a2586548118fd7cc8457d.safeframe.googlesyndication.com
URL: https://4d6f72d0e14a2586548118fd7cc8457d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f155.1e100.net
Software
sffe /
Resource Hash
66acb48e5d896c024b5ce7003d0375794e4a6603e8454e902ea448db160884d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://4d6f72d0e14a2586548118fd7cc8457d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:35:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47476
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1666179788250400"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 21 Oct 2022 19:35:28 GMT
fed584b8ce81e04d8838584f2ea59ee6.js
www.gstatic.com/mysidia/ Frame EC58 		33 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/fed584b8ce81e04d8838584f2ea59ee6.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: 4d6f72d0e14a2586548118fd7cc8457d.safeframe.googlesyndication.com
URL: https://4d6f72d0e14a2586548118fd7cc8457d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f94.1e100.net
Software
sffe /
Resource Hash
2d52560a0b97222a18a95c89256d89765d3d821699eebc14213d531c2a93adb5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://4d6f72d0e14a2586548118fd7cc8457d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 01:26:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
151731
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13787
x-xss-protection
0
last-modified
Wed, 12 Oct 2022 23:46:29 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 18 Jan 2023 01:26:37 GMT
5935328759352983601
tpc.googlesyndication.com/simgad/ Frame EC58 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/5935328759352983601?w=100&h=100
Requested by
Host: 4d6f72d0e14a2586548118fd7cc8457d.safeframe.googlesyndication.com
URL: https://4d6f72d0e14a2586548118fd7cc8457d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
299f8f0dd3022468c0b5ae4d609d456d52b13360bd201e925062b277d60fb14a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://4d6f72d0e14a2586548118fd7cc8457d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:35:28 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9263
x-xss-protection
0
last-modified
Mon, 10 Jan 2022 04:24:53 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 21 Oct 2023 19:35:28 GMT
truncated
/ Frame EC58 		195 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9e34975a0a58f4262f18fc35a4a9efb9f9b3962b87772f8fa5c006d5b7bc3f57

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame EC58 		336 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
adview
securepubads.g.doubleclick.net/pagead/ Frame 2750 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CoBUIf_RSY-jVC4yCjMwP1qGpgAWY_NGxXKqEzOSFAcCNtwEQASAAYKWAgICQAYIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQJAHLB2MyylPuACAKgDAaoEywJP0FQDYputrVq4mBZC85-yElHjyZS2Jg_7LUTvNGHz-3e9_X4AvWIcWcJ3q-pUyk_FZVRdqw9dTIk_uop2frxQBb8_eNeQaa5uI2LtPq6G1hn684b6CvwKVFmGPHn7xcEa_YbonbbK3OLxSPPjI0YNcKMvkOQqfjwHOH9FNeKXo8RYxlMGNUbpWVqruBJibqFt8AF_TgXmqnLQLEAlES7u22sviP_I3arpqvn0qvyQu97lMsk2h0gdrkLIcjH4tnb7i6c8m-Hesp10qUtZ6h8lxeG8AmerimzhAjWGi1pgwc8lk6dHjERr0V0MKRsA8EsEwztjmVyoUGzoBkxzVUkZEUe_uQUSMhJkrYvoi954WJ_sZdrM5u7XU7k-o_lKoJCNpPtyx_47089wZfJlPjoSFOPYZml_KitkOs6rkZs9oWq39WXZwXiRBog64AQBgAbumczxoPKew5QBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODCACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItODkzMzMyOTk5OTM5MTEwNBjKqx4&sigh=NZM6J_gpBLY&uach_m=[UACH]&cid=CAQSOwDq26N9an9sLa9IdXpRgzeOlSS34DTtENQD4yGJH65o10pSS5bIPgdw5zemAmtep7bcbnJxtijx-Yh6GAEgEw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-jun-xin-yi-pi-sheng-chang-qi-ban-fei-xing-xue-yuan-jie-ye-you-ge-xin-tu-po.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
/
Resource Hash

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://4d6f72d0e14a2586548118fd7cc8457d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
notify
rtb.jp2.as.criteo.com/google/auction/ Frame 2750 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.jp2.as.criteo.com/google/auction/notify?profile=14&payload=kMjjDc7xBnjYBGL4LRICAAAA-ONZtFtuTcMQfvRSY_2UzBCyS3z1G14dABIAAA&wp=Y1L0fwAC6ugDgwEMAApQ1jR685-xTgtrtLud2w
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-jun-xin-yi-pi-sheng-chang-qi-ban-fei-xing-xue-yuan-jie-ye-you-ge-xin-tu-po.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.19 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://4d6f72d0e14a2586548118fd7cc8457d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:35:28 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
159538
content-length
0
afr.php
ads.as.criteo.com/delivery/r/ Frame 0E64 		145 KB
48 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.as.criteo.com/delivery/r/afr.php?z=Y1L0fwAC6ugDgwEMAApQ1jR685-xTgtrtLud2w&u=%7CofVbK1XmZRbPu%2FhZt%2FV3fq8L%2B8opEzGA0RmCmiEnt%2B0%3D%7C&c1=0n2XosTo5cliKCnvh9OE5jqZHIJlQ7xgp7yhsEndoSQWtCdBOgT7K4ozbUym4LQBP0pW1DkPG3cqCrmCt---Av6Kjbuz6oDarG3WZ1PjBDpweLK-UsMlDvClDVsbgNGYem2l2F_Zskv2jxgp958pnROz25-dhZto5ES6GUwDdN1NN468diB8wZkUxgu4NZJv0jhS5zWR-jifqd_h4qubI-aNOCkx8vJ8jDe8NZeskPl1Vzt878HaV_cxKr37z9foYp8GTUczxfiGnpa18Vrb0YjPHOEu4u31-h4gjGIM1kei-gMEI1B9fOtTq2pyfOcxX3QK8Cha2n2RBRW_nIelCNVqv_O4LxsYoMA3tlMnJJtL0Eqpp8_ET-G6WtcoQRLp2hwab92Nksh44X41vzVkb_Co8sNaVsBq_zWmd1WNB6dLFZzgQzoCbclDA-K-KhO05MTBbCYOVdK5bCnBImlbV_E1QYVyBxNZ3BXpXGMcxP_H3HacJBXgmyTZOGccHkPGm45G7OGQMmVFxZQAgY3I1EXkftfu-bJKJULQca4dI2a48XmYtEntGlT16FpvR0GqJJOC5L4idxo2osmqwlbdv7YQ1swa3N7Jqg_mTJX9n7tkAF_u6qYl8IlNjZ3ZNx92RTH7M5mtdkJprgyovPWCLg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCED5Of_RSY-jVC4yCjMwP1qGpgAWY_NGxXKqEzOSFAcCNtwEQASAAYKWAgICQAYIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQJAHLB2MyylPuACAKgDAaoEzgJP0FQDYputrVq4mBZC85-yElHjyZS2Jg_7LUTvNGHz-3e9_X4AvWIcWcJ3q-pUyk_FZVRdqw9dTIk_uop2frxQBb8_eNeQaa5uI2LtPq6G1hn684b6CvwKVFmGPHn7xcEa_YbonbbK3OLxSPPjI0YNcKMvkOQqfjwHOH9FNeKXo8RYxlMGNUbpWVqruBJibqFt8AF_TgXmqnLQLEAlES7u22sviP_I3arpqvn0qvyQu97lMsk2h0gdrkLIcjH4tnb7i6c8m-Hesp10qUtZ6h8lxeG8AmerimzhAjWGi1pgwc8lk6dHjERr0V0MKRsA8EsEwztjmVyoUGzoBkxzVUkZEUe_uQUSMhJkrYvoi954WJ_sZdrM5u7XU7k-o_lKoJCNpPtyx7w58l2Vq3sbwbNjigiO_KpWPiHzMOCzeRPO9_B-S3v12Z96l_bF_XVl4AQBgAbumczxoPKew5QBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_09LmVbMVdAq-eVz3MUJsrAaekHTw%26client%3Dca-pub-8933329999391104%26adurl%3D
Requested by
Host: 4d6f72d0e14a2586548118fd7cc8457d.safeframe.googlesyndication.com
URL: https://4d6f72d0e14a2586548118fd7cc8457d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.148 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
d838285d6f9ed2cbbf06058d07fd3ebd422a01d614fcf10e50d816da3268a9f0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://4d6f72d0e14a2586548118fd7cc8457d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Fri, 21 Oct 2022 19:35:28 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.as.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.as.criteo.net/heavyad?cppv=3&cpp=owVA_MqSHJ8APN0_Kmzmtm_iePB8w-qAJnYhWga3buyEx8pQlRS699XI57FwMHfQDNeI75ymn3dMHmHoJxhnN1BeV9HMy0ZXax-odzd70MBm3wKj3RkG03gKzaxuiJXIpW4rhqiKwvcUFBQ3WzimaawXV_qpBlz274BJ0ngyx_u-eczucCCyMPjrxAR3Qe10NtVMsGhl7TarvmbB8_zotINtmv9FqkYCGFMg2gnI_i0BYgIGIvSnan4Yr7Q7iC5ZTTH_Izvwns1nRmxC"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
60411188
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221019/r20110914/client/ Frame 2750 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221019/r20110914/client/window_focus_fy2021.js
Requested by
Host: 4d6f72d0e14a2586548118fd7cc8457d.safeframe.googlesyndication.com
URL: https://4d6f72d0e14a2586548118fd7cc8457d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://4d6f72d0e14a2586548118fd7cc8457d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 16:16:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
11929
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 04 Nov 2022 16:16:39 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 7607 		1 KB
646 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 4d6f72d0e14a2586548118fd7cc8457d.safeframe.googlesyndication.com
URL: https://4d6f72d0e14a2586548118fd7cc8457d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4d6f72d0e14a2586548118fd7cc8457d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
9565
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 21 Oct 2022 16:56:03 GMT
etag
48472445140208031
expires
Sat, 22 Oct 2022 16:56:03 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221019/r20110914/client/ Frame 2750 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221019/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 4d6f72d0e14a2586548118fd7cc8457d.safeframe.googlesyndication.com
URL: https://4d6f72d0e14a2586548118fd7cc8457d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
cafe /
Resource Hash
f2dbee6e8cb9bff59607fadf14404bd7fca23c704c0677fc43b902e4e15de00f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://4d6f72d0e14a2586548118fd7cc8457d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 18:42:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3192
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7569
x-xss-protection
0
server
cafe
etag
4237063375490391177
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 04 Nov 2022 18:42:16 GMT
l
www.google.com/ads/measurement/ Frame 2750 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaS8dLPtj9D-Nn5SwjCa6clkAi8ts9OdfFS-B14PaQlPopSxl-GL53gB6kPVSw666jHkX5bSuM6fCR3TF6Sk8j7AmBCvaQ
Requested by
Host: 4d6f72d0e14a2586548118fd7cc8457d.safeframe.googlesyndication.com
URL: https://4d6f72d0e14a2586548118fd7cc8457d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f99.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://4d6f72d0e14a2586548118fd7cc8457d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 2750 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 4d6f72d0e14a2586548118fd7cc8457d.safeframe.googlesyndication.com
URL: https://4d6f72d0e14a2586548118fd7cc8457d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://4d6f72d0e14a2586548118fd7cc8457d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 04:51:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
398636
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 17 Oct 2023 04:51:32 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2750 		152 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 4d6f72d0e14a2586548118fd7cc8457d.safeframe.googlesyndication.com
URL: https://4d6f72d0e14a2586548118fd7cc8457d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f155.1e100.net
Software
sffe /
Resource Hash
66acb48e5d896c024b5ce7003d0375794e4a6603e8454e902ea448db160884d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://4d6f72d0e14a2586548118fd7cc8457d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:35:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47476
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1666179788250400"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 21 Oct 2022 19:35:28 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame FC56 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210130101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:35:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 21 Oct 2022 19:35:28 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4BCB 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
2465
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 21 Oct 2022 18:54:23 GMT
expires
Sat, 21 Oct 2023 18:54:23 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 7115 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f99.1e100.net
Software
GSE /
Resource Hash
77f9e3ad543c9ffc64193db32aeaba06b156f5c43e5713b89f5d62ef76e45696
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-0c1bL6J9pzpli-NNAJjXDA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-0c1bL6J9pzpli-NNAJjXDA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 21 Oct 2022 19:35:28 GMT
expires
Fri, 21 Oct 2022 19:35:28 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
truncated
/ Frame 6FF7 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
41621263c5ba403b5ea10a6aa3eccd253a9cdadc826e9c287639bc3b133bd744

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
vevent
lax1-ib.adnxs.com/ Frame 6FF7 		0
836 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://lax1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-jun-xin-yi-pi-sheng-chang-qi-ban-fei-xing-xue-yuan-jie-ye-you-ge-xin-tu-po.html&e=wqT_3QKNCugNBQAAAwDWAAUBCP7oy5oGELnq07qJ54ysNRgAKjYJexSuR-F6tD8RnMQgsHJosT8ZAAAAIIXrwT8hnA0SACkRJNAxAAAAQOF6lD8w8uzGCjj9XEDjHkieAVC12_i3AVi5tIoBYABotZGzAXgAgAEBigEDVVNEkgUG8IaYAdgFoAFaqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AIA4AKN6lrqAmhodHRwczovL3d3dy5iZzMuY28vYS9oYWktanVuLXhpbi15aS1waS1zaGVuZy1jaGFuZy1xaS1iYW4tZmVpLXhpbmcteHVlLXl1YW4tamllLXllLXlvdS1nZS0BPXx0dS1wby5odG1sgAMAiAMBkAMAmAMXoAMBqgObBQrcBBF-9FUDcnRiLWxiLWV2ZW50LWFkY2xvdWQtcHJvZC11cy13ZXN0LTItdG0uZXZlcmVzdHRlY2gubmV0L3J0Yi9lLnBuZz9lPXdpbiZhaWQ9MjAzMzE3NzcyNzE0NzU4OTgzOC4zODQzODc4NjAwMTEwODMwOTA1JmNwPTI1Nzc4Mzgmc2xvdD0xJnhfcHJpY2U9JHtBVUNUSU9OX1BSSUNFfSZldHM9MTY2NjM4MDkyNjMzMyZ0ej1BbWVyaWNhJTJGTG9zX0FuZ2VsZXMmc291cmNlPWFwcG5leHVzJmZjPTMmZmNpPTEmY291bnRyeT1BVSZyZWdpb249TlNXJm1jPTQ4JmFwPTAmdXQ9MCZ2aXM9VU5LTk9XTiZzaXRlPU9iMVZYQmNmWmRqbmxWak9lSjdmJmJwPTgwMDAwJmN1cnI9VVNEJmV4cj0xLjAmZmlkPUk1R0x3Y1prQnFXZ2FPOUlJY081JmM9NDExODIxMTM3NiZjY3Vycj1VU0QmY3V4cj0xLjAmYT00NjE0MjgmY2E9NzIzNzIwJnN0PURJU1BMQVkmc2g9MTAwJnN3PTMwMCZyaWQ9MTg4Jm1wPTI0OSZwc2s9T2IxVlhCY2ZaZGpubFZqT2VKN2YmY2ZjPTAmY2ZjaT0wJmR1cj0tMSZjaXR5aWQ9NjEmbWV0cm9pZD0tMSZjb3VudHJ5aWQ9MTMmcG9zdGFsaWQ9LTEmZHVyYXRpb249MTAmdj0xJmF1dGg9SkFCb0hiRk9HM2hFRzFvbkc1ME9yUUJtVDUwJnhfcj05WDk5YWcaEzM4NDM4Nzg2MDAxMTA4MzA5MDUiCTM4NTc1NjU5NyoEMzkzOToUTi4yNTc3ODM4LjQxMTgyMTEzNzbAA6wCyAMA2AP0wMQB4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDzE3My4yNDUuMjA5LjEzMKgEALIEEAgAEAQY2AUg-gEoATAAOAK4BADABADIBADaBAIIAeAEAfAEtdv4twGIBQGYBQCgBc6B-f7ti9ObHMAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQDgBQHwBaPARfoFBAgAEACQBgCYBgC4BgDBBgAAAAAAAPA_2gYWChAAAAAAAAABNAkB8EYQABgA4AYB8gYCCACABwGIBwCgBwGqBxRNRExFSWw0cUlkNUUyaE1jQ0gxNLoHDwgAEAAYACAAMAA4iAFAAMgHANIHDQkAABlNCNoHBgklaOAHAOoHAggA8AeY0AqKCAIQAJUIAACAP5gIAQ..&s=3dc46d1d374d53e0073c42d34589f71e303e0d2b&type=nv&nvt=5&jm=1003&px=236&py=60&bw=728&bh=90&sid=2892681511577942555&vd=ct~0|rr~0&sv=229&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=22132338&sw=1600&sh=1200&pw=1600&ph=3489&ww=1600&wh=1200&ft=2
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/229/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.148.251 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
893.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 21 Oct 2022 19:35:28 GMT
AN-X-Request-Uuid
85f046b2-1d97-4ef8-af75-476d9c9b6a0b
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.bg3.co
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
173.245.209.130; 173.245.209.130; 893.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame C9E6 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst_ZFrCKrjm2EknSxNUE93T5wV7xaXt7m51L8RjyRzAiQQ0P-syRdEg0JvyWEwUZrD6MKgJn6w1gS-zu4dcsCpRobMZz6kQRYJo0hrLwAtSpqhfUrq4IXbn8870zivB49BLTrk&sai=AMfl-YTamttcBEgVB-FzAy7GfF4QNuqCrh1h7KQSYMntn8OCSix1ZfY0Y8mb-NfY8oUKium62gDD3RDyzFOtvBwmeIkXCpIl4oemxeeOVg&sig=Cg0ArKJSzBEoekC5-sAfEAE&cid=CAQSKQDq26N9Yryw3u6k7d6zKVODAB7Gb4q0IEhg5TCouksPzkqHV9JuybV9GAEgDg&id=lidar2&mcvt=1029&p=0,0,250,300&mtos=1029,1029,1029,1029,1029&tos=1029,0,0,0,0&v=20221019&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2365071409&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1666380925898&rpt=1521&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:35:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 4A48 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv7uCW4fKVuCHcLKgWxphgzacu1VGh3TjGPf6Vo_gCGFPsMan7WAMr2FdfkoamIAmblmNxkwwn8jbftYpqpNopFDYnK_6hmpDjxBc9mr9VqBEv06SMQEpRV6n-vbO2-zD9opaw&sai=AMfl-YQPGr6vYgAGl63tmwPmFXjIk4WN3irOgGBI08jTYDhSOSgxvKB4er76_WlAe4vYefoPl0qD4hfoB9qd_9FkbgPiTiKlMaCJ2L-NWQ&sig=Cg0ArKJSzDW9W-pwsKdYEAE&cid=CAQSKQDq26N9NDRoRAxuNtaQp_9GhKXc-OO7oiDY2x4xDzLHGupY14wHRJ3CGAEgDg&id=lidar2&mcvt=1031&p=0,0,250,300&mtos=1031,1031,1031,1031,1031&tos=1031,0,0,0,0&v=20221019&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2365071409&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1666380925948&rpt=1475&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:35:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 03EA 		1 KB
646 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 4d6f72d0e14a2586548118fd7cc8457d.safeframe.googlesyndication.com
URL: https://4d6f72d0e14a2586548118fd7cc8457d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4d6f72d0e14a2586548118fd7cc8457d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
9565
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 21 Oct 2022 16:56:03 GMT
etag
48472445140208031
expires
Sat, 22 Oct 2022 16:56:03 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 7607
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEDwBlTfwKxqB0J6MbnYP9pY&google_cver=1&google_push=AZmPxg8NkG3REFTamVMLuClabQyKDGRD3AZ5L_jTLH_yo7CekOFSHB8ZXVXOoUpNIuJA7AC3xc1TDfsWTb3mdSYRxI1Wcw-WyibxR...
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODg0MzY5MjMyMjIwODE1MjM5MA==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEDwBlTfwKxqB0J6MbnYP9pY&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEDwBlTfwKxqB0J6MbnYP9pY&google_cver=1
Requested by
Host: 4d6f72d0e14a2586548118fd7cc8457d.safeframe.googlesyndication.com
URL: https://4d6f72d0e14a2586548118fd7cc8457d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
50.116.239.135 , United States, ASN6336 (TURN-US-ASN, US),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 21 Oct 2022 19:35:28 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:35:28 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEDwBlTfwKxqB0J6MbnYP9pY&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 7607
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEKHM2cAstP2fH9J5nDqmH7M&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEKHM2cAstP2fH9J5nDqmH7M&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=S2xscERoUUgxT0xYTkw1&google_gid=CAESEKHM2cAstP2fH9J5nDqmH7M&google_cver=1&google_push=AZmPxg_EAefGUu9WeFQyIxaN-GPHhWdPC19i6nLmxkz0KuT...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=S2xscERoUUgxT0xYTkw1&google_gid=CAESEKHM2cAstP2fH9J5nDqmH7M&google_cver=1&google_push=AZmPxg_EAefGUu9WeFQyIxaN-GPHhWdPC19i6nLmxkz0KuTPj-lggizCciUSWw2SFHNl3VWypEXsizOtijiMGqaAk6oQQLDrXculuDkD7M7f4hcaaQNvg_coDk_m7KMvBW2EjZNf4uiPCNw
Requested by
Host: 4d6f72d0e14a2586548118fd7cc8457d.safeframe.googlesyndication.com
URL: https://4d6f72d0e14a2586548118fd7cc8457d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:35:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 21 Oct 2022 19:35:29 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/5502e06#5502e06d7dbe3c52c9a5559e1550ac262fba6e07 i-0e7176c532edf503a@ap-southeast-1a@dxedge-app-ap-southeast-1-prod-asg
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=S2xscERoUUgxT0xYTkw1&google_gid=CAESEKHM2cAstP2fH9J5nDqmH7M&google_cver=1&google_push=AZmPxg_EAefGUu9WeFQyIxaN-GPHhWdPC19i6nLmxkz0KuTPj-lggizCciUSWw2SFHNl3VWypEXsizOtijiMGqaAk6oQQLDrXculuDkD7M7f4hcaaQNvg_coDk_m7KMvBW2EjZNf4uiPCNw
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 7607
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEOukcUdl1JeA0pi8OEllITw&google_cver=1&google_push=AZmPxg-fQ35Tk2DueWVs-r6wB-YX4899HySaqxYoQOC5sM-eUvJ6gLVQ0T5wD4tYIf24yl1a1FVbdGd4yTPZF31k...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AZmPxg-fQ35Tk2DueWVs-r6wB-YX4899HySaqxYoQOC5sM-eUvJ6gLVQ0T5wD4tYIf24yl1a1FVbdGd4yTPZF31kv5oCRdVLfkpxNiLKcplb7oK7WqwbKy...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AZmPxg-fQ35Tk2DueWVs-r6wB-YX4899HySaqxYoQOC5sM-eUvJ6gLVQ0T5wD4tYIf24yl1a1FVbdGd4yTPZF31kv5oCRdVLfkpxNiLKcplb7oK7WqwbKy-wo2XDoWMV8eLkyTsWx3Z0RH0
Requested by
Host: 4d6f72d0e14a2586548118fd7cc8457d.safeframe.googlesyndication.com
URL: https://4d6f72d0e14a2586548118fd7cc8457d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:35:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Fri, 21 Oct 2022 19:35:29 GMT
Server
MT3 4539 98cc2da master nrt-pixel-x21 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AZmPxg-fQ35Tk2DueWVs-r6wB-YX4899HySaqxYoQOC5sM-eUvJ6gLVQ0T5wD4tYIf24yl1a1FVbdGd4yTPZF31kv5oCRdVLfkpxNiLKcplb7oK7WqwbKy-wo2XDoWMV8eLkyTsWx3Z0RH0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 21 Oct 2022 19:35:28 GMT
pixel
cm.g.doubleclick.net/ Frame 7607
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEAWIBK-OqkFRopPbvxkKm2g&google_cver=1&google_push=AZmPxg8v2mI5QP26_XBnWtS59bIbhyl4p1HRXC1_V5VaUGeDZ54ASJgJ4sqfWeOtKEHBeNXFlkPmKE5qsol_8Hn7CNOJi8TlEpbcod...
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=D4208B9EDAC34075BA69BE67A02F5842&google_push=AZmPxg8v2mI5QP26_XBnWtS59bIbhyl4p1HRXC1_V5VaUGeDZ54ASJgJ4sqfWeOtKEHBeNXFlkPmKE5qsol_8Hn...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=D4208B9EDAC34075BA69BE67A02F5842&google_push=AZmPxg8v2mI5QP26_XBnWtS59bIbhyl4p1HRXC1_V5VaUGeDZ54ASJgJ4sqfWeOtKEHBeNXFlkPmKE5qsol_8Hn7CNOJi8TlEpbcodnxsSzK96sTsSeTdHGwmisKYci6XIKXz9eG4mvA7Ig
Requested by
Host: 4d6f72d0e14a2586548118fd7cc8457d.safeframe.googlesyndication.com
URL: https://4d6f72d0e14a2586548118fd7cc8457d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:35:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 21 Oct 2022 19:35:29 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=D4208B9EDAC34075BA69BE67A02F5842&google_push=AZmPxg8v2mI5QP26_XBnWtS59bIbhyl4p1HRXC1_V5VaUGeDZ54ASJgJ4sqfWeOtKEHBeNXFlkPmKE5qsol_8Hn7CNOJi8TlEpbcodnxsSzK96sTsSeTdHGwmisKYci6XIKXz9eG4mvA7Ig
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Thu, 20 Oct 2022 19:35:29 GMT
pixel
cm.g.doubleclick.net/ Frame 7607
Redirect Chain
  • https://match.adsrvr.org/track/cmf/google?google_gid=CAESEKykCnCu7OsT80-iqLGfRiU&google_cver=1&google_push=AZmPxg9593R_ZMKcGAvRUa7mO0_zVsFba8IghxfNWr5d8l-s0alBE48I8X9i28F9rURBT35UrQeN5oG8EXvtbCJZdg...
  • https://match.adsrvr.org/track/cmb/google?google_gid=CAESEKykCnCu7OsT80-iqLGfRiU&google_cver=1&google_push=AZmPxg9593R_ZMKcGAvRUa7mO0_zVsFba8IghxfNWr5d8l-s0alBE48I8X9i28F9rURBT35UrQeN5oG8EXvtbCJZdg...
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=MThlMDEwNDAtYzFiNC00ZDY1LTg0ZDAtMmVmZmE5NDNmYjYw&google_push&gdpr=0&gdpr_consent=&ttd_tdid=18e01040-c1b4-4d65-84d0-2effa943fb60
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=MThlMDEwNDAtYzFiNC00ZDY1LTg0ZDAtMmVmZmE5NDNmYjYw&google_push&gdpr=0&gdpr_consent=&ttd_tdid=18e01040-c1b4-4d65-84d0-2effa943fb60
Requested by
Host: 4d6f72d0e14a2586548118fd7cc8457d.safeframe.googlesyndication.com
URL: https://4d6f72d0e14a2586548118fd7cc8457d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:35:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:35:28 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=MThlMDEwNDAtYzFiNC00ZDY1LTg0ZDAtMmVmZmE5NDNmYjYw&google_push&gdpr=0&gdpr_consent=&ttd_tdid=18e01040-c1b4-4d65-84d0-2effa943fb60
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
423
pixel
cm.g.doubleclick.net/ Frame 7607
Redirect Chain
  • https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEJnCRBo1f3jEBcONK0nwWRo&google_cver=1&google_push=AZmPxg9QQ0liGPTimHX3Vqd-re3KKcU7W0lv4Uz08ycfPZGadIGOshPszun6vNy-o8TbOxxdrErejijML8VfEz...
  • https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AZmPxg9QQ0liGPTimHX3Vqd-re3KKcU7W0lv4Uz08ycfPZGadIGOshPszun6vNy-o8TbOxxdrErejijML8VfEzccQmRITABKdPflwBhvAZNXnp8TbZgL68mJ09aE2q4c...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AZmPxg9QQ0liGPTimHX3Vqd-re3KKcU7W0lv4Uz08ycfPZGadIGOshPszun6vNy-o8TbOxxdrErejijML8VfEzccQmRITABKdPflwBhvAZNXnp8TbZgL68mJ09aE2q4c40MnJ00HekHMQF4&google_hm=hmNS9H4B0XkU4MFgWw&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D6352F47E01D17914E0C1605BBLIS
Requested by
Host: 4d6f72d0e14a2586548118fd7cc8457d.safeframe.googlesyndication.com
URL: https://4d6f72d0e14a2586548118fd7cc8457d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:35:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AZmPxg9QQ0liGPTimHX3Vqd-re3KKcU7W0lv4Uz08ycfPZGadIGOshPszun6vNy-o8TbOxxdrErejijML8VfEzccQmRITABKdPflwBhvAZNXnp8TbZgL68mJ09aE2q4c40MnJ00HekHMQF4&google_hm=hmNS9H4B0XkU4MFgWw&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D6352F47E01D17914E0C1605BBLIS
date
Fri, 21 Oct 2022 19:35:28 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
cm.g.doubleclick.net/ Frame 7607
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEJj7Djn_qTGqP4LaZPDDFdw&google_cver=1&google_push=AZmPxg9kNRqcUUpxgzEdpkUz8bl22kUcFnK4P1fwVgyGnQ8ANek1TSELTwJujYf6qv55WyfNh-DcX9_jHbEgd...
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEJj7Djn_qTGqP4LaZPDDFdw&google_push=AZmPxg9kNRqcUUpxgzEdpkUz8bl22kUcFnK4P1fwVgyGnQ8ANek1TSELTwJujYf6qv55WyfNh-DcX9_jHbEgd...
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AZmPxg9kNRqcUUpxgzEdpkUz8bl22kUcFnK4P1fwVgyGnQ8ANek1TSELTwJujYf6qv55WyfNh-DcX9_jHbEgd1tnt4q_2_NQxAspsU4sxI6wNh18TPJmYR7TMozRf_qXxXM...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AZmPxg9kNRqcUUpxgzEdpkUz8bl22kUcFnK4P1fwVgyGnQ8ANek1TSELTwJujYf6qv55WyfNh-DcX9_jHbEgd1tnt4q_2_NQxAspsU4sxI6wNh18TPJmYR7TMozRf_qXxXMl7zlUyZop6eE&google_hm=RWIwYjRfbG1LNDAzMmM2cTNEOTY=
Requested by
Host: 4d6f72d0e14a2586548118fd7cc8457d.safeframe.googlesyndication.com
URL: https://4d6f72d0e14a2586548118fd7cc8457d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:35:30 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 21 Oct 2022 19:35:29 GMT
Content-Type
text/html; charset=utf-8
Location
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AZmPxg9kNRqcUUpxgzEdpkUz8bl22kUcFnK4P1fwVgyGnQ8ANek1TSELTwJujYf6qv55WyfNh-DcX9_jHbEgd1tnt4q_2_NQxAspsU4sxI6wNh18TPJmYR7TMozRf_qXxXMl7zlUyZop6eE&google_hm=RWIwYjRfbG1LNDAzMmM2cTNEOTY=
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
279
Expires
Thu, 01 Dec 1994 16:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 7607 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K_Wdc3XY6rBVX7s7jIIVLcbrpLNVqa9DtGeubR1N-4mZpi5OHUe6yWKY2-i2fjMbnZS4K8
Requested by
Host: 4d6f72d0e14a2586548118fd7cc8457d.safeframe.googlesyndication.com
URL: https://4d6f72d0e14a2586548118fd7cc8457d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:35:28 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
truncated
/ Frame EC58 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
46768fcb3912822c3da6fd39a529caeb581c4a6ef88a5ffc0c93b45addd7c94a

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 2750 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4bf72653612ba267fd4bf6bdfdb65a274971a29811132ad52ec5c8f4b8a4e0ad

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6854 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
2465
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 21 Oct 2022 18:54:23 GMT
expires
Sat, 21 Oct 2023 18:54:23 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 8E78 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f99.1e100.net
Software
GSE /
Resource Hash
0f6e1da8966aa681e8149a7e59ee5dff9eedee1a396342eddcfe8c524b62da9a
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ImBh4W-f5ZKI6lWZ7Nw8dg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-ImBh4W-f5ZKI6lWZ7Nw8dg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 21 Oct 2022 19:35:28 GMT
expires
Fri, 21 Oct 2022 19:35:28 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sodar
pagead2.googlesyndication.com/pagead/ Frame 7115 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221019&jk=2672479170510720&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-jun-xin-yi-pi-sheng-chang-qi-ban-fei-xing-xue-yuan-jie-ye-you-ge-xin-tu-po.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
uorw1Q15Z41enm5ok1wjUR_2roEciA9rCBWFXmlrAj4.js
pagead2.googlesyndication.com/bg/ Frame 4BCB 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/uorw1Q15Z41enm5ok1wjUR_2roEciA9rCBWFXmlrAj4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
sffe /
Resource Hash
ba8af0d50d79678d5e9e6e68935c23511ff6ae811c880f6b0815855e696b023e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 20:06:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
170941
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15900
x-xss-protection
0
last-modified
Tue, 18 Oct 2022 15:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 19 Oct 2023 20:06:27 GMT
publishertag.prebid.117.js
static.criteo.net/js/ld/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:35:29 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 29 Dec 2021 12:30:46 GMT
server
nginx
etag
W/"61cc54f6-15c19"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 22 Oct 2022 19:35:29 GMT
analytics.js
s.acexedge.com/2/tm75/ Frame 48C1 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.acexedge.com/2/tm75/analytics.js?pp=89500&si=833209&di=www.bg3.co&ac=723720&pc=2577838&ai=4118211376&dm=15&ti=2033177727147589838.3843878600110830905&ui=&cb=4432968218687010311&sr=11901&c2=3&r6=c1fecd6e4d9bf169bf4d89f8acccee5d&dt=2926111444050714666007&md=DISPLAY&account_id=461428&ap=
Requested by
Host: playtime.tubemogul.com
URL: https://playtime.tubemogul.com/ud/prod/ad_plugins/release/displayproxy-20201012.js?auction_id=2033177727147589838.3843878600110830905
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
3.0.26.188 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-0-26-188.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
a1c356180c7fbdf0d9eb6f57137385cf961ff09bf84eeb409928253d0823e209
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 21 Oct 2022 19:35:29 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
Accept-Ch
Viewport-Width, Viewport-Height, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data
Vary
*
Content-Type
text/javascript; charset=utf-8
Cache-Control
no-cache, no-store, must-revalidate, no-transform, private, max-age=0
Timing-Allow-Origin
*
Content-Length
2927
Expires
0
imp
statsf-tm.everesttech.net/stats/1/ Frame 48C1 		85 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://statsf-tm.everesttech.net/stats/1/imp?price=0.08&date=1666380927999&seller_id=11901&ssb=F&didtype=&sessId=2033177727147589838.3843878600110830905&mpKey=I5GLwcZkBqWgaO9IIcO5&bi=B0982Yz394Jy1ttN1CTWAIvGF-2Yo8UUq2jZLTb2k2Jda78KAGGuEfZEj3FUVzPu0Wa8yLuR8S7dO42jX4YW8icEZz5f4IdWsC_O8FKDKGlzT81L9Bahjc8YoRrAwLpnHCJynS6c_taNxSYQ-Pc6wioMIIU6FBKrQVAI-p2UhPmoOAPRcOt17Vyiud731ZCExpsqCPkRC1v0WE-h9xZLlBLhA5JirXXx93K0BzmqyVwSkM&did=&adKey=Ku5YY7p0QAmQhR3kr41g&conn=unknown&rt=HTML5&auth=2273cf3943d7ca6589630481650d1daa&vinst=t&env=site&s=H4sIAAAAAAAAAAEAAf_--qsPUUKnc6Y_hw3tfEefbwFwXa6yB3QPHNeNHG75ferHEUnJUDg7IFZbneGFO4UwvlINT2kJThiI0ZsScriAi2zhYU3HOagF_6IsrblJnC3ElWPntpR_zG23RNdwlQ_82yU334VlfMjJCPFL_dEdlAxoYOJ_57shZNEVOAWFGesNgvf6kHfzGm4pyF9ldFx_UdFa8IIpd57a4dN9DL5h5SDsZPNn7-ZOfMk40l9yqL4NLSnLpoEXtJYmG5vw-8W779h-UOoLHS--jkIwxcRHc8t9jOVelRYcAS1h9J1N2Kh403isuufdkcNAIh4D0ZsMLRzvsiQQHL3m_T0Hii13xPLp2eoAAQAA&psId=Ob1VXBcfZdjnlVjOeJ7f&cpKey=EYu2HtoTu2cHw5R78E7n&PG=F&burl=about%3Ablank&rurl=https%3A%2F%2Fwww.bg3.co&astv=20220412&apv=B20201012&vw=728&vh=90
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-jun-xin-yi-pi-sheng-chang-qi-ban-fei-xing-xue-yuan-jie-ye-you-ge-xin-tu-po.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-cache-hits
0
date
Fri, 21 Oct 2022 19:35:28 GMT
via
1.1 varnish
x-pt
P=369
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
x-region
APAC
content-length
85
x-served-by
cache-syd10151-SYD
pragma
no-cache
server
Jetty(9.4.35.v20201120)
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache
accept-ranges
bytes
expires
Fri, 21 Oct 2022 19:35:28 UTC
pixel
cm.g.doubleclick.net/ Frame 48C1
Redirect Chain
  • https://rtd-tm.everesttech.net/upi/?sid=iAmSr5a7S9XnZJ29VY9u&cs=1
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WTFMMGZ3QUFBTXZoNHdBSw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WTFMMGZ3QUFBTXZoNHdBSw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-jun-xin-yi-pi-sheng-chang-qi-ban-fei-xing-xue-yuan-jie-ye-you-ge-xin-tu-po.html
Protocol
H3
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:35:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by
cache-syd10151-SYD
pragma
no-cache
date
Fri, 21 Oct 2022 19:35:28 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1666380929.720633,VS0,VE223
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WTFMMGZ3QUFBTXZoNHdBSw
cache-control
no-cache
accept-ranges
bytes
content-length
0
x-cache-hits
0
PYUnd1ve
rtd-tm.everesttech.net/upi/extseg/pid/ Frame 48C1
Redirect Chain
  • https://pixel.quantserve.com/seg/r;a=p-T1mksRPv1rGRh;rand=4432968218687010311;redirecturl=https%3A%2F%2Frtd-tm.everesttech.net%2Fupi%2Fextseg%2Fpid%2FPYUnd1ve%3Fsid%3D!qcsegs
  • https://rtd-tm.everesttech.net/upi/extseg/pid/PYUnd1ve?sid=D
0
83 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtd-tm.everesttech.net/upi/extseg/pid/PYUnd1ve?sid=D
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-jun-xin-yi-pi-sheng-chang-qi-ban-fei-xing-xue-yuan-jie-ye-you-ge-xin-tu-po.html
Protocol
H2
Server
151.101.2.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-served-by
cache-syd10151-SYD
pragma
no-cache
date
Fri, 21 Oct 2022 19:35:29 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1666380929.934322,VS0,VE207
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
cache-control
no-cache
accept-ranges
bytes
content-length
0
x-cache-hits
0

Redirect headers

location
https://rtd-tm.everesttech.net/upi/extseg/pid/PYUnd1ve?sid=D
pragma
no-cache
date
Fri, 21 Oct 2022 19:35:28 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
strict-transport-security
max-age=86400
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
p-T1mksRPv1rGRh.gif
pixel.quantserve.com/pixel/ Frame 48C1 		35 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel/p-T1mksRPv1rGRh.gif
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-jun-xin-yi-pi-sheng-chang-qi-ban-fei-xing-xue-yuan-jie-ye-you-ge-xin-tu-po.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.229.10.211 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 21 Oct 2022 19:35:28 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
strict-transport-security
max-age=86400
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
qmap
sync.crwdcntrl.net/ Frame 48C1
Redirect Chain
  • https://sync.crwdcntrl.net/qmap?c=1811&tp=TBMG&tpid=&gdpr=0&gdpr_consent=
  • https://sync.crwdcntrl.net/qmap?c=1811&tp=TBMG&tpid=&gdpr=0&gdpr_consent=&ct=y
49 B
545 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=1811&tp=TBMG&tpid=&gdpr=0&gdpr_consent=&ct=y
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-jun-xin-yi-pi-sheng-chang-qi-ban-fei-xing-xue-yuan-jie-ye-you-ge-xin-tu-po.html
Protocol
H2
Server
18.139.5.162 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-139-5-162.ap-southeast-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:35:29 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.42.25.187
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:35:29 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://sync.crwdcntrl.net/qmap?c=1811&tp=TBMG&tpid=&gdpr=0&gdpr_consent=&ct=y
cache-control
no-cache
x-server
10.42.17.96
content-length
0
expires
0
renderstart
statsf-tm.everesttech.net/stats/1/ Frame 48C1 		85 B
130 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://statsf-tm.everesttech.net/stats/1/renderstart?price=0.08&date=1666380927999&seller_id=11901&didtype=&sessId=2033177727147589838.3843878600110830905&mpKey=I5GLwcZkBqWgaO9IIcO5&bi=B0982Yz394Jy1ttN1CTWAIvGF-2Yo8UUq2jZLTb2k2Jda78KAGGuEfZEj3FUVzPu0Wa8yLuR8S7dO42jX4YW8icEZz5f4IdWsC_O8FKDKGlzT81L9Bahjc8YoRrAwLpnHCJynS6c_taNxSYQ-Pc6wioMIIU6FBKrQVAI-p2UhPmoOAPRcOt17Vyiud731ZCExpsqCPkRC1v0WE-h9xZLlBLhA5JirXXx93K0BzmqyVwSkM&did=&adKey=Ku5YY7p0QAmQhR3kr41g&conn=unknown&rt=HTML5&auth=2273cf3943d7ca6589630481650d1daa&vinst=t&env=site&s=H4sIAAAAAAAAAAEAAf_--qsPUUKnc6Y_hw3tfEefbwFwXa6yB3QPHNeNHG75ferHEUnJUDg7IFZbneGFO4UwvlINT2kJThiI0ZsScriAi2zhYU3HOagF_6IsrblJnC3ElWPntpR_zG23RNdwlQ_82yU334VlfMjJCPFL_dEdlAxoYOJ_57shZNEVOAWFGesNgvf6kHfzGm4pyF9ldFx_UdFa8IIpd57a4dN9DL5h5SDsZPNn7-ZOfMk40l9yqL4NLSnLpoEXtJYmG5vw-8W779h-UOoLHS--jkIwxcRHc8t9jOVelRYcAS1h9J1N2Kh403isuufdkcNAIh4D0ZsMLRzvsiQQHL3m_T0Hii13xPLp2eoAAQAA&psId=Ob1VXBcfZdjnlVjOeJ7f&cpKey=EYu2HtoTu2cHw5R78E7n&PG=F&burl=about%3Ablank&rurl=https%3A%2F%2Fwww.bg3.co&astv=20220412&apv=B20201012
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-jun-xin-yi-pi-sheng-chang-qi-ban-fei-xing-xue-yuan-jie-ye-you-ge-xin-tu-po.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-cache-hits
0
date
Fri, 21 Oct 2022 19:35:28 GMT
via
1.1 varnish
x-pt
P=509
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
x-region
APAC
content-length
85
x-served-by
cache-syd10151-SYD
pragma
no-cache
server
Jetty(9.4.35.v20201120)
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache
accept-ranges
bytes
expires
Fri, 21 Oct 2022 19:35:28 UTC
rendercomplete
statsf-tm.everesttech.net/stats/1/ Frame 48C1 		85 B
252 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://statsf-tm.everesttech.net/stats/1/rendercomplete?price=0.08&date=1666380927999&seller_id=11901&didtype=&sessId=2033177727147589838.3843878600110830905&mpKey=I5GLwcZkBqWgaO9IIcO5&bi=B0982Yz394Jy1ttN1CTWAIvGF-2Yo8UUq2jZLTb2k2Jda78KAGGuEfZEj3FUVzPu0Wa8yLuR8S7dO42jX4YW8icEZz5f4IdWsC_O8FKDKGlzT81L9Bahjc8YoRrAwLpnHCJynS6c_taNxSYQ-Pc6wioMIIU6FBKrQVAI-p2UhPmoOAPRcOt17Vyiud731ZCExpsqCPkRC1v0WE-h9xZLlBLhA5JirXXx93K0BzmqyVwSkM&did=&adKey=Ku5YY7p0QAmQhR3kr41g&conn=unknown&rt=HTML5&auth=2273cf3943d7ca6589630481650d1daa&vinst=t&env=site&s=H4sIAAAAAAAAAAEAAf_--qsPUUKnc6Y_hw3tfEefbwFwXa6yB3QPHNeNHG75ferHEUnJUDg7IFZbneGFO4UwvlINT2kJThiI0ZsScriAi2zhYU3HOagF_6IsrblJnC3ElWPntpR_zG23RNdwlQ_82yU334VlfMjJCPFL_dEdlAxoYOJ_57shZNEVOAWFGesNgvf6kHfzGm4pyF9ldFx_UdFa8IIpd57a4dN9DL5h5SDsZPNn7-ZOfMk40l9yqL4NLSnLpoEXtJYmG5vw-8W779h-UOoLHS--jkIwxcRHc8t9jOVelRYcAS1h9J1N2Kh403isuufdkcNAIh4D0ZsMLRzvsiQQHL3m_T0Hii13xPLp2eoAAQAA&psId=Ob1VXBcfZdjnlVjOeJ7f&cpKey=EYu2HtoTu2cHw5R78E7n&PG=F&burl=about%3Ablank&rurl=https%3A%2F%2Fwww.bg3.co&astv=20220412&apv=B20201012
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-jun-xin-yi-pi-sheng-chang-qi-ban-fei-xing-xue-yuan-jie-ye-you-ge-xin-tu-po.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-cache-hits
0
date
Fri, 21 Oct 2022 19:35:28 GMT
via
1.1 varnish
x-pt
P=369
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
x-region
APAC
content-length
85
x-served-by
cache-syd10151-SYD
pragma
no-cache
server
Jetty(9.4.35.v20201120)
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache
accept-ranges
bytes
expires
Fri, 21 Oct 2022 19:35:28 UTC
aac_viewability-ab8b7a.js
playtime.tubemogul.com/ud/prod/pullins/ Frame 48C1 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://playtime.tubemogul.com/ud/prod/pullins/aac_viewability-ab8b7a.js
Requested by
Host: playtime.tubemogul.com
URL: https://playtime.tubemogul.com/ud/prod/ad_plugins/release/displayproxy-20201012.js?auction_id=2033177727147589838.3843878600110830905
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
117.18.232.64 , Australia, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nwa/E796) /
Resource Hash
0a935bcb26d17b1f20321b7c5e101597e8288c386b3e007778b5675a3fd032ef

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:35:28 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 01:39:46 GMT
server
ECAcc (nwa/E796)
age
41252
etag
"1983306799"
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
content-length
4789
expires
Sat, 22 Oct 2022 19:35:28 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 6FF7 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstq6LRtckrs63Z0cyXDQz9mCJSw0W0ifS2wnnusrRoa98u0jvWMTgOrR6c8XthunxDo_rntBSAJ4MsumuLwPoj3rE0LMMm0cz6xN_lNDSulz5vitpNUmU6Xri76HZxcyP-CLHvWLmgPgDhrolhhsGErUc_vqsTDivLtdBzlOCz6PXeiPpnLcQAq5fLGtdreazs7lAZKuuzUNvZCgf8pUL5peJ-7dXhRzGSbmgXa8Kyk_1K90YJV8QcmCOjx1yFCy56NVnCNcFO0FriJFKwBIoGXYqeAKUB1w9q8LODjRWUtrZEcrURptn6LLZqI4SU&sai=AMfl-YTAvTq6qs92uKbrFZ772yuRRrfLSLnf-niidZAruVIIFhtgv23yl4lU3ZFoUBJlY7KOwRFjf6-4DF2IdeKb9jzqLvJ4-H8K0wnOXD34fy4VC-ozBtjljbRdVS5g55r_&sig=Cg0ArKJSzJBdVN_mwSAnEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:35:28 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 21 Oct 2022 19:35:28 GMT
pixel
cm.g.doubleclick.net/ Frame 03EA
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEOukcUdl1JeA0pi8OEllITw&google_cver=1&google_push=AZmPxg-ZLQuHzCg7WpT3WiPRFmsgCwrvwWuT1j_H5FhLtyut8vJXOT4sX6BkNZWAy11DLwWql_CacpY-el7yUqsA...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AZmPxg-ZLQuHzCg7WpT3WiPRFmsgCwrvwWuT1j_H5FhLtyut8vJXOT4sX6BkNZWAy11DLwWql_CacpY-el7yUqsADeqhtmXnNlCyicqbpVOipK4uzs5U6f...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AZmPxg-ZLQuHzCg7WpT3WiPRFmsgCwrvwWuT1j_H5FhLtyut8vJXOT4sX6BkNZWAy11DLwWql_CacpY-el7yUqsADeqhtmXnNlCyicqbpVOipK4uzs5U6f1-4X0UeqlYz1qmk8D1WmUPjnqu
Requested by
Host: 4d6f72d0e14a2586548118fd7cc8457d.safeframe.googlesyndication.com
URL: https://4d6f72d0e14a2586548118fd7cc8457d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:35:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Fri, 21 Oct 2022 19:35:29 GMT
Server
MT3 4539 98cc2da master nrt-pixel-x2 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AZmPxg-ZLQuHzCg7WpT3WiPRFmsgCwrvwWuT1j_H5FhLtyut8vJXOT4sX6BkNZWAy11DLwWql_CacpY-el7yUqsADeqhtmXnNlCyicqbpVOipK4uzs5U6f1-4X0UeqlYz1qmk8D1WmUPjnqu
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 21 Oct 2022 19:35:28 GMT
pixel
cm.g.doubleclick.net/ Frame 03EA
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEAWIBK-OqkFRopPbvxkKm2g&google_cver=1&google_push=AZmPxg-vT1So_knF38h8KYXRjTwE_Yyu89MOCCWu7H-rU-veNDFPegORYxO2a-y4lkkoCpYL6-6k4gYbHDn_QRbF9VyyS8bSan079D...
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=D2EB9873C83048939AA9FBD5914232D7&google_push=AZmPxg-vT1So_knF38h8KYXRjTwE_Yyu89MOCCWu7H-rU-veNDFPegORYxO2a-y4lkkoCpYL6-6k4gYbHDn_QRb...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=D2EB9873C83048939AA9FBD5914232D7&google_push=AZmPxg-vT1So_knF38h8KYXRjTwE_Yyu89MOCCWu7H-rU-veNDFPegORYxO2a-y4lkkoCpYL6-6k4gYbHDn_QRbF9VyyS8bSan079Dd6EhbKQqZ3QVfmv5oOr6EhGPG9b15skXOlNhiwZytPBA
Requested by
Host: 4d6f72d0e14a2586548118fd7cc8457d.safeframe.googlesyndication.com
URL: https://4d6f72d0e14a2586548118fd7cc8457d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:35:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 21 Oct 2022 19:35:29 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=D2EB9873C83048939AA9FBD5914232D7&google_push=AZmPxg-vT1So_knF38h8KYXRjTwE_Yyu89MOCCWu7H-rU-veNDFPegORYxO2a-y4lkkoCpYL6-6k4gYbHDn_QRbF9VyyS8bSan079Dd6EhbKQqZ3QVfmv5oOr6EhGPG9b15skXOlNhiwZytPBA
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Thu, 20 Oct 2022 19:35:29 GMT
pixel
cm.g.doubleclick.net/ Frame 03EA
Redirect Chain
  • https://ipac.ctnsnet.com/int/cm?exc=1&acc=crimtan_au&google_gid=CAESEK2Lag5QxWmQO1bfdPdZPfw&google_cver=1&google_push=AZmPxg8Okhbo2Yyhgc_HsPtUWm8uieXWIQ00nUpS25UXQ5hcilKQJ7jRVJ2oyr_lXX2h2DU46v84o98...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AZmPxg8Okhbo2Yyhgc_HsPtUWm8uieXWIQ00nUpS25UXQ5hcilKQJ7jRVJ2oyr_lXX2h2DU46v84o983z_OzMumcDu5CmAzNXfnjFFDv5UpiVdcPx7WV9nUceSDPG-PA...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AZmPxg8Okhbo2Yyhgc_HsPtUWm8uieXWIQ00nUpS25UXQ5hcilKQJ7jRVJ2oyr_lXX2h2DU46v84o983z_OzMumcDu5CmAzNXfnjFFDv5UpiVdcPx7WV9nUceSDPG-PAuVg6yTdBtu2s-z5J&google_hm=urr56qSvQz6NzrO8prd8v4I
Requested by
Host: 4d6f72d0e14a2586548118fd7cc8457d.safeframe.googlesyndication.com
URL: https://4d6f72d0e14a2586548118fd7cc8457d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:35:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:35:28 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AZmPxg8Okhbo2Yyhgc_HsPtUWm8uieXWIQ00nUpS25UXQ5hcilKQJ7jRVJ2oyr_lXX2h2DU46v84o983z_OzMumcDu5CmAzNXfnjFFDv5UpiVdcPx7WV9nUceSDPG-PAuVg6yTdBtu2s-z5J&google_hm=urr56qSvQz6NzrO8prd8v4I
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 03EA
Redirect Chain
  • https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEJnCRBo1f3jEBcONK0nwWRo&google_cver=1&google_push=AZmPxg9qr6mYHKvsW7dA0g_c1UXjWntWdCezbxNqZFkhT4P00wHpu_p-1C3isuD3kmnfSas1fWAapqtHu7mkYg...
  • https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AZmPxg9qr6mYHKvsW7dA0g_c1UXjWntWdCezbxNqZFkhT4P00wHpu_p-1C3isuD3kmnfSas1fWAapqtHu7mkYgjakQM3k1dXK_9JL2DMQRmKFuWP0ORff5iJ3jn2ku7O...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AZmPxg9qr6mYHKvsW7dA0g_c1UXjWntWdCezbxNqZFkhT4P00wHpu_p-1C3isuD3kmnfSas1fWAapqtHu7mkYgjakQM3k1dXK_9JL2DMQRmKFuWP0ORff5iJ3jn2ku7Oc3zPbgX8AGcZAWl7Dg&google_hm=hmNS9H4B0XkU4MFgWw&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D6352F47E01D17914E0C1605BBLIS
Requested by
Host: 4d6f72d0e14a2586548118fd7cc8457d.safeframe.googlesyndication.com
URL: https://4d6f72d0e14a2586548118fd7cc8457d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:35:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AZmPxg9qr6mYHKvsW7dA0g_c1UXjWntWdCezbxNqZFkhT4P00wHpu_p-1C3isuD3kmnfSas1fWAapqtHu7mkYgjakQM3k1dXK_9JL2DMQRmKFuWP0ORff5iJ3jn2ku7Oc3zPbgX8AGcZAWl7Dg&google_hm=hmNS9H4B0XkU4MFgWw&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D6352F47E01D17914E0C1605BBLIS
date
Fri, 21 Oct 2022 19:35:28 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
cm.g.doubleclick.net/ Frame 03EA
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEJj7Djn_qTGqP4LaZPDDFdw&google_cver=1&google_push=AZmPxg83Es5_KAX3WtdIhETKFJ8RFmFHS3AkNjlXw4a-tD619WA1jwuw7cJrovfpmzCStY4Wyj9Q7gNRDFs8F...
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEJj7Djn_qTGqP4LaZPDDFdw&google_push=AZmPxg83Es5_KAX3WtdIhETKFJ8RFmFHS3AkNjlXw4a-tD619WA1jwuw7cJrovfpmzCStY4Wyj9Q7gNRDFs8F...
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AZmPxg83Es5_KAX3WtdIhETKFJ8RFmFHS3AkNjlXw4a-tD619WA1jwuw7cJrovfpmzCStY4Wyj9Q7gNRDFs8FlR_oyW1vxliSEbbjnKtfmJw16B1cZjyCiOINbJXWHV64BB...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AZmPxg83Es5_KAX3WtdIhETKFJ8RFmFHS3AkNjlXw4a-tD619WA1jwuw7cJrovfpmzCStY4Wyj9Q7gNRDFs8FlR_oyW1vxliSEbbjnKtfmJw16B1cZjyCiOINbJXWHV64BB5LspOimMzpJKDeg&google_hm=cmxScGpsRVdwSUdVUVBUWlNDUDA=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-jun-xin-yi-pi-sheng-chang-qi-ban-fei-xing-xue-yuan-jie-ye-you-ge-xin-tu-po.html
Protocol
H3
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:35:30 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 21 Oct 2022 19:35:30 GMT
Content-Type
text/html; charset=utf-8
Location
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AZmPxg83Es5_KAX3WtdIhETKFJ8RFmFHS3AkNjlXw4a-tD619WA1jwuw7cJrovfpmzCStY4Wyj9Q7gNRDFs8FlR_oyW1vxliSEbbjnKtfmJw16B1cZjyCiOINbJXWHV64BB5LspOimMzpJKDeg&google_hm=cmxScGpsRVdwSUdVUVBUWlNDUDA=
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
282
Expires
Thu, 01 Dec 1994 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 03EA
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEBMlZLzAQvvpISfVHTuT2TU&google_cver=1&google_push=AZmPxg9e-Fcu0Sx_4cTpMrBRe-V494E2pgSsWg2L_PCXndBLKMfuaqUv_ydy4v_rsX5-GLCNrYuwzudQ7Itg7g8...
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=kEoEJVJTS-NBAvTVnKfN-K310YI&google_push=AZmPxg9e-Fcu0Sx_4cTpMrBRe-V494E2pgSsWg2L_PCXndBLKMfuaqUv_ydy4v_rsX5-GLCNrYuwzudQ7Itg7g...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=kEoEJVJTS-NBAvTVnKfN-K310YI&google_push=AZmPxg9e-Fcu0Sx_4cTpMrBRe-V494E2pgSsWg2L_PCXndBLKMfuaqUv_ydy4v_rsX5-GLCNrYuwzudQ7Itg7g8wuZfPh-wFZdpoHwXx9Kjfm26BfX9tIIG-ibxdB_KxI3Sbg7YQfiehK8IveA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-jun-xin-yi-pi-sheng-chang-qi-ban-fei-xing-xue-yuan-jie-ye-you-ge-xin-tu-po.html
Protocol
H3
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:35:30 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=kEoEJVJTS-NBAvTVnKfN-K310YI&google_push=AZmPxg9e-Fcu0Sx_4cTpMrBRe-V494E2pgSsWg2L_PCXndBLKMfuaqUv_ydy4v_rsX5-GLCNrYuwzudQ7Itg7g8wuZfPh-wFZdpoHwXx9Kjfm26BfX9tIIG-ibxdB_KxI3Sbg7YQfiehK8IveA
Date
Fri, 21 Oct 2022 19:35:29 GMT
Connection
keep-alive
Content-Length
288
Content-Type
text/html; charset=utf-8
spacer.gif
an.yandex.ru/resource/ Frame 03EA
Redirect Chain
  • https://an.yandex.ru/mapuid/google/CAESEJeCsCD_df9UBAt6lg04rOY?ext-param=AZmPxg_klYkewkr19q4eN7DcBTYLG4xbjPHF3sZqqS6iXRqwNg5K7OrtvNifIZRp-OMrtHgxPeqBccagIhiFGVyKfpLsPS_qnYBZBLkraAMf76rcEY5g4NlltWdt...
  • https://an.yandex.ru/mapuid/google/CAESEJeCsCD_df9UBAt6lg04rOY?redir-setuniq=1&ext-param=AZmPxg_klYkewkr19q4eN7DcBTYLG4xbjPHF3sZqqS6iXRqwNg5K7OrtvNifIZRp-OMrtHgxPeqBccagIhiFGVyKfpLsPS_qnYBZBLkraAMf...
  • https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEJeCsCD_df9UBAt6lg04rOY&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
  • https://an.yandex.ru/resource/spacer.gif
43 B
144 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/resource/spacer.gif
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-jun-xin-yi-pi-sheng-chang-qi-ban-fei-xing-xue-yuan-jie-ye-you-ge-xin-tu-po.html
Protocol
H2
Server
213.180.193.90 , Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
bs.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:35:30 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Wed, 18 Apr 2001 10:28:03 GMT
content-type
image/gif
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Fri, 06 Oct 2023 19:35:30 GMT

Redirect headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:35:30 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://an.yandex.ru/resource/spacer.gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
237
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 03EA 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J6dFQwBe4SG_fj-HtO8cxtAd74G79Y3ABZafmZIoqawLFdz8mlDT_oqmhK-qaNwo_aF-HmTg
Requested by
Host: 4d6f72d0e14a2586548118fd7cc8457d.safeframe.googlesyndication.com
URL: https://4d6f72d0e14a2586548118fd7cc8457d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:35:28 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
sodar
pagead2.googlesyndication.com/pagead/ Frame 8E78 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221019&jk=746497570079959&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-jun-xin-yi-pi-sheng-chang-qi-ban-fei-xing-xue-yuan-jie-ye-you-ge-xin-tu-po.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame EC58 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f94.1e100.net
Software
sffe /
Resource Hash
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://4d6f72d0e14a2586548118fd7cc8457d.safeframe.googlesyndication.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 12:50:38 GMT
x-content-type-options
nosniff
age
456291
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28288
x-xss-protection
0
last-modified
Wed, 01 Jun 2022 19:05:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 16 Oct 2023 12:50:38 GMT
uorw1Q15Z41enm5ok1wjUR_2roEciA9rCBWFXmlrAj4.js
pagead2.googlesyndication.com/bg/ Frame 6854 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/uorw1Q15Z41enm5ok1wjUR_2roEciA9rCBWFXmlrAj4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
sffe /
Resource Hash
ba8af0d50d79678d5e9e6e68935c23511ff6ae811c880f6b0815855e696b023e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 20:06:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
170941
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15900
x-xss-protection
0
last-modified
Tue, 18 Oct 2022 15:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 19 Oct 2023 20:06:27 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame 0E64 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y1L0fwAC6ugDgwEMAApQ1jR685-xTgtrtLud2w&u=%7CofVbK1XmZRbPu%2FhZt%2FV3fq8L%2B8opEzGA0RmCmiEnt%2B0%3D%7C&c1=0n2XosTo5cliKCnvh9OE5jqZHIJlQ7xgp7yhsEndoSQWtCdBOgT7K4ozbUym4LQBP0pW1DkPG3cqCrmCt---Av6Kjbuz6oDarG3WZ1PjBDpweLK-UsMlDvClDVsbgNGYem2l2F_Zskv2jxgp958pnROz25-dhZto5ES6GUwDdN1NN468diB8wZkUxgu4NZJv0jhS5zWR-jifqd_h4qubI-aNOCkx8vJ8jDe8NZeskPl1Vzt878HaV_cxKr37z9foYp8GTUczxfiGnpa18Vrb0YjPHOEu4u31-h4gjGIM1kei-gMEI1B9fOtTq2pyfOcxX3QK8Cha2n2RBRW_nIelCNVqv_O4LxsYoMA3tlMnJJtL0Eqpp8_ET-G6WtcoQRLp2hwab92Nksh44X41vzVkb_Co8sNaVsBq_zWmd1WNB6dLFZzgQzoCbclDA-K-KhO05MTBbCYOVdK5bCnBImlbV_E1QYVyBxNZ3BXpXGMcxP_H3HacJBXgmyTZOGccHkPGm45G7OGQMmVFxZQAgY3I1EXkftfu-bJKJULQca4dI2a48XmYtEntGlT16FpvR0GqJJOC5L4idxo2osmqwlbdv7YQ1swa3N7Jqg_mTJX9n7tkAF_u6qYl8IlNjZ3ZNx92RTH7M5mtdkJprgyovPWCLg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCED5Of_RSY-jVC4yCjMwP1qGpgAWY_NGxXKqEzOSFAcCNtwEQASAAYKWAgICQAYIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQJAHLB2MyylPuACAKgDAaoEzgJP0FQDYputrVq4mBZC85-yElHjyZS2Jg_7LUTvNGHz-3e9_X4AvWIcWcJ3q-pUyk_FZVRdqw9dTIk_uop2frxQBb8_eNeQaa5uI2LtPq6G1hn684b6CvwKVFmGPHn7xcEa_YbonbbK3OLxSPPjI0YNcKMvkOQqfjwHOH9FNeKXo8RYxlMGNUbpWVqruBJibqFt8AF_TgXmqnLQLEAlES7u22sviP_I3arpqvn0qvyQu97lMsk2h0gdrkLIcjH4tnb7i6c8m-Hesp10qUtZ6h8lxeG8AmerimzhAjWGi1pgwc8lk6dHjERr0V0MKRsA8EsEwztjmVyoUGzoBkxzVUkZEUe_uQUSMhJkrYvoi954WJ_sZdrM5u7XU7k-o_lKoJCNpPtyx7w58l2Vq3sbwbNjigiO_KpWPiHzMOCzeRPO9_B-S3v12Z96l_bF_XVl4AQBgAbumczxoPKew5QBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_09LmVbMVdAq-eVz3MUJsrAaekHTw%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:35:29 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 16 Oct 2023 19:35:29 GMT
adchoices_en.svg
static.criteo.net/flash/icon/ Frame 0E64 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_en.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y1L0fwAC6ugDgwEMAApQ1jR685-xTgtrtLud2w&u=%7CofVbK1XmZRbPu%2FhZt%2FV3fq8L%2B8opEzGA0RmCmiEnt%2B0%3D%7C&c1=0n2XosTo5cliKCnvh9OE5jqZHIJlQ7xgp7yhsEndoSQWtCdBOgT7K4ozbUym4LQBP0pW1DkPG3cqCrmCt---Av6Kjbuz6oDarG3WZ1PjBDpweLK-UsMlDvClDVsbgNGYem2l2F_Zskv2jxgp958pnROz25-dhZto5ES6GUwDdN1NN468diB8wZkUxgu4NZJv0jhS5zWR-jifqd_h4qubI-aNOCkx8vJ8jDe8NZeskPl1Vzt878HaV_cxKr37z9foYp8GTUczxfiGnpa18Vrb0YjPHOEu4u31-h4gjGIM1kei-gMEI1B9fOtTq2pyfOcxX3QK8Cha2n2RBRW_nIelCNVqv_O4LxsYoMA3tlMnJJtL0Eqpp8_ET-G6WtcoQRLp2hwab92Nksh44X41vzVkb_Co8sNaVsBq_zWmd1WNB6dLFZzgQzoCbclDA-K-KhO05MTBbCYOVdK5bCnBImlbV_E1QYVyBxNZ3BXpXGMcxP_H3HacJBXgmyTZOGccHkPGm45G7OGQMmVFxZQAgY3I1EXkftfu-bJKJULQca4dI2a48XmYtEntGlT16FpvR0GqJJOC5L4idxo2osmqwlbdv7YQ1swa3N7Jqg_mTJX9n7tkAF_u6qYl8IlNjZ3ZNx92RTH7M5mtdkJprgyovPWCLg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCED5Of_RSY-jVC4yCjMwP1qGpgAWY_NGxXKqEzOSFAcCNtwEQASAAYKWAgICQAYIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQJAHLB2MyylPuACAKgDAaoEzgJP0FQDYputrVq4mBZC85-yElHjyZS2Jg_7LUTvNGHz-3e9_X4AvWIcWcJ3q-pUyk_FZVRdqw9dTIk_uop2frxQBb8_eNeQaa5uI2LtPq6G1hn684b6CvwKVFmGPHn7xcEa_YbonbbK3OLxSPPjI0YNcKMvkOQqfjwHOH9FNeKXo8RYxlMGNUbpWVqruBJibqFt8AF_TgXmqnLQLEAlES7u22sviP_I3arpqvn0qvyQu97lMsk2h0gdrkLIcjH4tnb7i6c8m-Hesp10qUtZ6h8lxeG8AmerimzhAjWGi1pgwc8lk6dHjERr0V0MKRsA8EsEwztjmVyoUGzoBkxzVUkZEUe_uQUSMhJkrYvoi954WJ_sZdrM5u7XU7k-o_lKoJCNpPtyx7w58l2Vq3sbwbNjigiO_KpWPiHzMOCzeRPO9_B-S3v12Z96l_bF_XVl4AQBgAbumczxoPKew5QBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_09LmVbMVdAq-eVz3MUJsrAaekHTw%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:35:29 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-759"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 16 Oct 2023 19:35:29 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 0E64 		308 B
637 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y1L0fwAC6ugDgwEMAApQ1jR685-xTgtrtLud2w&u=%7CofVbK1XmZRbPu%2FhZt%2FV3fq8L%2B8opEzGA0RmCmiEnt%2B0%3D%7C&c1=0n2XosTo5cliKCnvh9OE5jqZHIJlQ7xgp7yhsEndoSQWtCdBOgT7K4ozbUym4LQBP0pW1DkPG3cqCrmCt---Av6Kjbuz6oDarG3WZ1PjBDpweLK-UsMlDvClDVsbgNGYem2l2F_Zskv2jxgp958pnROz25-dhZto5ES6GUwDdN1NN468diB8wZkUxgu4NZJv0jhS5zWR-jifqd_h4qubI-aNOCkx8vJ8jDe8NZeskPl1Vzt878HaV_cxKr37z9foYp8GTUczxfiGnpa18Vrb0YjPHOEu4u31-h4gjGIM1kei-gMEI1B9fOtTq2pyfOcxX3QK8Cha2n2RBRW_nIelCNVqv_O4LxsYoMA3tlMnJJtL0Eqpp8_ET-G6WtcoQRLp2hwab92Nksh44X41vzVkb_Co8sNaVsBq_zWmd1WNB6dLFZzgQzoCbclDA-K-KhO05MTBbCYOVdK5bCnBImlbV_E1QYVyBxNZ3BXpXGMcxP_H3HacJBXgmyTZOGccHkPGm45G7OGQMmVFxZQAgY3I1EXkftfu-bJKJULQca4dI2a48XmYtEntGlT16FpvR0GqJJOC5L4idxo2osmqwlbdv7YQ1swa3N7Jqg_mTJX9n7tkAF_u6qYl8IlNjZ3ZNx92RTH7M5mtdkJprgyovPWCLg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCED5Of_RSY-jVC4yCjMwP1qGpgAWY_NGxXKqEzOSFAcCNtwEQASAAYKWAgICQAYIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQJAHLB2MyylPuACAKgDAaoEzgJP0FQDYputrVq4mBZC85-yElHjyZS2Jg_7LUTvNGHz-3e9_X4AvWIcWcJ3q-pUyk_FZVRdqw9dTIk_uop2frxQBb8_eNeQaa5uI2LtPq6G1hn684b6CvwKVFmGPHn7xcEa_YbonbbK3OLxSPPjI0YNcKMvkOQqfjwHOH9FNeKXo8RYxlMGNUbpWVqruBJibqFt8AF_TgXmqnLQLEAlES7u22sviP_I3arpqvn0qvyQu97lMsk2h0gdrkLIcjH4tnb7i6c8m-Hesp10qUtZ6h8lxeG8AmerimzhAjWGi1pgwc8lk6dHjERr0V0MKRsA8EsEwztjmVyoUGzoBkxzVUkZEUe_uQUSMhJkrYvoi954WJ_sZdrM5u7XU7k-o_lKoJCNpPtyx7w58l2Vq3sbwbNjigiO_KpWPiHzMOCzeRPO9_B-S3v12Z96l_bF_XVl4AQBgAbumczxoPKew5QBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_09LmVbMVdAq-eVz3MUJsrAaekHTw%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:35:29 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Mon, 16 Oct 2023 19:35:29 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 0E64 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y1L0fwAC6ugDgwEMAApQ1jR685-xTgtrtLud2w&u=%7CofVbK1XmZRbPu%2FhZt%2FV3fq8L%2B8opEzGA0RmCmiEnt%2B0%3D%7C&c1=0n2XosTo5cliKCnvh9OE5jqZHIJlQ7xgp7yhsEndoSQWtCdBOgT7K4ozbUym4LQBP0pW1DkPG3cqCrmCt---Av6Kjbuz6oDarG3WZ1PjBDpweLK-UsMlDvClDVsbgNGYem2l2F_Zskv2jxgp958pnROz25-dhZto5ES6GUwDdN1NN468diB8wZkUxgu4NZJv0jhS5zWR-jifqd_h4qubI-aNOCkx8vJ8jDe8NZeskPl1Vzt878HaV_cxKr37z9foYp8GTUczxfiGnpa18Vrb0YjPHOEu4u31-h4gjGIM1kei-gMEI1B9fOtTq2pyfOcxX3QK8Cha2n2RBRW_nIelCNVqv_O4LxsYoMA3tlMnJJtL0Eqpp8_ET-G6WtcoQRLp2hwab92Nksh44X41vzVkb_Co8sNaVsBq_zWmd1WNB6dLFZzgQzoCbclDA-K-KhO05MTBbCYOVdK5bCnBImlbV_E1QYVyBxNZ3BXpXGMcxP_H3HacJBXgmyTZOGccHkPGm45G7OGQMmVFxZQAgY3I1EXkftfu-bJKJULQca4dI2a48XmYtEntGlT16FpvR0GqJJOC5L4idxo2osmqwlbdv7YQ1swa3N7Jqg_mTJX9n7tkAF_u6qYl8IlNjZ3ZNx92RTH7M5mtdkJprgyovPWCLg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCED5Of_RSY-jVC4yCjMwP1qGpgAWY_NGxXKqEzOSFAcCNtwEQASAAYKWAgICQAYIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQJAHLB2MyylPuACAKgDAaoEzgJP0FQDYputrVq4mBZC85-yElHjyZS2Jg_7LUTvNGHz-3e9_X4AvWIcWcJ3q-pUyk_FZVRdqw9dTIk_uop2frxQBb8_eNeQaa5uI2LtPq6G1hn684b6CvwKVFmGPHn7xcEa_YbonbbK3OLxSPPjI0YNcKMvkOQqfjwHOH9FNeKXo8RYxlMGNUbpWVqruBJibqFt8AF_TgXmqnLQLEAlES7u22sviP_I3arpqvn0qvyQu97lMsk2h0gdrkLIcjH4tnb7i6c8m-Hesp10qUtZ6h8lxeG8AmerimzhAjWGi1pgwc8lk6dHjERr0V0MKRsA8EsEwztjmVyoUGzoBkxzVUkZEUe_uQUSMhJkrYvoi954WJ_sZdrM5u7XU7k-o_lKoJCNpPtyx7w58l2Vq3sbwbNjigiO_KpWPiHzMOCzeRPO9_B-S3v12Z96l_bF_XVl4AQBgAbumczxoPKew5QBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_09LmVbMVdAq-eVz3MUJsrAaekHTw%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:35:29 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Mon, 16 Oct 2023 19:35:29 GMT
lg.php
cat.sg1.as.criteo.com/delivery/ Frame 0E64 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.sg1.as.criteo.com/delivery/lg.php?cppv=3&cpp=Gtl0qfCRCK5SnmW-DGxnLt0v35RxdaiD_obtKED3W3xqLf69o53oujvG6cHuClwCsansUbWbwnfNfNxYosNEvzEib_iCRk2cNKPvOXawW4ixAak1SCqqTFSvoUwta58x63z4Ci0_SHg05tsRWeWl2mcrVDExEjx0-KO-A2zSA3T7yuj6T8EAhJWZpHSqETNjqV7d7JVWvu8ItfcXXThM79QvmQiNF94Q77IVHuoNdUPN8qj_kvWQT2RmsxJse2QUH-25jBJyiaEVYvk5G5GrVgsLJWoIJBUj6EgD8z_QCDabCibj7pco5DJL_fw9FVhJ0Rgj5Ua-y1CFxuFKGM48I5MxQAlzbcVWZrrpuokp7_YbY2Kr4aybDxEZFOSadmTQxQi4EnkdaPGypMfCuroYdmK8M98U5RnGrGOexQvMGXpP8qKX
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y1L0fwAC6ugDgwEMAApQ1jR685-xTgtrtLud2w&u=%7CofVbK1XmZRbPu%2FhZt%2FV3fq8L%2B8opEzGA0RmCmiEnt%2B0%3D%7C&c1=0n2XosTo5cliKCnvh9OE5jqZHIJlQ7xgp7yhsEndoSQWtCdBOgT7K4ozbUym4LQBP0pW1DkPG3cqCrmCt---Av6Kjbuz6oDarG3WZ1PjBDpweLK-UsMlDvClDVsbgNGYem2l2F_Zskv2jxgp958pnROz25-dhZto5ES6GUwDdN1NN468diB8wZkUxgu4NZJv0jhS5zWR-jifqd_h4qubI-aNOCkx8vJ8jDe8NZeskPl1Vzt878HaV_cxKr37z9foYp8GTUczxfiGnpa18Vrb0YjPHOEu4u31-h4gjGIM1kei-gMEI1B9fOtTq2pyfOcxX3QK8Cha2n2RBRW_nIelCNVqv_O4LxsYoMA3tlMnJJtL0Eqpp8_ET-G6WtcoQRLp2hwab92Nksh44X41vzVkb_Co8sNaVsBq_zWmd1WNB6dLFZzgQzoCbclDA-K-KhO05MTBbCYOVdK5bCnBImlbV_E1QYVyBxNZ3BXpXGMcxP_H3HacJBXgmyTZOGccHkPGm45G7OGQMmVFxZQAgY3I1EXkftfu-bJKJULQca4dI2a48XmYtEntGlT16FpvR0GqJJOC5L4idxo2osmqwlbdv7YQ1swa3N7Jqg_mTJX9n7tkAF_u6qYl8IlNjZ3ZNx92RTH7M5mtdkJprgyovPWCLg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCED5Of_RSY-jVC4yCjMwP1qGpgAWY_NGxXKqEzOSFAcCNtwEQASAAYKWAgICQAYIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQJAHLB2MyylPuACAKgDAaoEzgJP0FQDYputrVq4mBZC85-yElHjyZS2Jg_7LUTvNGHz-3e9_X4AvWIcWcJ3q-pUyk_FZVRdqw9dTIk_uop2frxQBb8_eNeQaa5uI2LtPq6G1hn684b6CvwKVFmGPHn7xcEa_YbonbbK3OLxSPPjI0YNcKMvkOQqfjwHOH9FNeKXo8RYxlMGNUbpWVqruBJibqFt8AF_TgXmqnLQLEAlES7u22sviP_I3arpqvn0qvyQu97lMsk2h0gdrkLIcjH4tnb7i6c8m-Hesp10qUtZ6h8lxeG8AmerimzhAjWGi1pgwc8lk6dHjERr0V0MKRsA8EsEwztjmVyoUGzoBkxzVUkZEUe_uQUSMhJkrYvoi954WJ_sZdrM5u7XU7k-o_lKoJCNpPtyx7w58l2Vq3sbwbNjigiO_KpWPiHzMOCzeRPO9_B-S3v12Z96l_bF_XVl4AQBgAbumczxoPKew5QBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_09LmVbMVdAq-eVz3MUJsrAaekHTw%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.132 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:35:29 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2003608
expires
Mon, 26 Jul 1997 05:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame 4BCB 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?HPU_cA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-jun-xin-yi-pi-sheng-chang-qi-ban-fei-xing-xue-yuan-jie-ye-you-ge-xin-tu-po.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:35:29 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 0E64 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y1L0fwAC6ugDgwEMAApQ1jR685-xTgtrtLud2w&u=%7CofVbK1XmZRbPu%2FhZt%2FV3fq8L%2B8opEzGA0RmCmiEnt%2B0%3D%7C&c1=0n2XosTo5cliKCnvh9OE5jqZHIJlQ7xgp7yhsEndoSQWtCdBOgT7K4ozbUym4LQBP0pW1DkPG3cqCrmCt---Av6Kjbuz6oDarG3WZ1PjBDpweLK-UsMlDvClDVsbgNGYem2l2F_Zskv2jxgp958pnROz25-dhZto5ES6GUwDdN1NN468diB8wZkUxgu4NZJv0jhS5zWR-jifqd_h4qubI-aNOCkx8vJ8jDe8NZeskPl1Vzt878HaV_cxKr37z9foYp8GTUczxfiGnpa18Vrb0YjPHOEu4u31-h4gjGIM1kei-gMEI1B9fOtTq2pyfOcxX3QK8Cha2n2RBRW_nIelCNVqv_O4LxsYoMA3tlMnJJtL0Eqpp8_ET-G6WtcoQRLp2hwab92Nksh44X41vzVkb_Co8sNaVsBq_zWmd1WNB6dLFZzgQzoCbclDA-K-KhO05MTBbCYOVdK5bCnBImlbV_E1QYVyBxNZ3BXpXGMcxP_H3HacJBXgmyTZOGccHkPGm45G7OGQMmVFxZQAgY3I1EXkftfu-bJKJULQca4dI2a48XmYtEntGlT16FpvR0GqJJOC5L4idxo2osmqwlbdv7YQ1swa3N7Jqg_mTJX9n7tkAF_u6qYl8IlNjZ3ZNx92RTH7M5mtdkJprgyovPWCLg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCED5Of_RSY-jVC4yCjMwP1qGpgAWY_NGxXKqEzOSFAcCNtwEQASAAYKWAgICQAYIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQJAHLB2MyylPuACAKgDAaoEzgJP0FQDYputrVq4mBZC85-yElHjyZS2Jg_7LUTvNGHz-3e9_X4AvWIcWcJ3q-pUyk_FZVRdqw9dTIk_uop2frxQBb8_eNeQaa5uI2LtPq6G1hn684b6CvwKVFmGPHn7xcEa_YbonbbK3OLxSPPjI0YNcKMvkOQqfjwHOH9FNeKXo8RYxlMGNUbpWVqruBJibqFt8AF_TgXmqnLQLEAlES7u22sviP_I3arpqvn0qvyQu97lMsk2h0gdrkLIcjH4tnb7i6c8m-Hesp10qUtZ6h8lxeG8AmerimzhAjWGi1pgwc8lk6dHjERr0V0MKRsA8EsEwztjmVyoUGzoBkxzVUkZEUe_uQUSMhJkrYvoi954WJ_sZdrM5u7XU7k-o_lKoJCNpPtyx7w58l2Vq3sbwbNjigiO_KpWPiHzMOCzeRPO9_B-S3v12Z96l_bF_XVl4AQBgAbumczxoPKew5QBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_09LmVbMVdAq-eVz3MUJsrAaekHTw%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.25.14 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:35:29 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=15780000
age
3188635
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4420
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
75dc6fc83d7a555d-SYD
expires
Wed, 11 Oct 2023 19:35:29 GMT
19b6feaf7bb04307a5ed79d69ca28780_gotham-bold.woff
static.criteo.net/design/dt/ Frame 0E64 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/19b6feaf7bb04307a5ed79d69ca28780_gotham-bold.woff
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y1L0fwAC6ugDgwEMAApQ1jR685-xTgtrtLud2w&u=%7CofVbK1XmZRbPu%2FhZt%2FV3fq8L%2B8opEzGA0RmCmiEnt%2B0%3D%7C&c1=0n2XosTo5cliKCnvh9OE5jqZHIJlQ7xgp7yhsEndoSQWtCdBOgT7K4ozbUym4LQBP0pW1DkPG3cqCrmCt---Av6Kjbuz6oDarG3WZ1PjBDpweLK-UsMlDvClDVsbgNGYem2l2F_Zskv2jxgp958pnROz25-dhZto5ES6GUwDdN1NN468diB8wZkUxgu4NZJv0jhS5zWR-jifqd_h4qubI-aNOCkx8vJ8jDe8NZeskPl1Vzt878HaV_cxKr37z9foYp8GTUczxfiGnpa18Vrb0YjPHOEu4u31-h4gjGIM1kei-gMEI1B9fOtTq2pyfOcxX3QK8Cha2n2RBRW_nIelCNVqv_O4LxsYoMA3tlMnJJtL0Eqpp8_ET-G6WtcoQRLp2hwab92Nksh44X41vzVkb_Co8sNaVsBq_zWmd1WNB6dLFZzgQzoCbclDA-K-KhO05MTBbCYOVdK5bCnBImlbV_E1QYVyBxNZ3BXpXGMcxP_H3HacJBXgmyTZOGccHkPGm45G7OGQMmVFxZQAgY3I1EXkftfu-bJKJULQca4dI2a48XmYtEntGlT16FpvR0GqJJOC5L4idxo2osmqwlbdv7YQ1swa3N7Jqg_mTJX9n7tkAF_u6qYl8IlNjZ3ZNx92RTH7M5mtdkJprgyovPWCLg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCED5Of_RSY-jVC4yCjMwP1qGpgAWY_NGxXKqEzOSFAcCNtwEQASAAYKWAgICQAYIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQJAHLB2MyylPuACAKgDAaoEzgJP0FQDYputrVq4mBZC85-yElHjyZS2Jg_7LUTvNGHz-3e9_X4AvWIcWcJ3q-pUyk_FZVRdqw9dTIk_uop2frxQBb8_eNeQaa5uI2LtPq6G1hn684b6CvwKVFmGPHn7xcEa_YbonbbK3OLxSPPjI0YNcKMvkOQqfjwHOH9FNeKXo8RYxlMGNUbpWVqruBJibqFt8AF_TgXmqnLQLEAlES7u22sviP_I3arpqvn0qvyQu97lMsk2h0gdrkLIcjH4tnb7i6c8m-Hesp10qUtZ6h8lxeG8AmerimzhAjWGi1pgwc8lk6dHjERr0V0MKRsA8EsEwztjmVyoUGzoBkxzVUkZEUe_uQUSMhJkrYvoi954WJ_sZdrM5u7XU7k-o_lKoJCNpPtyx7w58l2Vq3sbwbNjigiO_KpWPiHzMOCzeRPO9_B-S3v12Z96l_bF_XVl4AQBgAbumczxoPKew5QBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_09LmVbMVdAq-eVz3MUJsrAaekHTw%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
f9d374ef87ca2b8179870daa8739f8b060fc77446a4109ec87dc523bd8059ea4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
Origin
https://ads.as.criteo.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:35:29 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 01 Dec 2017 12:57:30 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5a2151ba-3b68"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 16 Oct 2023 19:35:29 GMT
b4338c429b884dd1a41cf5d47720754c_gotham-regular.woff
static.criteo.net/design/dt/ Frame 0E64 		31 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/b4338c429b884dd1a41cf5d47720754c_gotham-regular.woff
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y1L0fwAC6ugDgwEMAApQ1jR685-xTgtrtLud2w&u=%7CofVbK1XmZRbPu%2FhZt%2FV3fq8L%2B8opEzGA0RmCmiEnt%2B0%3D%7C&c1=0n2XosTo5cliKCnvh9OE5jqZHIJlQ7xgp7yhsEndoSQWtCdBOgT7K4ozbUym4LQBP0pW1DkPG3cqCrmCt---Av6Kjbuz6oDarG3WZ1PjBDpweLK-UsMlDvClDVsbgNGYem2l2F_Zskv2jxgp958pnROz25-dhZto5ES6GUwDdN1NN468diB8wZkUxgu4NZJv0jhS5zWR-jifqd_h4qubI-aNOCkx8vJ8jDe8NZeskPl1Vzt878HaV_cxKr37z9foYp8GTUczxfiGnpa18Vrb0YjPHOEu4u31-h4gjGIM1kei-gMEI1B9fOtTq2pyfOcxX3QK8Cha2n2RBRW_nIelCNVqv_O4LxsYoMA3tlMnJJtL0Eqpp8_ET-G6WtcoQRLp2hwab92Nksh44X41vzVkb_Co8sNaVsBq_zWmd1WNB6dLFZzgQzoCbclDA-K-KhO05MTBbCYOVdK5bCnBImlbV_E1QYVyBxNZ3BXpXGMcxP_H3HacJBXgmyTZOGccHkPGm45G7OGQMmVFxZQAgY3I1EXkftfu-bJKJULQca4dI2a48XmYtEntGlT16FpvR0GqJJOC5L4idxo2osmqwlbdv7YQ1swa3N7Jqg_mTJX9n7tkAF_u6qYl8IlNjZ3ZNx92RTH7M5mtdkJprgyovPWCLg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCED5Of_RSY-jVC4yCjMwP1qGpgAWY_NGxXKqEzOSFAcCNtwEQASAAYKWAgICQAYIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQJAHLB2MyylPuACAKgDAaoEzgJP0FQDYputrVq4mBZC85-yElHjyZS2Jg_7LUTvNGHz-3e9_X4AvWIcWcJ3q-pUyk_FZVRdqw9dTIk_uop2frxQBb8_eNeQaa5uI2LtPq6G1hn684b6CvwKVFmGPHn7xcEa_YbonbbK3OLxSPPjI0YNcKMvkOQqfjwHOH9FNeKXo8RYxlMGNUbpWVqruBJibqFt8AF_TgXmqnLQLEAlES7u22sviP_I3arpqvn0qvyQu97lMsk2h0gdrkLIcjH4tnb7i6c8m-Hesp10qUtZ6h8lxeG8AmerimzhAjWGi1pgwc8lk6dHjERr0V0MKRsA8EsEwztjmVyoUGzoBkxzVUkZEUe_uQUSMhJkrYvoi954WJ_sZdrM5u7XU7k-o_lKoJCNpPtyx7w58l2Vq3sbwbNjigiO_KpWPiHzMOCzeRPO9_B-S3v12Z96l_bF_XVl4AQBgAbumczxoPKew5QBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_09LmVbMVdAq-eVz3MUJsrAaekHTw%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
af4b954cf45e99d5eccbea113dc2b66799cf8db96c3e8dfc33d145398743727b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
Origin
https://ads.as.criteo.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:35:29 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Mon, 30 Oct 2017 21:00:07 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"59f792d7-7a00"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 16 Oct 2023 19:35:29 GMT
generate_204
tpc.googlesyndication.com/ Frame 6854 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?7Wv4sg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-jun-xin-yi-pi-sheng-chang-qi-ban-fei-xing-xue-yuan-jie-ye-you-ge-xin-tu-po.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:35:29 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
animejs.js
static.criteo.net/animejs/ Frame 0E64 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y1L0fwAC6ugDgwEMAApQ1jR685-xTgtrtLud2w&u=%7CofVbK1XmZRbPu%2FhZt%2FV3fq8L%2B8opEzGA0RmCmiEnt%2B0%3D%7C&c1=0n2XosTo5cliKCnvh9OE5jqZHIJlQ7xgp7yhsEndoSQWtCdBOgT7K4ozbUym4LQBP0pW1DkPG3cqCrmCt---Av6Kjbuz6oDarG3WZ1PjBDpweLK-UsMlDvClDVsbgNGYem2l2F_Zskv2jxgp958pnROz25-dhZto5ES6GUwDdN1NN468diB8wZkUxgu4NZJv0jhS5zWR-jifqd_h4qubI-aNOCkx8vJ8jDe8NZeskPl1Vzt878HaV_cxKr37z9foYp8GTUczxfiGnpa18Vrb0YjPHOEu4u31-h4gjGIM1kei-gMEI1B9fOtTq2pyfOcxX3QK8Cha2n2RBRW_nIelCNVqv_O4LxsYoMA3tlMnJJtL0Eqpp8_ET-G6WtcoQRLp2hwab92Nksh44X41vzVkb_Co8sNaVsBq_zWmd1WNB6dLFZzgQzoCbclDA-K-KhO05MTBbCYOVdK5bCnBImlbV_E1QYVyBxNZ3BXpXGMcxP_H3HacJBXgmyTZOGccHkPGm45G7OGQMmVFxZQAgY3I1EXkftfu-bJKJULQca4dI2a48XmYtEntGlT16FpvR0GqJJOC5L4idxo2osmqwlbdv7YQ1swa3N7Jqg_mTJX9n7tkAF_u6qYl8IlNjZ3ZNx92RTH7M5mtdkJprgyovPWCLg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCED5Of_RSY-jVC4yCjMwP1qGpgAWY_NGxXKqEzOSFAcCNtwEQASAAYKWAgICQAYIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQJAHLB2MyylPuACAKgDAaoEzgJP0FQDYputrVq4mBZC85-yElHjyZS2Jg_7LUTvNGHz-3e9_X4AvWIcWcJ3q-pUyk_FZVRdqw9dTIk_uop2frxQBb8_eNeQaa5uI2LtPq6G1hn684b6CvwKVFmGPHn7xcEa_YbonbbK3OLxSPPjI0YNcKMvkOQqfjwHOH9FNeKXo8RYxlMGNUbpWVqruBJibqFt8AF_TgXmqnLQLEAlES7u22sviP_I3arpqvn0qvyQu97lMsk2h0gdrkLIcjH4tnb7i6c8m-Hesp10qUtZ6h8lxeG8AmerimzhAjWGi1pgwc8lk6dHjERr0V0MKRsA8EsEwztjmVyoUGzoBkxzVUkZEUe_uQUSMhJkrYvoi954WJ_sZdrM5u7XU7k-o_lKoJCNpPtyx7w58l2Vq3sbwbNjigiO_KpWPiHzMOCzeRPO9_B-S3v12Z96l_bF_XVl4AQBgAbumczxoPKew5QBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_09LmVbMVdAq-eVz3MUJsrAaekHTw%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:35:29 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 16 Oct 2023 19:35:29 GMT
2b2d52d0bfb14c81b3a63185f6a9b05f_cpn_120x600_1.gif
static.criteo.net/design/dt/39665/220428/ Frame 0E64 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/design/dt/39665/220428/2b2d52d0bfb14c81b3a63185f6a9b05f_cpn_120x600_1.gif
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y1L0fwAC6ugDgwEMAApQ1jR685-xTgtrtLud2w&u=%7CofVbK1XmZRbPu%2FhZt%2FV3fq8L%2B8opEzGA0RmCmiEnt%2B0%3D%7C&c1=0n2XosTo5cliKCnvh9OE5jqZHIJlQ7xgp7yhsEndoSQWtCdBOgT7K4ozbUym4LQBP0pW1DkPG3cqCrmCt---Av6Kjbuz6oDarG3WZ1PjBDpweLK-UsMlDvClDVsbgNGYem2l2F_Zskv2jxgp958pnROz25-dhZto5ES6GUwDdN1NN468diB8wZkUxgu4NZJv0jhS5zWR-jifqd_h4qubI-aNOCkx8vJ8jDe8NZeskPl1Vzt878HaV_cxKr37z9foYp8GTUczxfiGnpa18Vrb0YjPHOEu4u31-h4gjGIM1kei-gMEI1B9fOtTq2pyfOcxX3QK8Cha2n2RBRW_nIelCNVqv_O4LxsYoMA3tlMnJJtL0Eqpp8_ET-G6WtcoQRLp2hwab92Nksh44X41vzVkb_Co8sNaVsBq_zWmd1WNB6dLFZzgQzoCbclDA-K-KhO05MTBbCYOVdK5bCnBImlbV_E1QYVyBxNZ3BXpXGMcxP_H3HacJBXgmyTZOGccHkPGm45G7OGQMmVFxZQAgY3I1EXkftfu-bJKJULQca4dI2a48XmYtEntGlT16FpvR0GqJJOC5L4idxo2osmqwlbdv7YQ1swa3N7Jqg_mTJX9n7tkAF_u6qYl8IlNjZ3ZNx92RTH7M5mtdkJprgyovPWCLg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCED5Of_RSY-jVC4yCjMwP1qGpgAWY_NGxXKqEzOSFAcCNtwEQASAAYKWAgICQAYIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQJAHLB2MyylPuACAKgDAaoEzgJP0FQDYputrVq4mBZC85-yElHjyZS2Jg_7LUTvNGHz-3e9_X4AvWIcWcJ3q-pUyk_FZVRdqw9dTIk_uop2frxQBb8_eNeQaa5uI2LtPq6G1hn684b6CvwKVFmGPHn7xcEa_YbonbbK3OLxSPPjI0YNcKMvkOQqfjwHOH9FNeKXo8RYxlMGNUbpWVqruBJibqFt8AF_TgXmqnLQLEAlES7u22sviP_I3arpqvn0qvyQu97lMsk2h0gdrkLIcjH4tnb7i6c8m-Hesp10qUtZ6h8lxeG8AmerimzhAjWGi1pgwc8lk6dHjERr0V0MKRsA8EsEwztjmVyoUGzoBkxzVUkZEUe_uQUSMhJkrYvoi954WJ_sZdrM5u7XU7k-o_lKoJCNpPtyx7w58l2Vq3sbwbNjigiO_KpWPiHzMOCzeRPO9_B-S3v12Z96l_bF_XVl4AQBgAbumczxoPKew5QBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_09LmVbMVdAq-eVz3MUJsrAaekHTw%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
69f12d85abfad64d722551b2a4d1abfb01e78a19a8c642a81010ba10850ed0e2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:35:29 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 14:51:49 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626aaa05-7332"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
29490
expires
Mon, 16 Oct 2023 19:35:29 GMT
img
pix.as.criteo.net/img/ Frame 0E64 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?h=110&m=0&partner=39665&q=80&r=0&u=http%3A%2F%2Fstatic.sg1.as.criteo.net%2Fdesign%2Fdt%2F39665%2F191118%2F27cc28017e0243f0b4a42882567130ea_logo_n_vertical.png&v=3&w=236&s=gyImudN-PISyWJF03NFUyGUp
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y1L0fwAC6ugDgwEMAApQ1jR685-xTgtrtLud2w&u=%7CofVbK1XmZRbPu%2FhZt%2FV3fq8L%2B8opEzGA0RmCmiEnt%2B0%3D%7C&c1=0n2XosTo5cliKCnvh9OE5jqZHIJlQ7xgp7yhsEndoSQWtCdBOgT7K4ozbUym4LQBP0pW1DkPG3cqCrmCt---Av6Kjbuz6oDarG3WZ1PjBDpweLK-UsMlDvClDVsbgNGYem2l2F_Zskv2jxgp958pnROz25-dhZto5ES6GUwDdN1NN468diB8wZkUxgu4NZJv0jhS5zWR-jifqd_h4qubI-aNOCkx8vJ8jDe8NZeskPl1Vzt878HaV_cxKr37z9foYp8GTUczxfiGnpa18Vrb0YjPHOEu4u31-h4gjGIM1kei-gMEI1B9fOtTq2pyfOcxX3QK8Cha2n2RBRW_nIelCNVqv_O4LxsYoMA3tlMnJJtL0Eqpp8_ET-G6WtcoQRLp2hwab92Nksh44X41vzVkb_Co8sNaVsBq_zWmd1WNB6dLFZzgQzoCbclDA-K-KhO05MTBbCYOVdK5bCnBImlbV_E1QYVyBxNZ3BXpXGMcxP_H3HacJBXgmyTZOGccHkPGm45G7OGQMmVFxZQAgY3I1EXkftfu-bJKJULQca4dI2a48XmYtEntGlT16FpvR0GqJJOC5L4idxo2osmqwlbdv7YQ1swa3N7Jqg_mTJX9n7tkAF_u6qYl8IlNjZ3ZNx92RTH7M5mtdkJprgyovPWCLg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCED5Of_RSY-jVC4yCjMwP1qGpgAWY_NGxXKqEzOSFAcCNtwEQASAAYKWAgICQAYIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQJAHLB2MyylPuACAKgDAaoEzgJP0FQDYputrVq4mBZC85-yElHjyZS2Jg_7LUTvNGHz-3e9_X4AvWIcWcJ3q-pUyk_FZVRdqw9dTIk_uop2frxQBb8_eNeQaa5uI2LtPq6G1hn684b6CvwKVFmGPHn7xcEa_YbonbbK3OLxSPPjI0YNcKMvkOQqfjwHOH9FNeKXo8RYxlMGNUbpWVqruBJibqFt8AF_TgXmqnLQLEAlES7u22sviP_I3arpqvn0qvyQu97lMsk2h0gdrkLIcjH4tnb7i6c8m-Hesp10qUtZ6h8lxeG8AmerimzhAjWGi1pgwc8lk6dHjERr0V0MKRsA8EsEwztjmVyoUGzoBkxzVUkZEUe_uQUSMhJkrYvoi954WJ_sZdrM5u7XU7k-o_lKoJCNpPtyx7w58l2Vq3sbwbNjigiO_KpWPiHzMOCzeRPO9_B-S3v12Z96l_bF_XVl4AQBgAbumczxoPKew5QBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_09LmVbMVdAq-eVz3MUJsrAaekHTw%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
ec02e823e01d1232cee2790c6af67c336c7d7381a961157538d42bc49bc35502
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:35:29 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=26643391
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
5101
expires
Sat, 26 Aug 2023 04:32:01 GMT
img
pix.as.criteo.net/img/ Frame 0E64 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=39665&q=80&r=0&u=https%3A%2F%2Fi8.amplience.net%2Ft%2Fjpl%2Fjd_product_list%3Fplu%3Djd_365069_al&v=3&w=400&s=CIUAnSFq-8yMlQfXrVmxAPAo&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y1L0fwAC6ugDgwEMAApQ1jR685-xTgtrtLud2w&u=%7CofVbK1XmZRbPu%2FhZt%2FV3fq8L%2B8opEzGA0RmCmiEnt%2B0%3D%7C&c1=0n2XosTo5cliKCnvh9OE5jqZHIJlQ7xgp7yhsEndoSQWtCdBOgT7K4ozbUym4LQBP0pW1DkPG3cqCrmCt---Av6Kjbuz6oDarG3WZ1PjBDpweLK-UsMlDvClDVsbgNGYem2l2F_Zskv2jxgp958pnROz25-dhZto5ES6GUwDdN1NN468diB8wZkUxgu4NZJv0jhS5zWR-jifqd_h4qubI-aNOCkx8vJ8jDe8NZeskPl1Vzt878HaV_cxKr37z9foYp8GTUczxfiGnpa18Vrb0YjPHOEu4u31-h4gjGIM1kei-gMEI1B9fOtTq2pyfOcxX3QK8Cha2n2RBRW_nIelCNVqv_O4LxsYoMA3tlMnJJtL0Eqpp8_ET-G6WtcoQRLp2hwab92Nksh44X41vzVkb_Co8sNaVsBq_zWmd1WNB6dLFZzgQzoCbclDA-K-KhO05MTBbCYOVdK5bCnBImlbV_E1QYVyBxNZ3BXpXGMcxP_H3HacJBXgmyTZOGccHkPGm45G7OGQMmVFxZQAgY3I1EXkftfu-bJKJULQca4dI2a48XmYtEntGlT16FpvR0GqJJOC5L4idxo2osmqwlbdv7YQ1swa3N7Jqg_mTJX9n7tkAF_u6qYl8IlNjZ3ZNx92RTH7M5mtdkJprgyovPWCLg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCED5Of_RSY-jVC4yCjMwP1qGpgAWY_NGxXKqEzOSFAcCNtwEQASAAYKWAgICQAYIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQJAHLB2MyylPuACAKgDAaoEzgJP0FQDYputrVq4mBZC85-yElHjyZS2Jg_7LUTvNGHz-3e9_X4AvWIcWcJ3q-pUyk_FZVRdqw9dTIk_uop2frxQBb8_eNeQaa5uI2LtPq6G1hn684b6CvwKVFmGPHn7xcEa_YbonbbK3OLxSPPjI0YNcKMvkOQqfjwHOH9FNeKXo8RYxlMGNUbpWVqruBJibqFt8AF_TgXmqnLQLEAlES7u22sviP_I3arpqvn0qvyQu97lMsk2h0gdrkLIcjH4tnb7i6c8m-Hesp10qUtZ6h8lxeG8AmerimzhAjWGi1pgwc8lk6dHjERr0V0MKRsA8EsEwztjmVyoUGzoBkxzVUkZEUe_uQUSMhJkrYvoi954WJ_sZdrM5u7XU7k-o_lKoJCNpPtyx7w58l2Vq3sbwbNjigiO_KpWPiHzMOCzeRPO9_B-S3v12Z96l_bF_XVl4AQBgAbumczxoPKew5QBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_09LmVbMVdAq-eVz3MUJsrAaekHTw%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
bdfe0e6d1a1df677c36d88f7d6b16828eb3b5e288f940761617ce96b32b6f856
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:35:29 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
6594
expires
Fri, 21 Oct 2022 19:35:29 GMT
img
pix.as.criteo.net/img/ Frame 0E64 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=39665&q=80&r=0&u=https%3A%2F%2Fi8.amplience.net%2Ft%2Fjpl%2Fjd_product_list%3Fplu%3Djd_60243555_C_0041_al&v=3&w=400&s=YkFIYTXXql_jd90RM85-3W4P&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y1L0fwAC6ugDgwEMAApQ1jR685-xTgtrtLud2w&u=%7CofVbK1XmZRbPu%2FhZt%2FV3fq8L%2B8opEzGA0RmCmiEnt%2B0%3D%7C&c1=0n2XosTo5cliKCnvh9OE5jqZHIJlQ7xgp7yhsEndoSQWtCdBOgT7K4ozbUym4LQBP0pW1DkPG3cqCrmCt---Av6Kjbuz6oDarG3WZ1PjBDpweLK-UsMlDvClDVsbgNGYem2l2F_Zskv2jxgp958pnROz25-dhZto5ES6GUwDdN1NN468diB8wZkUxgu4NZJv0jhS5zWR-jifqd_h4qubI-aNOCkx8vJ8jDe8NZeskPl1Vzt878HaV_cxKr37z9foYp8GTUczxfiGnpa18Vrb0YjPHOEu4u31-h4gjGIM1kei-gMEI1B9fOtTq2pyfOcxX3QK8Cha2n2RBRW_nIelCNVqv_O4LxsYoMA3tlMnJJtL0Eqpp8_ET-G6WtcoQRLp2hwab92Nksh44X41vzVkb_Co8sNaVsBq_zWmd1WNB6dLFZzgQzoCbclDA-K-KhO05MTBbCYOVdK5bCnBImlbV_E1QYVyBxNZ3BXpXGMcxP_H3HacJBXgmyTZOGccHkPGm45G7OGQMmVFxZQAgY3I1EXkftfu-bJKJULQca4dI2a48XmYtEntGlT16FpvR0GqJJOC5L4idxo2osmqwlbdv7YQ1swa3N7Jqg_mTJX9n7tkAF_u6qYl8IlNjZ3ZNx92RTH7M5mtdkJprgyovPWCLg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCED5Of_RSY-jVC4yCjMwP1qGpgAWY_NGxXKqEzOSFAcCNtwEQASAAYKWAgICQAYIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQJAHLB2MyylPuACAKgDAaoEzgJP0FQDYputrVq4mBZC85-yElHjyZS2Jg_7LUTvNGHz-3e9_X4AvWIcWcJ3q-pUyk_FZVRdqw9dTIk_uop2frxQBb8_eNeQaa5uI2LtPq6G1hn684b6CvwKVFmGPHn7xcEa_YbonbbK3OLxSPPjI0YNcKMvkOQqfjwHOH9FNeKXo8RYxlMGNUbpWVqruBJibqFt8AF_TgXmqnLQLEAlES7u22sviP_I3arpqvn0qvyQu97lMsk2h0gdrkLIcjH4tnb7i6c8m-Hesp10qUtZ6h8lxeG8AmerimzhAjWGi1pgwc8lk6dHjERr0V0MKRsA8EsEwztjmVyoUGzoBkxzVUkZEUe_uQUSMhJkrYvoi954WJ_sZdrM5u7XU7k-o_lKoJCNpPtyx7w58l2Vq3sbwbNjigiO_KpWPiHzMOCzeRPO9_B-S3v12Z96l_bF_XVl4AQBgAbumczxoPKew5QBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_09LmVbMVdAq-eVz3MUJsrAaekHTw%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
74d61144580d5aadf123c1e89fab1063ce5197a1a00af3798d3526a56f0b66e8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:35:29 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
18398
expires
Fri, 21 Oct 2022 19:35:29 GMT
img
pix.as.criteo.net/img/ Frame 0E64 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=39665&q=80&r=0&u=https%3A%2F%2Fi8.amplience.net%2Ft%2Fjpl%2Fjd_product_list%3Fplu%3Djd_210753_al&v=3&w=400&s=N-0eFnQujTzA_ph823BdqjD-&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y1L0fwAC6ugDgwEMAApQ1jR685-xTgtrtLud2w&u=%7CofVbK1XmZRbPu%2FhZt%2FV3fq8L%2B8opEzGA0RmCmiEnt%2B0%3D%7C&c1=0n2XosTo5cliKCnvh9OE5jqZHIJlQ7xgp7yhsEndoSQWtCdBOgT7K4ozbUym4LQBP0pW1DkPG3cqCrmCt---Av6Kjbuz6oDarG3WZ1PjBDpweLK-UsMlDvClDVsbgNGYem2l2F_Zskv2jxgp958pnROz25-dhZto5ES6GUwDdN1NN468diB8wZkUxgu4NZJv0jhS5zWR-jifqd_h4qubI-aNOCkx8vJ8jDe8NZeskPl1Vzt878HaV_cxKr37z9foYp8GTUczxfiGnpa18Vrb0YjPHOEu4u31-h4gjGIM1kei-gMEI1B9fOtTq2pyfOcxX3QK8Cha2n2RBRW_nIelCNVqv_O4LxsYoMA3tlMnJJtL0Eqpp8_ET-G6WtcoQRLp2hwab92Nksh44X41vzVkb_Co8sNaVsBq_zWmd1WNB6dLFZzgQzoCbclDA-K-KhO05MTBbCYOVdK5bCnBImlbV_E1QYVyBxNZ3BXpXGMcxP_H3HacJBXgmyTZOGccHkPGm45G7OGQMmVFxZQAgY3I1EXkftfu-bJKJULQca4dI2a48XmYtEntGlT16FpvR0GqJJOC5L4idxo2osmqwlbdv7YQ1swa3N7Jqg_mTJX9n7tkAF_u6qYl8IlNjZ3ZNx92RTH7M5mtdkJprgyovPWCLg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCED5Of_RSY-jVC4yCjMwP1qGpgAWY_NGxXKqEzOSFAcCNtwEQASAAYKWAgICQAYIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQJAHLB2MyylPuACAKgDAaoEzgJP0FQDYputrVq4mBZC85-yElHjyZS2Jg_7LUTvNGHz-3e9_X4AvWIcWcJ3q-pUyk_FZVRdqw9dTIk_uop2frxQBb8_eNeQaa5uI2LtPq6G1hn684b6CvwKVFmGPHn7xcEa_YbonbbK3OLxSPPjI0YNcKMvkOQqfjwHOH9FNeKXo8RYxlMGNUbpWVqruBJibqFt8AF_TgXmqnLQLEAlES7u22sviP_I3arpqvn0qvyQu97lMsk2h0gdrkLIcjH4tnb7i6c8m-Hesp10qUtZ6h8lxeG8AmerimzhAjWGi1pgwc8lk6dHjERr0V0MKRsA8EsEwztjmVyoUGzoBkxzVUkZEUe_uQUSMhJkrYvoi954WJ_sZdrM5u7XU7k-o_lKoJCNpPtyx7w58l2Vq3sbwbNjigiO_KpWPiHzMOCzeRPO9_B-S3v12Z96l_bF_XVl4AQBgAbumczxoPKew5QBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_09LmVbMVdAq-eVz3MUJsrAaekHTw%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
b10288ffd4a63305211a25cee922aec7cb52e3b27b1a8cda9d12dff818d75ccf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:35:28 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
10708
expires
Fri, 21 Oct 2022 19:35:29 GMT
img
pix.as.criteo.net/img/ Frame 0E64 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=39665&q=80&r=0&u=https%3A%2F%2Fi8.amplience.net%2Ft%2Fjpl%2Fjd_product_list%3Fplu%3Djd_535621_al&v=3&w=400&s=rFgs-oniE8XN3olo0azBsLBL&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y1L0fwAC6ugDgwEMAApQ1jR685-xTgtrtLud2w&u=%7CofVbK1XmZRbPu%2FhZt%2FV3fq8L%2B8opEzGA0RmCmiEnt%2B0%3D%7C&c1=0n2XosTo5cliKCnvh9OE5jqZHIJlQ7xgp7yhsEndoSQWtCdBOgT7K4ozbUym4LQBP0pW1DkPG3cqCrmCt---Av6Kjbuz6oDarG3WZ1PjBDpweLK-UsMlDvClDVsbgNGYem2l2F_Zskv2jxgp958pnROz25-dhZto5ES6GUwDdN1NN468diB8wZkUxgu4NZJv0jhS5zWR-jifqd_h4qubI-aNOCkx8vJ8jDe8NZeskPl1Vzt878HaV_cxKr37z9foYp8GTUczxfiGnpa18Vrb0YjPHOEu4u31-h4gjGIM1kei-gMEI1B9fOtTq2pyfOcxX3QK8Cha2n2RBRW_nIelCNVqv_O4LxsYoMA3tlMnJJtL0Eqpp8_ET-G6WtcoQRLp2hwab92Nksh44X41vzVkb_Co8sNaVsBq_zWmd1WNB6dLFZzgQzoCbclDA-K-KhO05MTBbCYOVdK5bCnBImlbV_E1QYVyBxNZ3BXpXGMcxP_H3HacJBXgmyTZOGccHkPGm45G7OGQMmVFxZQAgY3I1EXkftfu-bJKJULQca4dI2a48XmYtEntGlT16FpvR0GqJJOC5L4idxo2osmqwlbdv7YQ1swa3N7Jqg_mTJX9n7tkAF_u6qYl8IlNjZ3ZNx92RTH7M5mtdkJprgyovPWCLg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCED5Of_RSY-jVC4yCjMwP1qGpgAWY_NGxXKqEzOSFAcCNtwEQASAAYKWAgICQAYIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQJAHLB2MyylPuACAKgDAaoEzgJP0FQDYputrVq4mBZC85-yElHjyZS2Jg_7LUTvNGHz-3e9_X4AvWIcWcJ3q-pUyk_FZVRdqw9dTIk_uop2frxQBb8_eNeQaa5uI2LtPq6G1hn684b6CvwKVFmGPHn7xcEa_YbonbbK3OLxSPPjI0YNcKMvkOQqfjwHOH9FNeKXo8RYxlMGNUbpWVqruBJibqFt8AF_TgXmqnLQLEAlES7u22sviP_I3arpqvn0qvyQu97lMsk2h0gdrkLIcjH4tnb7i6c8m-Hesp10qUtZ6h8lxeG8AmerimzhAjWGi1pgwc8lk6dHjERr0V0MKRsA8EsEwztjmVyoUGzoBkxzVUkZEUe_uQUSMhJkrYvoi954WJ_sZdrM5u7XU7k-o_lKoJCNpPtyx7w58l2Vq3sbwbNjigiO_KpWPiHzMOCzeRPO9_B-S3v12Z96l_bF_XVl4AQBgAbumczxoPKew5QBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_09LmVbMVdAq-eVz3MUJsrAaekHTw%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
6d922d9796792c6eaae90a015f4ff71ddefc3bf06f0acd9ceaae8c2dd5cdd56e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:35:29 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
5642
expires
Fri, 21 Oct 2022 19:35:29 GMT
img
pix.as.criteo.net/img/ Frame 0E64 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=39665&q=80&r=0&u=https%3A%2F%2Fi8.amplience.net%2Ft%2Fjpl%2Fjd_product_list%3Fplu%3Djd_412545_al&v=3&w=400&s=Lw8WxNVi8m7Furt2h36yamBU&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y1L0fwAC6ugDgwEMAApQ1jR685-xTgtrtLud2w&u=%7CofVbK1XmZRbPu%2FhZt%2FV3fq8L%2B8opEzGA0RmCmiEnt%2B0%3D%7C&c1=0n2XosTo5cliKCnvh9OE5jqZHIJlQ7xgp7yhsEndoSQWtCdBOgT7K4ozbUym4LQBP0pW1DkPG3cqCrmCt---Av6Kjbuz6oDarG3WZ1PjBDpweLK-UsMlDvClDVsbgNGYem2l2F_Zskv2jxgp958pnROz25-dhZto5ES6GUwDdN1NN468diB8wZkUxgu4NZJv0jhS5zWR-jifqd_h4qubI-aNOCkx8vJ8jDe8NZeskPl1Vzt878HaV_cxKr37z9foYp8GTUczxfiGnpa18Vrb0YjPHOEu4u31-h4gjGIM1kei-gMEI1B9fOtTq2pyfOcxX3QK8Cha2n2RBRW_nIelCNVqv_O4LxsYoMA3tlMnJJtL0Eqpp8_ET-G6WtcoQRLp2hwab92Nksh44X41vzVkb_Co8sNaVsBq_zWmd1WNB6dLFZzgQzoCbclDA-K-KhO05MTBbCYOVdK5bCnBImlbV_E1QYVyBxNZ3BXpXGMcxP_H3HacJBXgmyTZOGccHkPGm45G7OGQMmVFxZQAgY3I1EXkftfu-bJKJULQca4dI2a48XmYtEntGlT16FpvR0GqJJOC5L4idxo2osmqwlbdv7YQ1swa3N7Jqg_mTJX9n7tkAF_u6qYl8IlNjZ3ZNx92RTH7M5mtdkJprgyovPWCLg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCED5Of_RSY-jVC4yCjMwP1qGpgAWY_NGxXKqEzOSFAcCNtwEQASAAYKWAgICQAYIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQJAHLB2MyylPuACAKgDAaoEzgJP0FQDYputrVq4mBZC85-yElHjyZS2Jg_7LUTvNGHz-3e9_X4AvWIcWcJ3q-pUyk_FZVRdqw9dTIk_uop2frxQBb8_eNeQaa5uI2LtPq6G1hn684b6CvwKVFmGPHn7xcEa_YbonbbK3OLxSPPjI0YNcKMvkOQqfjwHOH9FNeKXo8RYxlMGNUbpWVqruBJibqFt8AF_TgXmqnLQLEAlES7u22sviP_I3arpqvn0qvyQu97lMsk2h0gdrkLIcjH4tnb7i6c8m-Hesp10qUtZ6h8lxeG8AmerimzhAjWGi1pgwc8lk6dHjERr0V0MKRsA8EsEwztjmVyoUGzoBkxzVUkZEUe_uQUSMhJkrYvoi954WJ_sZdrM5u7XU7k-o_lKoJCNpPtyx7w58l2Vq3sbwbNjigiO_KpWPiHzMOCzeRPO9_B-S3v12Z96l_bF_XVl4AQBgAbumczxoPKew5QBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_09LmVbMVdAq-eVz3MUJsrAaekHTw%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
d8bfaf509aa8d228db427b982894e920c816a6ae9e0c4297c9d303b53c93905e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:35:29 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
10722
expires
Fri, 21 Oct 2022 19:35:29 GMT
all
csm.as.criteo.net/ Frame 0E64 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.as.criteo.net/all?cppv=3&cpp=owVA_MqSHJ8APN0_Kmzmtm_iePB8w-qAJnYhWga3buyEx8pQlRS699XI57FwMHfQDNeI75ymn3dMHmHoJxhnN1BeV9HMy0ZXax-odzd70MBm3wKj3RkG03gKzaxuiJXIpW4rhqiKwvcUFBQ3WzimaawXV_qpBlz274BJ0ngyx_u-eczucCCyMPjrxAR3Qe10NtVMsGhl7TarvmbB8_zotINtmv9FqkYCGFMg2gnI_i0BYgIGIvSnan4Yr7Q7iC5ZTTH_Izvwns1nRmxC&sds=2&rev=83153&sendBeacon=true
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y1L0fwAC6ugDgwEMAApQ1jR685-xTgtrtLud2w&u=%7CofVbK1XmZRbPu%2FhZt%2FV3fq8L%2B8opEzGA0RmCmiEnt%2B0%3D%7C&c1=0n2XosTo5cliKCnvh9OE5jqZHIJlQ7xgp7yhsEndoSQWtCdBOgT7K4ozbUym4LQBP0pW1DkPG3cqCrmCt---Av6Kjbuz6oDarG3WZ1PjBDpweLK-UsMlDvClDVsbgNGYem2l2F_Zskv2jxgp958pnROz25-dhZto5ES6GUwDdN1NN468diB8wZkUxgu4NZJv0jhS5zWR-jifqd_h4qubI-aNOCkx8vJ8jDe8NZeskPl1Vzt878HaV_cxKr37z9foYp8GTUczxfiGnpa18Vrb0YjPHOEu4u31-h4gjGIM1kei-gMEI1B9fOtTq2pyfOcxX3QK8Cha2n2RBRW_nIelCNVqv_O4LxsYoMA3tlMnJJtL0Eqpp8_ET-G6WtcoQRLp2hwab92Nksh44X41vzVkb_Co8sNaVsBq_zWmd1WNB6dLFZzgQzoCbclDA-K-KhO05MTBbCYOVdK5bCnBImlbV_E1QYVyBxNZ3BXpXGMcxP_H3HacJBXgmyTZOGccHkPGm45G7OGQMmVFxZQAgY3I1EXkftfu-bJKJULQca4dI2a48XmYtEntGlT16FpvR0GqJJOC5L4idxo2osmqwlbdv7YQ1swa3N7Jqg_mTJX9n7tkAF_u6qYl8IlNjZ3ZNx92RTH7M5mtdkJprgyovPWCLg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCED5Of_RSY-jVC4yCjMwP1qGpgAWY_NGxXKqEzOSFAcCNtwEQASAAYKWAgICQAYIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQJAHLB2MyylPuACAKgDAaoEzgJP0FQDYputrVq4mBZC85-yElHjyZS2Jg_7LUTvNGHz-3e9_X4AvWIcWcJ3q-pUyk_FZVRdqw9dTIk_uop2frxQBb8_eNeQaa5uI2LtPq6G1hn684b6CvwKVFmGPHn7xcEa_YbonbbK3OLxSPPjI0YNcKMvkOQqfjwHOH9FNeKXo8RYxlMGNUbpWVqruBJibqFt8AF_TgXmqnLQLEAlES7u22sviP_I3arpqvn0qvyQu97lMsk2h0gdrkLIcjH4tnb7i6c8m-Hesp10qUtZ6h8lxeG8AmerimzhAjWGi1pgwc8lk6dHjERr0V0MKRsA8EsEwztjmVyoUGzoBkxzVUkZEUe_uQUSMhJkrYvoi954WJ_sZdrM5u7XU7k-o_lKoJCNpPtyx7w58l2Vq3sbwbNjigiO_KpWPiHzMOCzeRPO9_B-S3v12Z96l_bF_XVl4AQBgAbumczxoPKew5QBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_09LmVbMVdAq-eVz3MUJsrAaekHTw%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.142 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 21 Oct 2022 19:35:29 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 0E64 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y1L0fwAC6ugDgwEMAApQ1jR685-xTgtrtLud2w&u=%7CofVbK1XmZRbPu%2FhZt%2FV3fq8L%2B8opEzGA0RmCmiEnt%2B0%3D%7C&c1=0n2XosTo5cliKCnvh9OE5jqZHIJlQ7xgp7yhsEndoSQWtCdBOgT7K4ozbUym4LQBP0pW1DkPG3cqCrmCt---Av6Kjbuz6oDarG3WZ1PjBDpweLK-UsMlDvClDVsbgNGYem2l2F_Zskv2jxgp958pnROz25-dhZto5ES6GUwDdN1NN468diB8wZkUxgu4NZJv0jhS5zWR-jifqd_h4qubI-aNOCkx8vJ8jDe8NZeskPl1Vzt878HaV_cxKr37z9foYp8GTUczxfiGnpa18Vrb0YjPHOEu4u31-h4gjGIM1kei-gMEI1B9fOtTq2pyfOcxX3QK8Cha2n2RBRW_nIelCNVqv_O4LxsYoMA3tlMnJJtL0Eqpp8_ET-G6WtcoQRLp2hwab92Nksh44X41vzVkb_Co8sNaVsBq_zWmd1WNB6dLFZzgQzoCbclDA-K-KhO05MTBbCYOVdK5bCnBImlbV_E1QYVyBxNZ3BXpXGMcxP_H3HacJBXgmyTZOGccHkPGm45G7OGQMmVFxZQAgY3I1EXkftfu-bJKJULQca4dI2a48XmYtEntGlT16FpvR0GqJJOC5L4idxo2osmqwlbdv7YQ1swa3N7Jqg_mTJX9n7tkAF_u6qYl8IlNjZ3ZNx92RTH7M5mtdkJprgyovPWCLg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCED5Of_RSY-jVC4yCjMwP1qGpgAWY_NGxXKqEzOSFAcCNtwEQASAAYKWAgICQAYIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQJAHLB2MyylPuACAKgDAaoEzgJP0FQDYputrVq4mBZC85-yElHjyZS2Jg_7LUTvNGHz-3e9_X4AvWIcWcJ3q-pUyk_FZVRdqw9dTIk_uop2frxQBb8_eNeQaa5uI2LtPq6G1hn684b6CvwKVFmGPHn7xcEa_YbonbbK3OLxSPPjI0YNcKMvkOQqfjwHOH9FNeKXo8RYxlMGNUbpWVqruBJibqFt8AF_TgXmqnLQLEAlES7u22sviP_I3arpqvn0qvyQu97lMsk2h0gdrkLIcjH4tnb7i6c8m-Hesp10qUtZ6h8lxeG8AmerimzhAjWGi1pgwc8lk6dHjERr0V0MKRsA8EsEwztjmVyoUGzoBkxzVUkZEUe_uQUSMhJkrYvoi954WJ_sZdrM5u7XU7k-o_lKoJCNpPtyx7w58l2Vq3sbwbNjigiO_KpWPiHzMOCzeRPO9_B-S3v12Z96l_bF_XVl4AQBgAbumczxoPKew5QBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_09LmVbMVdAq-eVz3MUJsrAaekHTw%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:35:29 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 16 Oct 2023 19:35:29 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 0E64 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y1L0fwAC6ugDgwEMAApQ1jR685-xTgtrtLud2w&u=%7CofVbK1XmZRbPu%2FhZt%2FV3fq8L%2B8opEzGA0RmCmiEnt%2B0%3D%7C&c1=0n2XosTo5cliKCnvh9OE5jqZHIJlQ7xgp7yhsEndoSQWtCdBOgT7K4ozbUym4LQBP0pW1DkPG3cqCrmCt---Av6Kjbuz6oDarG3WZ1PjBDpweLK-UsMlDvClDVsbgNGYem2l2F_Zskv2jxgp958pnROz25-dhZto5ES6GUwDdN1NN468diB8wZkUxgu4NZJv0jhS5zWR-jifqd_h4qubI-aNOCkx8vJ8jDe8NZeskPl1Vzt878HaV_cxKr37z9foYp8GTUczxfiGnpa18Vrb0YjPHOEu4u31-h4gjGIM1kei-gMEI1B9fOtTq2pyfOcxX3QK8Cha2n2RBRW_nIelCNVqv_O4LxsYoMA3tlMnJJtL0Eqpp8_ET-G6WtcoQRLp2hwab92Nksh44X41vzVkb_Co8sNaVsBq_zWmd1WNB6dLFZzgQzoCbclDA-K-KhO05MTBbCYOVdK5bCnBImlbV_E1QYVyBxNZ3BXpXGMcxP_H3HacJBXgmyTZOGccHkPGm45G7OGQMmVFxZQAgY3I1EXkftfu-bJKJULQca4dI2a48XmYtEntGlT16FpvR0GqJJOC5L4idxo2osmqwlbdv7YQ1swa3N7Jqg_mTJX9n7tkAF_u6qYl8IlNjZ3ZNx92RTH7M5mtdkJprgyovPWCLg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCED5Of_RSY-jVC4yCjMwP1qGpgAWY_NGxXKqEzOSFAcCNtwEQASAAYKWAgICQAYIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQJAHLB2MyylPuACAKgDAaoEzgJP0FQDYputrVq4mBZC85-yElHjyZS2Jg_7LUTvNGHz-3e9_X4AvWIcWcJ3q-pUyk_FZVRdqw9dTIk_uop2frxQBb8_eNeQaa5uI2LtPq6G1hn684b6CvwKVFmGPHn7xcEa_YbonbbK3OLxSPPjI0YNcKMvkOQqfjwHOH9FNeKXo8RYxlMGNUbpWVqruBJibqFt8AF_TgXmqnLQLEAlES7u22sviP_I3arpqvn0qvyQu97lMsk2h0gdrkLIcjH4tnb7i6c8m-Hesp10qUtZ6h8lxeG8AmerimzhAjWGi1pgwc8lk6dHjERr0V0MKRsA8EsEwztjmVyoUGzoBkxzVUkZEUe_uQUSMhJkrYvoi954WJ_sZdrM5u7XU7k-o_lKoJCNpPtyx7w58l2Vq3sbwbNjigiO_KpWPiHzMOCzeRPO9_B-S3v12Z96l_bF_XVl4AQBgAbumczxoPKew5QBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_09LmVbMVdAq-eVz3MUJsrAaekHTw%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:35:29 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 16 Oct 2023 19:35:29 GMT
postback
s.acexedge.com/2/2.74.0/tm75/AZY6VocQDAJ1Vzw4/ Frame 48C1 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.acexedge.com/2/2.74.0/tm75/AZY6VocQDAJ1Vzw4/postback?oz_pl=1&ac=723720&pc=2577838&ai=4118211376&dm=15&cb=4432968218687010311&c2=3&ci=tm75&di=www.bg3.co&si=833209&ti=2033177727147589838.3843878600110830905&r6=c1fecd6e4d9bf169bf4d89f8acccee5d&dt=2926111444050714666007&ap=&pp=89500&sr=11901&md=DISPLAY&account_id=461428&ui=&_x=1
Requested by
Host: s.acexedge.com
URL: https://s.acexedge.com/2/tm75/analytics.js?pp=89500&si=833209&di=www.bg3.co&ac=723720&pc=2577838&ai=4118211376&dm=15&ti=2033177727147589838.3843878600110830905&ui=&cb=4432968218687010311&sr=11901&c2=3&r6=c1fecd6e4d9bf169bf4d89f8acccee5d&dt=2926111444050714666007&md=DISPLAY&account_id=461428&ap=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
3.0.26.188 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-0-26-188.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 21 Oct 2022 19:35:30 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
main.js
s.acexedge.com/2/2.74.0/ Frame 48C1 		163 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.acexedge.com/2/2.74.0/main.js
Requested by
Host: s.acexedge.com
URL: https://s.acexedge.com/2/tm75/analytics.js?pp=89500&si=833209&di=www.bg3.co&ac=723720&pc=2577838&ai=4118211376&dm=15&ti=2033177727147589838.3843878600110830905&ui=&cb=4432968218687010311&sr=11901&c2=3&r6=c1fecd6e4d9bf169bf4d89f8acccee5d&dt=2926111444050714666007&md=DISPLAY&account_id=461428&ap=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
3.0.26.188 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-0-26-188.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
5875e955513dba34f16b8469e2472c9fecf4bf2d89e5f958646dd6e4e0cf4b7f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 21 Oct 2022 19:35:29 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
br
Accept-Ch
Viewport-Width, Viewport-Height, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data
Vary
Origin, Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Cache-Control
public, no-transform, immutable, max-age=999999999
Timing-Allow-Origin
*
Content-Length
52039
Expires
Mon, 29 Jun 2054 17:26:37 GMT
vevent
lax1-ib.adnxs.com/ Frame 6FF7 		0
836 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://lax1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-jun-xin-yi-pi-sheng-chang-qi-ban-fei-xing-xue-yuan-jie-ye-you-ge-xin-tu-po.html&e=wqT_3QKNCugNBQAAAwDWAAUBCP7oy5oGELnq07qJ54ysNRgAKjYJexSuR-F6tD8RnMQgsHJosT8ZAAAAIIXrwT8hnA0SACkRJNAxAAAAQOF6lD8w8uzGCjj9XEDjHkieAVC12_i3AVi5tIoBYABotZGzAXgAgAEBigEDVVNEkgUG8IaYAdgFoAFaqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AIA4AKN6lrqAmhodHRwczovL3d3dy5iZzMuY28vYS9oYWktanVuLXhpbi15aS1waS1zaGVuZy1jaGFuZy1xaS1iYW4tZmVpLXhpbmcteHVlLXl1YW4tamllLXllLXlvdS1nZS0BPXx0dS1wby5odG1sgAMAiAMBkAMAmAMXoAMBqgObBQrcBBF-9FUDcnRiLWxiLWV2ZW50LWFkY2xvdWQtcHJvZC11cy13ZXN0LTItdG0uZXZlcmVzdHRlY2gubmV0L3J0Yi9lLnBuZz9lPXdpbiZhaWQ9MjAzMzE3NzcyNzE0NzU4OTgzOC4zODQzODc4NjAwMTEwODMwOTA1JmNwPTI1Nzc4Mzgmc2xvdD0xJnhfcHJpY2U9JHtBVUNUSU9OX1BSSUNFfSZldHM9MTY2NjM4MDkyNjMzMyZ0ej1BbWVyaWNhJTJGTG9zX0FuZ2VsZXMmc291cmNlPWFwcG5leHVzJmZjPTMmZmNpPTEmY291bnRyeT1BVSZyZWdpb249TlNXJm1jPTQ4JmFwPTAmdXQ9MCZ2aXM9VU5LTk9XTiZzaXRlPU9iMVZYQmNmWmRqbmxWak9lSjdmJmJwPTgwMDAwJmN1cnI9VVNEJmV4cj0xLjAmZmlkPUk1R0x3Y1prQnFXZ2FPOUlJY081JmM9NDExODIxMTM3NiZjY3Vycj1VU0QmY3V4cj0xLjAmYT00NjE0MjgmY2E9NzIzNzIwJnN0PURJU1BMQVkmc2g9MTAwJnN3PTMwMCZyaWQ9MTg4Jm1wPTI0OSZwc2s9T2IxVlhCY2ZaZGpubFZqT2VKN2YmY2ZjPTAmY2ZjaT0wJmR1cj0tMSZjaXR5aWQ9NjEmbWV0cm9pZD0tMSZjb3VudHJ5aWQ9MTMmcG9zdGFsaWQ9LTEmZHVyYXRpb249MTAmdj0xJmF1dGg9SkFCb0hiRk9HM2hFRzFvbkc1ME9yUUJtVDUwJnhfcj05WDk5YWcaEzM4NDM4Nzg2MDAxMTA4MzA5MDUiCTM4NTc1NjU5NyoEMzkzOToUTi4yNTc3ODM4LjQxMTgyMTEzNzbAA6wCyAMA2AP0wMQB4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDzE3My4yNDUuMjA5LjEzMKgEALIEEAgAEAQY2AUg-gEoATAAOAK4BADABADIBADaBAIIAeAEAfAEtdv4twGIBQGYBQCgBc6B-f7ti9ObHMAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQDgBQHwBaPARfoFBAgAEACQBgCYBgC4BgDBBgAAAAAAAPA_2gYWChAAAAAAAAABNAkB8EYQABgA4AYB8gYCCACABwGIBwCgBwGqBxRNRExFSWw0cUlkNUUyaE1jQ0gxNLoHDwgAEAAYACAAMAA4iAFAAMgHANIHDQkAABlNCNoHBgklaOAHAOoHAggA8AeY0AqKCAIQAJUIAACAP5gIAQ..&s=3dc46d1d374d53e0073c42d34589f71e303e0d2b&type=pv&jm=1003&px=236&py=60&bw=728&bh=90&sf=1&sid=2892681511577942555&vd=ct~0|rr~5&sv=229&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=22132338&ft=2
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/229/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.148.251 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
893.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 21 Oct 2022 19:35:29 GMT
AN-X-Request-Uuid
d4a080b8-2913-46ce-afe1-c40444b44fc2
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.bg3.co
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
173.245.209.130; 173.245.209.130; 893.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ 		88 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
b39c934479cfe0991a6eea4f9a0597eebea9da311d8ca1aebffd48fef946b5b7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:35:29 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Sat, 01 Oct 2022 02:55:29 GMT
server
nginx
etag
W/"6337ac21-161a8"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 22 Oct 2022 19:35:29 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 7ACF 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221019&jk=2672479170510720&bg=!5eal5qLNAAaaxvStusY7ACkAdvg8WkzEujmnbaQNJjURc7XLnrm2-8p1hWT124d55MaFtOJFuX8ZsgIAAAB0UgAAAARoAQcKANOm_e9P8JJ9_EvJOIGLgVT-Vh7-lP1vW6Z4nqgiVY8C1TtySp1X7A1pHrXXieVJzohtiDZZaZli9o3s_aQKYymvKWgAPnvlFWjmuUputekTU5ltDV1TVXVmcvZtqsLkzJUflWgW_XXPVBMrKvXx2EhbG3UL_C4ufsDdiry4WVkZLb0P082rtGNLAdLY76wuPxz4QvL5yi6bCStOQH5iTkVP8NhKDwd0evT3eZkBBfu3LbLBe-dykFHE0AanJVVx2-rjsB6Nyik94e8OvHwOhR-xSzSxmQKrqlh2yAQaEd2BXtFG5w6rhNyIKAyDi0mLAHY1FWCEHA7tr3e3hzMPzRM5LyxnJTm9fQcCfG_yHnyR7BcCe_oDW5T2RTXM9qbTJVUMOzy65DnKERF_SvcU-5tWEG5lfMqyYXNt5_ZeW0xhQNBE2yKMRduBs9NpqPx6VXLsfTTsGQ_iQfq31m9ic9JVFU4Iz7tgxLajJd-KwOQXQdIheFws5ujTdjUfF8j9GJHAmT7D_jBmCB7ZYSQ7IP6V60Ql28sWzM8OSLuL8rAA7aSrlQ9ripS6fMUmiwxiaMOuChphpLQqlaBKf0x0AxmNMOvaerpbfk-zRAWgfAQ86mm47BDCAYu4Vmv8xe-yxagOkzMyukN-0hMv1KGjN-VY23Wql8HXiCnZDwUtrCDk27Dw4PsEGF3Gxu96Am3Wus1jfUcGm0e3202RjZgugEE2Q4yjXg_jGGcVF1Fg7JkGug_8hcFFRomzLELGZh6b9P_bOv0c4gB0NgMT3SSgq9kMuQLgcrFTisCLXev_lmVYdDZo2N8dPRDLCLp1C4QqLRbT778DowN1ybeZU9bDTYw6AbLuWTHzZJ-BRWdD86WRJibYzHl7b63UvU4Q8-laFvQAvXp6yxcnEd9QGatLFJlkboz3LZ7GzXpb7aUodaHe2HpKtvptuK3EZUvu-Id3v_uMlmcscKz2_wJOuQbxtD1bBVl1TOd_CS4ckeMCXr8ZQ676yYXouqiQhf4l-AFj0SjfttYgH78uImICDG6U7j5Zs4sPQ4G1UjGc9wL2HaJZZ3UA7pwyqcIo21tfqAi7iBgMItnestGeAQz9q88bbS-2B5dBZzvwY4uj-BBx5V3C5tTc6apvk7erP5eApHx4H0sVloWha0AptuECoTN37uhvUpt95eJfRsXz1-ptpL3gY1s
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-jun-xin-yi-pi-sheng-chang-qi-ban-fei-xing-xue-yuan-jie-ye-you-ge-xin-tu-po.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
uorw1Q15Z41enm5ok1wjUR_2roEciA9rCBWFXmlrAj4.js
pagead2.googlesyndication.com/bg/ Frame 5300 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/uorw1Q15Z41enm5ok1wjUR_2roEciA9rCBWFXmlrAj4.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-jun-xin-yi-pi-sheng-chang-qi-ban-fei-xing-xue-yuan-jie-ye-you-ge-xin-tu-po.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
sffe /
Resource Hash
ba8af0d50d79678d5e9e6e68935c23511ff6ae811c880f6b0815855e696b023e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://4d6f72d0e14a2586548118fd7cc8457d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 20:06:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
170942
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15900
x-xss-protection
0
last-modified
Tue, 18 Oct 2022 15:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 19 Oct 2023 20:06:27 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame FC56 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221019&jk=746497570079959&bg=!9_Sl9LDNAAaaxvStusY7ACkAdvg8Wq0tZrxtFl3csscUKDVRU8ffa4Osp-9ZwctCHtHqK24dkdqyJgIAAABdUgAAAANoAQcKAMLOd34KmZQpYlocSWc9fkcu4j463aA0B27sNFm0G3hsqSE2A6XfxMMPzkNcYAVGMhTXw1skB8_ky0Hhc-WrQbjrx7PQksuFzWfI6gjL1o8Hr4u3B_EXqipvQRWyn3AnTFIbnWvy7IFb1h9tZy3rX4Nrij0--nWiSpz4Qfy3kkQ-Yk5tAN71wHIVfQg2x3N9i0e-3njaASwPsl_lc8ohNVrbcOShl3CqPG4ek6ezlOyC-ApuHOsl5osbG_k-Llp7KgCKWJkCulujiPfvfhoRidaJlEcCGQvGPKnqmitXvl1978ncadW4_4dHutSKYUSs8vDF5LXJReXSOKA-dbF1IYOAgfl_yVCN7qtYjpnmJbj0uhOMcao5ttGpihZEmVuxeqhil7PEWv5u4fdonCWmEUAl96czXRFA_eXLY5P3I0-ZcXQfLLtH0kWHEnEQXttdLFsha5IXE0lU1nCCd1FoHGNYLrgZoNP2hPMUUyveR3P7asWuQtA1QiZZumL7CwkvQdrs7LyBI4K3quxvi8Y69FsbyB45_VSk29ut0nXk_HNhRWCTODDUb4vvjg1FDxUoQmYrUKLFMocJJ6DYwjSiBsPHh7rabvEOLIXxQP5obJusbdynl5pK5sefqoUJvBcQ6mt98NwuGpCKHDN6H4qpMriTDTHc89ehm_MT6cUjFI3_QK3H4nJj4xy4T3KVEpxjSbWZI88-6NS2NbI7Rinn6qT-Ufv83ysNnDZMIkcem_0HFRmWNTjPwCNaU2_cUuiFChXX-Tho8DDatq6vpZ84SDVzAbIyhioxNy4VYZ_XFj7vbeWCEcC7odhoGDCGF7iqVc5aSSdKytW_pW7W6SJoEVCr6x4vua_jF-Oibmi6-PulfdGJqhqkCcVG0gSmUE6PMMjmC4ohaiNLaofLyRqHFjv2xBy7akzC70CktIyWr50ppQyMPkOOqtzJfoq2ClnOxfe317SvBjpEZCPTt8tSSe9cGmD3z3UQflkFoXddE1xyVH4NsSzPj82_HoRIJOtKvRnGLdMByfy2NswnE6Nokqnp0YhJpb9Aea8VNRFn-qtuhpkHF_byaadPCyR2PvKyvMYQhqfmqLfSobuWkPoiAPn-tjtG1JsSKaCf2mOvVDiecvKgcMAFekegs6xuk6D1BPfjmb2xGJ6cT4StOOSU2NyGuRJRgVSzPFM9egzuRPe_
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-jun-xin-yi-pi-sheng-chang-qi-ban-fei-xing-xue-yuan-jie-ye-you-ge-xin-tu-po.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
activeview
pagead2.googlesyndication.com/pcs/ Frame 6FF7 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvSELqg1UURHWSTovDH4Szh1KHkYJuZGDIPXCmr8uMmQ7Lit76BO4XKpJZOIInWsQQV6VMVZ51Ag7CRwC9dmRu7CLwBT0ZGVo8vSDd8M5CQfD38-myl&sig=Cg0ArKJSzN8kfW5uFp6EEAE&id=lidar2&mcvt=1000&p=60,236,150,964&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221019&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=1420297610&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1666380927674&rpt=999&isd=0&lsd=0&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:35:29 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 2750 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst_froyrY_YCdYMDH_CiwCZTrmqcLQX1geMyFOrHPUvH9SD4H-0o49TTyfsW6_bfYLaMykxAUjgVGSKJponT_mdWG6K&sig=Cg0ArKJSzD1_KqE7B04GEAE&cid=CAASFeRogIFpgtwEo2Bj1fdj3o4or3Uf4g&id=lidar2&mcvt=1000&p=300,5,900,125&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221019&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=4082231052&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1666380927706&rpt=1108&isd=0&lsd=0&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://4d6f72d0e14a2586548118fd7cc8457d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:35:29 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vimp
statsf-tm.everesttech.net/stats/1/ Frame 48C1 		85 B
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://statsf-tm.everesttech.net/stats/1/vimp?price=0.08&date=1666380927999&seller_id=11901&didtype=&sessId=2033177727147589838.3843878600110830905&mpKey=I5GLwcZkBqWgaO9IIcO5&bi=B0982Yz394Jy1ttN1CTWAIvGF-2Yo8UUq2jZLTb2k2Jda78KAGGuEfZEj3FUVzPu0Wa8yLuR8S7dO42jX4YW8icEZz5f4IdWsC_O8FKDKGlzT81L9Bahjc8YoRrAwLpnHCJynS6c_taNxSYQ-Pc6wioMIIU6FBKrQVAI-p2UhPmoOAPRcOt17Vyiud731ZCExpsqCPkRC1v0WE-h9xZLlBLhA5JirXXx93K0BzmqyVwSkM&did=&adKey=Ku5YY7p0QAmQhR3kr41g&conn=unknown&rt=HTML5&auth=2273cf3943d7ca6589630481650d1daa&vinst=t&env=site&s=H4sIAAAAAAAAAAEAAf_--qsPUUKnc6Y_hw3tfEefbwFwXa6yB3QPHNeNHG75ferHEUnJUDg7IFZbneGFO4UwvlINT2kJThiI0ZsScriAi2zhYU3HOagF_6IsrblJnC3ElWPntpR_zG23RNdwlQ_82yU334VlfMjJCPFL_dEdlAxoYOJ_57shZNEVOAWFGesNgvf6kHfzGm4pyF9ldFx_UdFa8IIpd57a4dN9DL5h5SDsZPNn7-ZOfMk40l9yqL4NLSnLpoEXtJYmG5vw-8W779h-UOoLHS--jkIwxcRHc8t9jOVelRYcAS1h9J1N2Kh403isuufdkcNAIh4D0ZsMLRzvsiQQHL3m_T0Hii13xPLp2eoAAQAA&psId=Ob1VXBcfZdjnlVjOeJ7f&cpKey=EYu2HtoTu2cHw5R78E7n&PG=F&burl=about%3Ablank&rurl=https%3A%2F%2Fwww.bg3.co&astv=20220412&apv=B20201012&w=728&h=90&pw=728&ph=90&vw=728&vh=90&vwbl=t&vver=20200211&vpct=100&ifr=true
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-jun-xin-yi-pi-sheng-chang-qi-ban-fei-xing-xue-yuan-jie-ye-you-ge-xin-tu-po.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-cache-hits
0
date
Fri, 21 Oct 2022 19:35:30 GMT
via
1.1 varnish
x-pt
P=335
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
x-region
APAC
content-length
85
x-served-by
cache-syd10151-SYD
pragma
no-cache
server
Jetty(9.4.35.v20201120)
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache
accept-ranges
bytes
expires
Fri, 21 Oct 2022 19:35:30 UTC
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.bg3.co
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Fri, 21 Oct 2022 19:35:29 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
301373
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
json
gum.criteo.com/sid/ 		335 B
644 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&cw=1&pbt=1&lsw=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
432ef3d374bc323a6e057fa9b5395ba04b40ce35e6e73f5e2b19a8b73ea0c4d8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:35:30 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1190627
expires
0
rid
match.adsrvr.org/track/ 		108 B
672 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
397f7dac2c15e7d7192987a1b3c1a97f86b6ec8cec850ad641b6979f99f1ad03

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 21 Oct 2022 19:35:30 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
108
expires
Sun, 20 Nov 2022 19:35:30 GMT
/
onetag-sys.com/usync/ Frame 69CF 		2 KB
863 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1666380926195
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.79.234.101 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-51-79-234.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
async_usersync.html
acdn.adnxs.com/dmp/ Frame 1A0E 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.44.0.183 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-44-0-183.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Fri, 21 Oct 2022 19:35:30 GMT
ETag
"623de86a-cf34"
Expires
Sat, 22 Oct 2022 19:35:32 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Unused62
8096267
Vary
Accept-Encoding
sync
eb2.3lift.com/ Frame 23EB
Redirect Chain
  • https://eb2.3lift.com/sync?
  • https://eb2.3lift.com/sync?&ld=1
1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?&ld=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
229593a4d77f8a17a2225bd1570da351b1c11d37672e14c4ee9c90d1ed7d9fa6

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
1083
content-type
text/html; charset=utf-8
date
Fri, 21 Oct 2022 19:35:30 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Fri, 21 Oct 2022 19:35:30 GMT
location
/sync?&ld=1
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pd
u.openx.net/w/1.0/ Frame 8796 		533 B
637 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
971ffed62cd33a6bbefdfbb85b9a68905b07a684adc033aa52d055d29e213fbe

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
325
content-type
text/html
date
Fri, 21 Oct 2022 19:35:30 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
ixmatch.html
js-sec.indexww.com/um/ Frame FF91 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.13.76 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
853
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
75dc6fce7ad9a801-SYD
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 21 Oct 2022 19:35:30 GMT
expires
Fri, 21 Oct 2022 23:35:30 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
sync.html
public.servenobid.com/ Frame CA82 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://public.servenobid.com/sync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.158.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-158-43.cdg52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bee00dc9ac61a6eae0a5a1efd6af3ba501f5d4208e5e21e1bbc545db78c161fe

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
48283
cache-control
max-age=86400
content-encoding
br
content-type
text/html
date
Fri, 21 Oct 2022 06:10:49 GMT
etag
W/"73e6cbdab99355b35d71abf2ea225ccb"
last-modified
Fri, 14 Oct 2022 20:27:38 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 c554699ee704a19f7545cb8005037198.cloudfront.net (CloudFront)
x-amz-cf-id
qa338ofEucI8eLdJoF8lTEZnQICIjIMYvugLfECeOhnk5mKYL6LTbg==
x-amz-cf-pop
CDG52-P2
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:us-east-1:559734745816:build/adserver-public-prod:3af1d685-3010-4d5a-b093-b3a07cfff8d4
x-amz-meta-codebuild-content-md5
7549bc6c6d823788ee0fb3e82c36711f
x-amz-meta-codebuild-content-sha256
a4bfb92c455b4ab78db908287ee14cc08cc0080652f1ca29578852e9526e8fda
x-cache
Hit from cloudfront
usync.html
eus.rubiconproject.com/ Frame 6117 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.9.185.218 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-9-185-218.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 21 Oct 2022 19:35:30 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
checksync.php
contextual.media.net/ Frame 1B05 		36 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.195.152.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0e9f8699ed460214761575f0c16079988bfc7cdbaff9dd35c2b6ba22b7b4cce8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
11833
content-type
text/html; charset=UTF-8
date
Fri, 21 Oct 2022 19:35:30 GMT
expires
Sun, 23 Oct 2022 19:35:30 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
setuid
prebid.a-mo.net/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=adaptmx&user_id=35547a94-3441-442f-9002-2b0d5ff75255&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=e8e30d2f-61ec-4802-a103-57a098722b8a&ssp=adaptmx&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10524560487958652797&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.vi...
  • https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=e6dd36e3-0a67-4488-b839-23f315d550e5&ssp=adaptmx&gdpr_consent=&gdpr=0
  • https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=10524560487958652797&ssp=adaptmx&gdpr=0&gdpr_consent=
  • https://odr.mookie1.com/t/v2?tagid=V2_785409&src.visitorId=208840804311005467984&ssp=adaptmx&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10524560487958652797&ssp=adaptmx&gdpr=0&gdpr_consent=
  • https://prebid.a-mo.net/setuid?bidder=bid_switch&uid=e8e30d2f-61ec-4802-a103-57a098722b8a&gdpr=0&gdpr_consent=&us_privacy=
0
141 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?bidder=bid_switch&uid=e8e30d2f-61ec-4802-a103-57a098722b8a&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-jun-xin-yi-pi-sheng-chang-qi-ban-fei-xing-xue-yuan-jie-ye-you-ge-xin-tu-po.html
Protocol
H2
Server
145.40.89.200 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:35:31 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
vary
Accept-Encoding

Redirect headers

Location
//prebid.a-mo.net/setuid?bidder=bid_switch&uid=e8e30d2f-61ec-4802-a103-57a098722b8a&gdpr=0&gdpr_consent=&us_privacy=
Date
Fri, 21 Oct 2022 19:35:31 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
pixel
ap.lijit.com/
Redirect Chain
  • https://prebid.a-mo.net/cchain?cb=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Damx%26uid%3D35547a94-3441-442f-9002-2b0d5ff75255&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F5%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26A%3D35547a94-3441-442f-9002-2b0d5ff75255%26bidder%3Dappnexus%26cbx%3DaH...
  • https://prebid.a-mo.net/cchain/0/5?gdpr=0&gdpr_consent=&us_privacy=1---&A=35547a94-3441-442f-9002-2b0d5ff75255&bidder=appnexus&cbx=aHR0cHM6Ly9pYi5hZG54cy5jb20vcHJlYmlkL3NldHVpZD9iaWRkZXI9YW14JnVpZD...
  • https://ap.lijit.com/pixel?gdpr=1&gdpr_consent=&us_privacy=1---&redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%2F5%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26A%3D35547a94-3441-442f-9002-2...
0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?gdpr=1&gdpr_consent=&us_privacy=1---&redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%2F5%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26A%3D35547a94-3441-442f-9002-2b0d5ff75255%26bidder%3Dsovrn%26cbx%3DaHR0cHM6Ly9pYi5hZG54cy5jb20vcHJlYmlkL3NldHVpZD9iaWRkZXI9YW14JnVpZD0zNTU0N2E5NC0zNDQxLTQ0MmYtOTAwMi0yYjBkNWZmNzUyNTU%253D%26uid%3D%24UID
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-jun-xin-yi-pi-sheng-chang-qi-ban-fei-xing-xue-yuan-jie-ye-you-ge-xin-tu-po.html
Protocol
HTTP/1.1
Server
209.191.163.210 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 21 Oct 2022 19:35:31 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap4sfo1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT

Redirect headers

location
https://ap.lijit.com/pixel?gdpr=1&gdpr_consent=&us_privacy=1---&redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%2F5%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26A%3D35547a94-3441-442f-9002-2b0d5ff75255%26bidder%3Dsovrn%26cbx%3DaHR0cHM6Ly9pYi5hZG54cy5jb20vcHJlYmlkL3NldHVpZD9iaWRkZXI9YW14JnVpZD0zNTU0N2E5NC0zNDQxLTQ0MmYtOTAwMi0yYjBkNWZmNzUyNTU%253D%26uid%3D%24UID
date
Fri, 21 Oct 2022 19:35:30 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
2
server
envoy
content-length
0
yahoo
prebid.a-mo.net/setuid/
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58570/occ?gdpr=0&gdpr_consent=&uid=35547a94-3441-442f-9002-2b0d5ff75255
  • https://prebid.a-mo.net/setuid/yahoo?uid=y-c5fyyUdE2uEOxIbgqdveLPIxgfn3Pl14hvZy53I-~A&gdpr=0&gdpr_consent=
0
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid/yahoo?uid=y-c5fyyUdE2uEOxIbgqdveLPIxgfn3Pl14hvZy53I-~A&gdpr=0&gdpr_consent=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-jun-xin-yi-pi-sheng-chang-qi-ban-fei-xing-xue-yuan-jie-ye-you-ge-xin-tu-po.html
Protocol
H2
Server
145.40.89.200 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:35:29 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
vary
Accept-Encoding

Redirect headers

location
https://prebid.a-mo.net/setuid/yahoo?uid=y-c5fyyUdE2uEOxIbgqdveLPIxgfn3Pl14hvZy53I-~A&gdpr=0&gdpr_consent=
date
Fri, 21 Oct 2022 19:35:30 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
magnite
prebid.a-mo.net/setuid/
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://prebid.a-mo.net/setuid/magnite?uid=L9IW6FUB-20-2PMU&gdpr=0&us_privacy=1---
0
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid/magnite?uid=L9IW6FUB-20-2PMU&gdpr=0&us_privacy=1---
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-jun-xin-yi-pi-sheng-chang-qi-ban-fei-xing-xue-yuan-jie-ye-you-ge-xin-tu-po.html
Protocol
H2
Server
145.40.89.200 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:35:30 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
vary
Accept-Encoding

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://prebid.a-mo.net/setuid/magnite?uid=L9IW6FUB-20-2PMU&gdpr=0&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4b9b5fe4fdc8ed94e0f7cdc225df187a
Expires
0
postback
s.acexedge.com/2/2.74.0/tm75/AZY6VocQDAJ1Vzw4/ Frame 48C1 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.acexedge.com/2/2.74.0/tm75/AZY6VocQDAJ1Vzw4/postback?oz_pl=1&ac=723720&pc=2577838&ai=4118211376&dm=15&cb=4432968218687010311&c2=3&ci=tm75&di=www.bg3.co&si=833209&ti=2033177727147589838.3843878600110830905&r6=c1fecd6e4d9bf169bf4d89f8acccee5d&dt=2926111444050714666007&ap=&pp=89500&sr=11901&md=DISPLAY&account_id=461428&ui=&_x=1
Requested by
Host: s.acexedge.com
URL: https://s.acexedge.com/2/tm75/analytics.js?pp=89500&si=833209&di=www.bg3.co&ac=723720&pc=2577838&ai=4118211376&dm=15&ti=2033177727147589838.3843878600110830905&ui=&cb=4432968218687010311&sr=11901&c2=3&r6=c1fecd6e4d9bf169bf4d89f8acccee5d&dt=2926111444050714666007&md=DISPLAY&account_id=461428&ap=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
3.0.26.188 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-0-26-188.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 21 Oct 2022 19:35:30 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
postback
s.acexedge.com/2/2.74.0/tm75/AZY6VocQDAJ1Vzw4/ Frame 48C1 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.acexedge.com/2/2.74.0/tm75/AZY6VocQDAJ1Vzw4/postback?ac=723720&pc=2577838&ai=4118211376&dm=15&cb=4432968218687010311&c2=3&ci=tm75&di=www.bg3.co&si=833209&ti=2033177727147589838.3843878600110830905&r6=c1fecd6e4d9bf169bf4d89f8acccee5d&dt=2926111444050714666007&ap=&pp=89500&sr=11901&md=DISPLAY&account_id=461428&ui=&sid=AZY6VocQDAJ1Vzw4&oz_sc=570da8e090e2e02975a217b9&oz_df=1666380930101&oz_l=220&cv=3
Requested by
Host: s.acexedge.com
URL: https://s.acexedge.com/2/2.74.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
3.0.26.188 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-0-26-188.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 21 Oct 2022 19:35:30 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
22b1ab14-6cf6-4fbb-8c0b-f3955a6586b4
https://www.bg3.co/ Frame 3EA3 		185 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.bg3.co/22b1ab14-6cf6-4fbb-8c0b-f3955a6586b4
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-jun-xin-yi-pi-sheng-chang-qi-ban-fei-xing-xue-yuan-jie-ye-you-ge-xin-tu-po.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
848fe19ed492948709b881f504ce2eb6274baa694606ca88eb9b2990a2460caf

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
185
Content-Type
application/javascript
sd
us-u.openx.net/w/1.0/ Frame 8796
Redirect Chain
  • https://ad.turn.com/r/cs?pid=9&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=8843692322208152390&gdpr=0&gdpr_consent=&us_privacy=
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073061&val=8843692322208152390&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:35:30 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537073061&val=8843692322208152390&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Fri, 21 Oct 2022 19:35:30 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
sd
us-u.openx.net/w/1.0/ Frame 8796
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=43645594-18bd-7c0c-f28f-f20a69080af1&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=18e01040-c1b4-4d65-84d0-2effa943fb60&ttd_puid=43645594-18bd-7c0c-f28f-f20a69080af1&gdpr=0&gdpr_consent=
43 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=18e01040-c1b4-4d65-84d0-2effa943fb60&ttd_puid=43645594-18bd-7c0c-f28f-f20a69080af1&gdpr=0&gdpr_consent=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:35:30 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:35:30 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=18e01040-c1b4-4d65-84d0-2effa943fb60&ttd_puid=43645594-18bd-7c0c-f28f-f20a69080af1&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
335
sd
jp-u.openx.net/w/1.0/ Frame 8796
Redirect Chain
  • https://tg.socdm.com/rtb/sync_before?proto=openx
  • https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Y1L0gsCo8XUAACBNFRYAAAAA
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Y1L0gsCo8XUAACBNFRYAAAAA
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:35:31 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

X-SO-Cluster-ID
8
Date
Fri, 21 Oct 2022 19:35:30 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync_before?proto=openx","cluster_id":8,"gdpr":false,"ipv4":"173.245.209.130","key":"Y1L0gsCo8XUAACBNFRYAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"a-ad40206"}
X-SO-Key
Y1L0gsCo8XUAACBNFRYAAAAA
Server
nginx
X-SO-Upstream-ID
a-ad40206
P3P
CP="See also http://www.scaleout.jp/privacy/"
Location
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Y1L0gsCo8XUAACBNFRYAAAAA
Cache-Control
private
X-SO-HostName
a-ad40206.dc2p.scaleout.jp
Connection
keep-alive
X-SO-Ads-Time
2
Content-Length
0
X-SO-LB-Hostname
m-tgng17.dc4p.scaleout.jp
X-SO-IP
173.245.209.130
sd
jp-u.openx.net/w/1.0/ Frame 8796
Redirect Chain
  • https://cr-p3.ladsp.com/cookiesender/3
  • https://cr-p3.ladsp.com/cookiesender/3?cr=true
  • https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AeHgfJsAJnPwks8ADwG0sGvldc8AAAGD_AsgEg
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AeHgfJsAJnPwks8ADwG0sGvldc8AAAGD_AsgEg
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:35:31 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:35:31 GMT
via
1.1 625de659a90e36a729e80cd3fdf6ae3c.cloudfront.net (CloudFront)
server
Logicad
x-amz-cf-pop
SIN52-C3
x-cache
Miss from cloudfront
p3p
CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
location
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AeHgfJsAJnPwks8ADwG0sGvldc8AAAGD_AsgEg
cache-control
no-cache
content-length
0
x-amz-cf-id
Z5I30KPu8oa8nRePHY6vLdkyflLWHs5DE09FpdgI8yJ904hGcyiKAA==
expires
-1
pixel
cm.g.doubleclick.net/ Frame 8796 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NmYwYjg2NWUtZDFjYS0yMmE4LWU3NmYtYThiM2EzZWFjNDkx
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:35:30 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 8796
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFrccFFGgq5nZGGbv0GKxFA&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFrccFFGgq5nZGGbv0GKxFA&google_cver=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:35:30 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:35:30 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFrccFFGgq5nZGGbv0GKxFA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
all
csm.as.criteo.net/ Frame 0E64 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.as.criteo.net/all?cppv=3&cpp=owVA_MqSHJ8APN0_Kmzmtm_iePB8w-qAJnYhWga3buyEx8pQlRS699XI57FwMHfQDNeI75ymn3dMHmHoJxhnN1BeV9HMy0ZXax-odzd70MBm3wKj3RkG03gKzaxuiJXIpW4rhqiKwvcUFBQ3WzimaawXV_qpBlz274BJ0ngyx_u-eczucCCyMPjrxAR3Qe10NtVMsGhl7TarvmbB8_zotINtmv9FqkYCGFMg2gnI_i0BYgIGIvSnan4Yr7Q7iC5ZTTH_Izvwns1nRmxC&sds=2&rev=83153&sendBeacon=true
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y1L0fwAC6ugDgwEMAApQ1jR685-xTgtrtLud2w&u=%7CofVbK1XmZRbPu%2FhZt%2FV3fq8L%2B8opEzGA0RmCmiEnt%2B0%3D%7C&c1=0n2XosTo5cliKCnvh9OE5jqZHIJlQ7xgp7yhsEndoSQWtCdBOgT7K4ozbUym4LQBP0pW1DkPG3cqCrmCt---Av6Kjbuz6oDarG3WZ1PjBDpweLK-UsMlDvClDVsbgNGYem2l2F_Zskv2jxgp958pnROz25-dhZto5ES6GUwDdN1NN468diB8wZkUxgu4NZJv0jhS5zWR-jifqd_h4qubI-aNOCkx8vJ8jDe8NZeskPl1Vzt878HaV_cxKr37z9foYp8GTUczxfiGnpa18Vrb0YjPHOEu4u31-h4gjGIM1kei-gMEI1B9fOtTq2pyfOcxX3QK8Cha2n2RBRW_nIelCNVqv_O4LxsYoMA3tlMnJJtL0Eqpp8_ET-G6WtcoQRLp2hwab92Nksh44X41vzVkb_Co8sNaVsBq_zWmd1WNB6dLFZzgQzoCbclDA-K-KhO05MTBbCYOVdK5bCnBImlbV_E1QYVyBxNZ3BXpXGMcxP_H3HacJBXgmyTZOGccHkPGm45G7OGQMmVFxZQAgY3I1EXkftfu-bJKJULQca4dI2a48XmYtEntGlT16FpvR0GqJJOC5L4idxo2osmqwlbdv7YQ1swa3N7Jqg_mTJX9n7tkAF_u6qYl8IlNjZ3ZNx92RTH7M5mtdkJprgyovPWCLg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCED5Of_RSY-jVC4yCjMwP1qGpgAWY_NGxXKqEzOSFAcCNtwEQASAAYKWAgICQAYIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQJAHLB2MyylPuACAKgDAaoEzgJP0FQDYputrVq4mBZC85-yElHjyZS2Jg_7LUTvNGHz-3e9_X4AvWIcWcJ3q-pUyk_FZVRdqw9dTIk_uop2frxQBb8_eNeQaa5uI2LtPq6G1hn684b6CvwKVFmGPHn7xcEa_YbonbbK3OLxSPPjI0YNcKMvkOQqfjwHOH9FNeKXo8RYxlMGNUbpWVqruBJibqFt8AF_TgXmqnLQLEAlES7u22sviP_I3arpqvn0qvyQu97lMsk2h0gdrkLIcjH4tnb7i6c8m-Hesp10qUtZ6h8lxeG8AmerimzhAjWGi1pgwc8lk6dHjERr0V0MKRsA8EsEwztjmVyoUGzoBkxzVUkZEUe_uQUSMhJkrYvoi954WJ_sZdrM5u7XU7k-o_lKoJCNpPtyx7w58l2Vq3sbwbNjigiO_KpWPiHzMOCzeRPO9_B-S3v12Z96l_bF_XVl4AQBgAbumczxoPKew5QBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_09LmVbMVdAq-eVz3MUJsrAaekHTw%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.142 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 21 Oct 2022 19:35:29 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
usermatch
ssum-sec.casalemedia.com/ Frame 647C 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c0c3b890c117f1c6daf08c5acb2460f8bc1de83f9dec7e869c9ecfa7de415436

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
75dc6fd09bb4aaef-SYD
content-encoding
br
content-type
text/html
date
Fri, 21 Oct 2022 19:35:30 GMT
expires
0
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
server
cloudflare
vary
Accept-Encoding
activeview
pagead2.googlesyndication.com/pcs/ Frame EC58 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvn4c3RJOlcwCr0W3U7wV5dfDlfl5bjq4TODHVuJy4zWYY-NyUNK42NiwYIwUV1NerINt5aelyp9SOiZzhVyb3kYFxKZmMkHAak6mnLIbd_5LxrvkWsGhW_l6BJZbI5_AaID3QDLiT2WENB8-xPgh3OJ759_gSv0tCfT5du6FZ9pAejxmGF3v0jInYjBVXDDlziPjx1uj0ACdRnnizXePglVuy9xrm2-94H2fNzBdysmUL4UPDi9Gq7JDQa09dJmx7yPy9SB3ElmA7qssGs-WvNAkOogKzGB1C_lQ4cRUKg15IisF8V5sLl7M8sALxCSv5JRSTbF-c-zLiRrGpbAHFtOrI30bkx0sMNKX1eYMceYThn5W0uvC2PBrBmmz6S_p_oWEedac8vBXk4ixL1OGZ-lD-IxSpfMM1Y2AeXQ-9lF2XD4sKKaCakrRtbJLuVYd3Zs3FA59MBl9i2uCfeNkfkgvX3Gqz81eVBGgYR5P_Z6bzSXW_0rhM-4iwq8twya7kZYxcFDGHSTavxZHeEJPVskiehdGcsoMFEZcDWqitlUaTAiqBXrLIuUN7ZjG-3Izyei6VEMqHGhVi8l_vvElqPq1odG3z0B0cj_WAfgK9642Lhxp2IHTyUQJw7DyY9s-qqoabzAg12I78k69MNkMjgJ1QJ3yunE-AR6_Yu_4sPVfVrXCyCMsv3jIlQfILZ9-hZZOQATOiNglSOKfzO_cSSq9x1CQZFks0cprAQUxwCJpM90kUbdZoGcNh4xxw5yhpIozeRr66Zhbqvu_Dt5yRu8XRv7cc1YZlIX6K8JjYydPg9o3DSsvFqjGYoodMMO9QsUVCVTH3oIdo1NTFNXMPHKlwwdT0prVH_LIRoc0yd3daRdD4PU56krIt6Z5SsqYcpS2c7hUEOC63uMUTOCcfBERTap6M0x4AMKXgk5UC526L00XVXZTeCzxQ6ILw0-uftHK4sLVhwKO0XTXhF8d2kubPFJ5i6cY71nSQQdMq3t6eR_-V5hEvumpVONxBpfBnqTbYi1lV7MzdTpgmubD0A85eu-PU2oNg-mO9SPHeLQOf2oY8Nh0qIiY-v_KQtcXRWaMblIitAt_UnkmKIka6s6WpdF5W6E_kJ2_RjNRlahDtdAOnop5mPZHJw-Le-EZ33kWb1Up1Mjjr9M1fn4684Ir_sZgX-Xhs_Fd2Ti8hxDt2bLpvETunTA-LuTKbwxgsbwBX6TT9r6v7asIONJfgnYxv-NFmrYdR5dqi1wS7X1Hkxyuh5PvbhrMetUZ4kolvvLLQrCSO0WyNq8k8JHMbsADSjZy1uq7c-qsnh4B6Hfzmje0NaoSHI4as4DHgGf5Ed0ufoSrJqwVSH3J4t_yTfpmrmyfLH02yd4A&sai=AMfl-YTDngSvj4o7vUslaPYfGO4YDH3Kyfoaql5s8a7_lwJkGBjbXdOFMPjS1tbJBxBZQeTlcJd6lEH0AEx9lq69wMP9CisLHFPmR2uVPF3NXCfO-9s4Ho2ueo-mqnmZ3ZitC2OT14W-8_M06fg&sig=Cg0ArKJSzJrUYqnH7kLbEAE&cid=CAQSOwDq26N9an9sLa9IdXpRgzeOlSS34DTtENQD4yGJH65o10pSS5bIPgdw5zemAmtep7bcbnJxtijx-Yh6GAEgDg&id=lidar2&mcvt=1006&p=1110,436,1200,1164&mtos=1006,1006,1006,1006,1006&tos=1006,0,0,0,0&v=20221019&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2857874404&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1666380927701&rpt=1939&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://4d6f72d0e14a2586548118fd7cc8457d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:35:30 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
postback
s.acexedge.com/2/2.74.0/tm75/AZY6VocQDAJ1Vzw4/ Frame 48C1 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.acexedge.com/2/2.74.0/tm75/AZY6VocQDAJ1Vzw4/postback?ac=723720&pc=2577838&ai=4118211376&dm=15&cb=4432968218687010311&c2=3&ci=tm75&di=www.bg3.co&si=833209&ti=2033177727147589838.3843878600110830905&r6=c1fecd6e4d9bf169bf4d89f8acccee5d&dt=2926111444050714666007&ap=&pp=89500&sr=11901&md=DISPLAY&account_id=461428&ui=&sid=AZY6VocQDAJ1Vzw4&oz_sc=570da8e090e2e02975a217b9&oz_df=1666380930656&oz_l=6693&cv=3
Requested by
Host: s.acexedge.com
URL: https://s.acexedge.com/2/2.74.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
3.0.26.188 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-0-26-188.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 21 Oct 2022 19:35:30 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
e8de32ad-9784-446e-87ab-c7fea635841a
https://www.bg3.co/ Frame 48C1 		787 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.bg3.co/e8de32ad-9784-446e-87ab-c7fea635841a
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-jun-xin-yi-pi-sheng-chang-qi-ban-fei-xing-xue-yuan-jie-ye-you-ge-xin-tu-po.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
afffebb4ed94399b92676dae5e14a2ab78f32eecf05c101bede2883b45291d53

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
787
xuid
eb2.3lift.com/ Frame 23EB
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3658&xuid=18e01040-c1b4-4d65-84d0-2effa943fb60&dongle=0cfd
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3658&xuid=18e01040-c1b4-4d65-84d0-2effa943fb60&dongle=0cfd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
date
Fri, 21 Oct 2022 19:35:30 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:35:30 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://eb2.3lift.com/xuid?mid=3658&xuid=18e01040-c1b4-4d65-84d0-2effa943fb60&dongle=0cfd
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
209
ebda
eb2.3lift.com/ Frame 23EB
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTEwMzg0OTYzNzQ3NzUxMTU5MDI4Ng%3D%3D
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:35:31 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:35:31 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
248
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 23EB
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEOf8Qxehqd4omb6UFJ1NnUQ&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEOf8Qxehqd4omb6UFJ1NnUQ&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
date
Fri, 21 Oct 2022 19:35:31 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:35:30 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEOf8Qxehqd4omb6UFJ1NnUQ&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 23EB
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTEwMzg0OTYzNzQ3NzUxMTU5MDI4Ng%3D%3D
170 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTEwMzg0OTYzNzQ3NzUxMTU5MDI4Ng%3D%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H3
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:35:31 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTEwMzg0OTYzNzQ3NzUxMTU5MDI4Ng%3D%3D
date
Fri, 21 Oct 2022 19:35:30 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
p.adsymptotic.com/d/px/ Frame 23EB
Redirect Chain
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=1103849637477511590286&dbredirect=true&gdpr=0&consent=
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=1103849637477511590286&dbredirect=true&gdpr=0&consent=&cookiesTest=true
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=1ef10a9a-6e67-40fa-99a6-adfd9b5b43cb&_noobservation=1
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=1ef10a9a-6e67-40fa-99a6-adfd9b5b43cb&_noobservation=1&_expected_cookie=246249e...
43 B
141 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=1ef10a9a-6e67-40fa-99a6-adfd9b5b43cb&_noobservation=1&_expected_cookie=246249ede5fb092356201cc70cbf4e61
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
104.18.100.194 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p
CP='NON DSP COR CONi OUR BUS CNT'
date
Fri, 21 Oct 2022 19:35:31 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
75dc6fd7b8e0aac9-SYD
content-length
43
content-type
image/gif

Redirect headers

location
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=1ef10a9a-6e67-40fa-99a6-adfd9b5b43cb&_noobservation=1&_expected_cookie=246249ede5fb092356201cc70cbf4e61
date
Fri, 21 Oct 2022 19:35:31 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
75dc6fd67833aac9-SYD
content-length
0
xuid
eb2.3lift.com/ Frame 23EB
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=1103849637477511590286&gdpr=0&gdpr_consent=
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=f3e7e15b-a54b-4eeb-9c9c-28c584368c9a&ssp=triplelift
  • https://eb2.3lift.com/xuid?mid=2409&xuid=e8e30d2f-61ec-4802-a103-57a098722b8a&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2409&xuid=e8e30d2f-61ec-4802-a103-57a098722b8a&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
date
Fri, 21 Oct 2022 19:35:32 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
//eb2.3lift.com/xuid?mid=2409&xuid=e8e30d2f-61ec-4802-a103-57a098722b8a&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Date
Fri, 21 Oct 2022 19:35:32 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
xuid
eb2.3lift.com/ Frame 23EB
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/1103849637477511590286?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-K.0ZxzJE2oSsstXM_e_lFyHMrgbBa8kxOlmdIKtr4A--~A&dongle=0883
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-K.0ZxzJE2oSsstXM_e_lFyHMrgbBa8kxOlmdIKtr4A--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
date
Fri, 21 Oct 2022 19:35:31 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Fri, 21 Oct 2022 19:35:31 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-K.0ZxzJE2oSsstXM_e_lFyHMrgbBa8kxOlmdIKtr4A--~A&dongle=0883
content-length
0
iu3
s.amazon-adsystem.com/ Frame 23EB
Redirect Chain
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=1103849637477511590286
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=1103849637477511590286&dcc=t
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=1103849637477511590286&dcc=t
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
HTTP/1.1
Server
52.46.143.56 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
Date
Fri, 21 Oct 2022 19:35:31 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
GW0R5CP68S9C79E9KZNM
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=1103849637477511590286&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
c.gif
c.bing.com/ Frame 23EB 		42 B
668 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=1103849637477511590286&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.21.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:35:30 GMT
last-modified
Thu, 13 Oct 2022 15:58:17 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: ACD52C3719FF48D6B12AE5A372762E57 Ref B: SYD03EDGE1416 Ref C: 2022-10-21T19:35:31Z
etag
"e997be9b1cdfd81:0"
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-type
image/gif
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42
xuid
eb2.3lift.com/ Frame 23EB
Redirect Chain
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent=
  • https://stags.bluekai.com/site/23178?id=rlRpjlEWpIGUQPTZSCP0&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLE...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5OJWFE4DKNRCVO...
  • https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=rlRpjlEWpIGUQPTZSCP0
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=rlRpjlEWpIGUQPTZSCP0
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
date
Fri, 21 Oct 2022 19:35:32 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma
no-cache
Date
Fri, 21 Oct 2022 19:35:32 GMT
Content-Type
text/html; charset=utf-8
Location
https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=rlRpjlEWpIGUQPTZSCP0
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
115
Expires
Thu, 01 Dec 1994 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 647C
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=18e01040-c1b4-4d65-84d0-2effa943fb60&expiration=1668972930&gdpr=0&gdpr_consent=
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=18e01040-c1b4-4d65-84d0-2effa943fb60&expiration=1668972930&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 21 Oct 2022 19:35:31 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:35:30 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=18e01040-c1b4-4d65-84d0-2effa943fb60&expiration=1668972930&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
323
usermatchredir
ssum-sec.casalemedia.com/ Frame 647C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y1L0firY8LwSZ3dE2ufZVAAAEk4AAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEL5G5H_bZHXIgbcwuAeoCuE&google_cver=1
43 B
594 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEL5G5H_bZHXIgbcwuAeoCuE&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:35:31 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
75dc6fd3ee14dfb3-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:35:30 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEL5G5H_bZHXIgbcwuAeoCuE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 647C
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y1L0firY8LwSZ3dE2ufZVAAAEk4AAAIB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y1L0firY8LwSZ3dE2ufZVAAAEk4AAAIB&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y1L0firY8LwSZ3dE2ufZVAAAEk4AAAIB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
52.46.143.56 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 21 Oct 2022 19:35:32 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
3CYANT7J9RCGGMBRR71R
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 21 Oct 2022 19:35:31 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
4RC5VFPMHRDPP2D000GQ
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y1L0firY8LwSZ3dE2ufZVAAAEk4AAAIB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Y1L0firY8LwSZ3dE2ufZVAAAEk4AAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 647C 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y1L0firY8LwSZ3dE2ufZVAAAEk4AAAIB?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.74.172.143 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-74-172-143.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:35:31 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
crum
dsum-sec.casalemedia.com/ Frame 647C
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie
  • https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AABvH07GpekAACJP-GsyHg&expiration=1667590531
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AABvH07GpekAACJP-GsyHg&expiration=1667590531
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 21 Oct 2022 19:35:32 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AABvH07GpekAACJP-GsyHg&expiration=1667590531
Date
Fri, 21 Oct 2022 19:35:31 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
rum
dsum-sec.casalemedia.com/ Frame 647C
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y1L0fwAAAMvh4wAK
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y1L0fwAAAMvh4wAK
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 21 Oct 2022 19:35:31 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

x-served-by
cache-syd10151-SYD
pragma
no-cache
date
Fri, 21 Oct 2022 19:35:30 GMT
via
1.1 varnish
server
Varnish
x-timer
S1666380931.889907,VS0,VE0
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y1L0fwAAAMvh4wAK
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
rum
dsum-sec.casalemedia.com/ Frame 647C
Redirect Chain
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=B-wsdFfrLiAc5n8gAes0fwHqeyAcvCAkCO_07lyx
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=B-wsdFfrLiAc5n8gAes0fwHqeyAcvCAkCO_07lyx
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 21 Oct 2022 19:35:31 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:35:30 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=B-wsdFfrLiAc5n8gAes0fwHqeyAcvCAkCO_07lyx
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
demconf.jpg
dpm.demdex.net/ Frame 647C
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=Y1L0firY8LwSZ3dE2ufZVAAA%264686?gdpr_consent=&us_privacy=&gdpr=
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=Y1L0firY8LwSZ3dE2ufZVAAA%264686
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=Y1L0firY8LwSZ3dE2ufZVAAA%264686
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
54.148.107.193 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS
dcs-prod-usw2-2-v040-0fa47c67c.edge-usw2.demdex.com 4 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
ahfMuGZ/TTg=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-usw2-1-v040-01d3be116.edge-usw2.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
XeuquPB8QW4=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=Y1L0firY8LwSZ3dE2ufZVAAA%264686
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
htw-pixel.gif
cdn.indexww.com/ht/ Frame 647C 		43 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?Y1L0firY8LwSZ3dE2ufZVAAA%264686
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.13.76 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:35:31 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
75912
etag
"902a3d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
75dc6fd36ea2a81a-SYD
content-length
43
expires
Sat, 22 Oct 2022 19:35:31 GMT
async_usersync
ib.adnxs.com/ Frame 1A0E 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.151.120 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
908.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 21 Oct 2022 19:35:31 GMT
AN-X-Request-Uuid
4ebc447d-6994-48be-a9b0-7208adf168bc
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
173.245.209.130; 173.245.209.130; 908.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
postback
s.acexedge.com/2/2.74.0/tm75/AZY6VocQDAJ1Vzw4/ Frame 48C1 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.acexedge.com/2/2.74.0/tm75/AZY6VocQDAJ1Vzw4/postback?ac=723720&pc=2577838&ai=4118211376&dm=15&cb=4432968218687010311&c2=3&ci=tm75&di=www.bg3.co&si=833209&ti=2033177727147589838.3843878600110830905&r6=c1fecd6e4d9bf169bf4d89f8acccee5d&dt=2926111444050714666007&ap=&pp=89500&sr=11901&md=DISPLAY&account_id=461428&ui=&sid=AZY6VocQDAJ1Vzw4&oz_sc=570da8e090e2e02975a217b9&oz_df=1666380930880&oz_l=8770&cv=3
Requested by
Host: s.acexedge.com
URL: https://s.acexedge.com/2/2.74.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
3.0.26.188 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-0-26-188.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 21 Oct 2022 19:35:30 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
sync
gum.criteo.com/ Frame 1B05 		61 B
301 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?r=2&c=321&gdpr=0&gdpr_pd=0&gdpr_consent=&us_privacy=&j=window.advBidxc.mnetRtusId
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
f77f47058428a1c21dad5a75ac13fbfdeb9858947218fee2112fded5972a0b5d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:35:30 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
483188
expires
60
usync.html
eus.rubiconproject.com/ Frame 497B
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=medianet
  • https://eus.rubiconproject.com/usync.html?p=medianet
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=medianet
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.9.185.218 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-9-185-218.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 21 Oct 2022 19:35:31 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Fri, 21 Oct 2022 19:35:31 GMT
location
https://eus.rubiconproject.com/usync.html?p=medianet
server
AkamaiGHost
cksync.html
contextual.media.net/ Frame D705
Redirect Chain
  • https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3093825276832204000V10%26type%3Drkt%26refUrl%3D%26vid%3D638093093130938252768322040...
  • https://contextual.media.net/cksync.html?cs=8&vsid=3093825276832204000V10&type=rkt&refUrl=&vid=63809309313093825276832204000V10&ovsid=1976306189845025023
219 B
651 B 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/cksync.html?cs=8&vsid=3093825276832204000V10&type=rkt&refUrl=&vid=63809309313093825276832204000V10&ovsid=1976306189845025023
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.195.152.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
85af3052d288ffd9157258dfe4daf5309f0b64d0067ab8221cd0c62909c18419
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-length
219
content-type
text/html;charset=UTF-8
date
Fri, 21 Oct 2022 19:35:32 GMT
expires
Fri, 21 Oct 2022 19:35:32 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
pragma
no-cache
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E

Redirect headers

Content-Length
0
Date
Fri, 21 Oct 2022 19:35:31 GMT
Location
https://contextual.media.net/cksync.html?cs=8&vsid=3093825276832204000V10&type=rkt&refUrl=&vid=63809309313093825276832204000V10&ovsid=1976306189845025023
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.3.29.v20201019)
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 082E 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3093825276832204000V10%26type%3Dpba%26refUrl%3D%26vid%3D63809309313093825276832204000V10%26ovsid%3DPM_UID
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.44.0.196 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-44-0-196.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=113588
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Fri, 21 Oct 2022 19:35:31 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Sun, 23 Oct 2022 03:08:39 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
unused62
8096267
vary
Accept-Encoding
cksync.php
contextual.media.net/ Frame 1B05
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3093825276832204000V10%26type%3Dapx%26refUrl%3D%26vid%3D63809309313093825276832204000V10%26ovsid%3D%24UID
  • https://contextual.media.net/cksync.php?cs=8&vsid=3093825276832204000V10&type=apx&refUrl=&vid=63809309313093825276832204000V10&ovsid=7501827152657204586
45 B
452 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3093825276832204000V10&type=apx&refUrl=&vid=63809309313093825276832204000V10&ovsid=7501827152657204586
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.195.152.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Fri, 21 Oct 2022 19:35:31 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Fri, 21 Oct 2022 19:35:31 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 21 Oct 2022 19:35:31 GMT
AN-X-Request-Uuid
ea635706-57d2-466e-9e27-c3b41cffb873
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://contextual.media.net/cksync.php?cs=8&vsid=3093825276832204000V10&type=apx&refUrl=&vid=63809309313093825276832204000V10&ovsid=7501827152657204586
Connection
keep-alive
X-Proxy-Origin
173.245.209.130; 173.245.209.130; 908.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cksync.html
contextual.media.net/ Frame 1B05
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3093825276832204...
  • https://contextual.media.net/cksync.html?cs=8&vsid=3093825276832204000V10&type=opx&refUrl=&vid=63809309313093825276832204000V10&ovsid=8b483c0b-b3bd-46ec-91c0-8c64dbe7982d
219 B
219 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.html?cs=8&vsid=3093825276832204000V10&type=opx&refUrl=&vid=63809309313093825276832204000V10&ovsid=8b483c0b-b3bd-46ec-91c0-8c64dbe7982d
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.195.152.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Fri, 21 Oct 2022 19:35:31 GMT
server
Apache
vary
Accept-Encoding
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
text/html;charset=UTF-8
cache-control
max-age=0, no-cache, no-store
content-length
219
x-mnet-hl2
E
expires
Fri, 21 Oct 2022 19:35:31 GMT

Redirect headers

date
Fri, 21 Oct 2022 19:35:31 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://contextual.media.net/cksync.html?cs=8&vsid=3093825276832204000V10&type=opx&refUrl=&vid=63809309313093825276832204000V10&ovsid=8b483c0b-b3bd-46ec-91c0-8c64dbe7982d
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cksync.php
contextual.media.net/ Frame 1B05
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=64&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3093825276832204000V10%26type%3Dmma%26refUrl%3D%26vid%3D638093093130938252768322...
  • https://contextual.media.net/cksync.php?cs=8&vsid=3093825276832204000V10&type=mma&refUrl=&vid=63809309313093825276832204000V10&ovsid=c2dc6352-f481-4700-a9d3-3ff400100b3b
45 B
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3093825276832204000V10&type=mma&refUrl=&vid=63809309313093825276832204000V10&ovsid=c2dc6352-f481-4700-a9d3-3ff400100b3b
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.195.152.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Fri, 21 Oct 2022 19:35:31 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Fri, 21 Oct 2022 19:35:31 GMT

Redirect headers

Date
Fri, 21 Oct 2022 19:35:31 GMT
Server
MT3 4539 98cc2da master nrt-pixel-x15 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://contextual.media.net/cksync.php?cs=8&vsid=3093825276832204000V10&type=mma&refUrl=&vid=63809309313093825276832204000V10&ovsid=c2dc6352-f481-4700-a9d3-3ff400100b3b
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 21 Oct 2022 19:35:30 GMT
cksync.php
contextual.media.net/ Frame 1B05
Redirect Chain
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3093825276832204000V10%26type%3Dr1%26refUrl%3D%26vid%3D63809309313093825276...
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&zcc=1&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3093825276832204000V10%26type%3Dr1%26refUrl%3D%26vid%3D63809309313093...
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1510323250
  • https://sync.1rx.io/usersync/tradedesk/18e01040-c1b4-4d65-84d0-2effa943fb60
  • https://sync.targeting.unrulymedia.com/csync/RX-a8b9b933-ce2c-46f4-ac41-fa365bd7ab5c-004?redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3093825276832204000V10%26type%3Dr1%2...
  • https://contextual.media.net/cksync.php?cs=8&vsid=3093825276832204000V10&type=r1&refUrl=&vid=63809309313093825276832204000V10&ovsid=RX-a8b9b933-ce2c-46f4-ac41-fa365bd7ab5c-004
45 B
470 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3093825276832204000V10&type=r1&refUrl=&vid=63809309313093825276832204000V10&ovsid=RX-a8b9b933-ce2c-46f4-ac41-fa365bd7ab5c-004
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.195.152.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Fri, 21 Oct 2022 19:35:32 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Fri, 21 Oct 2022 19:35:32 GMT

Redirect headers

location
https://contextual.media.net/cksync.php?cs=8&vsid=3093825276832204000V10&type=r1&refUrl=&vid=63809309313093825276832204000V10&ovsid=RX-a8b9b933-ce2c-46f4-ac41-fa365bd7ab5c-004
date
Fri, 21 Oct 2022 19:35:32 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXa8b9b933ce2c46f4ac41fa365bd7ab5c004
content-type
text/html
cksync.php
contextual.media.net/ Frame 1B05
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3093825276832204000V10%26type%3Ddxu%26refUrl%3D%26vid%3D63809309313093825276832...
  • https://contextual.media.net/cksync.php?cs=8&vsid=3093825276832204000V10&type=dxu&refUrl=&vid=63809309313093825276832204000V10&ovsid=KllpDhQH1OLXNL5
45 B
452 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3093825276832204000V10&type=dxu&refUrl=&vid=63809309313093825276832204000V10&ovsid=KllpDhQH1OLXNL5
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.195.152.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Fri, 21 Oct 2022 19:35:31 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Fri, 21 Oct 2022 19:35:31 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 21 Oct 2022 19:35:30 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/5502e06#5502e06d7dbe3c52c9a5559e1550ac262fba6e07 i-0e7176c532edf503a@ap-southeast-1a@dxedge-app-ap-southeast-1-prod-asg
Location
https://contextual.media.net/cksync.php?cs=8&vsid=3093825276832204000V10&type=dxu&refUrl=&vid=63809309313093825276832204000V10&ovsid=KllpDhQH1OLXNL5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
usersync.aspx
dis.criteo.com/dis/ Frame 1B05 		43 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=115&p=259&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.146 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:35:31 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
242509
expires
Fri, 21 Oct 2022 00:00:00 GMT
bidswitch
event.clientgear.com/gogocookie/ Frame 1B05
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1
  • https://event.clientgear.com/cookie/bidswitch?partner=bidswitch&bidswitch_ssp_id=medianet&bsw_custom_parameter=e8e30d2f-61ec-4802-a103-57a098722b8a
  • https://event.clientgear.com/gogocookie/bidswitch?partner=bidswitch&bidswitch_ssp_id=medianet&bsw_custom_parameter=e8e30d2f-61ec-4802-a103-57a098722b8a
0
105 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://event.clientgear.com/gogocookie/bidswitch?partner=bidswitch&bidswitch_ssp_id=medianet&bsw_custom_parameter=e8e30d2f-61ec-4802-a103-57a098722b8a
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
47.252.78.131 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:35:32 GMT
content-length
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers

Redirect headers

location
https://event.clientgear.com/gogocookie/bidswitch?partner=bidswitch&bidswitch_ssp_id=medianet&bsw_custom_parameter=e8e30d2f-61ec-4802-a103-57a098722b8a
date
Fri, 21 Oct 2022 19:35:32 GMT
content-length
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
cksync.php
contextual.media.net/ Frame 1B05
Redirect Chain
  • https://b1sync.zemanta.com/usersync/medianet/?cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3093825276832204000V10%26type%3Dzem%26refUrl%3D%26vid%3D63809309313093825276832204...
  • https://stags.bluekai.com/site/23178?id=rlRpjlEWpIGUQPTZSCP0&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TD...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPLSNRJHA2TMIVLXASKHKVIVAVC2KNBVA...
  • https://contextual.media.net/cksync.php?cs=8&ovsid=rlRpjlEWpIGUQPTZSCP0&refUrl=&type=zem&vid=63809309313093825276832204000V10&vsid=3093825276832204000V10
45 B
456 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&ovsid=rlRpjlEWpIGUQPTZSCP0&refUrl=&type=zem&vid=63809309313093825276832204000V10&vsid=3093825276832204000V10
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.195.152.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Fri, 21 Oct 2022 19:35:32 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Fri, 21 Oct 2022 19:35:32 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 21 Oct 2022 19:35:32 GMT
Content-Type
text/html; charset=utf-8
Location
https://contextual.media.net/cksync.php?cs=8&ovsid=rlRpjlEWpIGUQPTZSCP0&refUrl=&type=zem&vid=63809309313093825276832204000V10&vsid=3093825276832204000V10
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
196
Expires
Thu, 01 Dec 1994 16:00:00 GMT
cksync.php
contextual.media.net/ Frame 1B05
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=3093825276832204000V10
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=medianet&ssp_user_id=3093825276832204000V10
  • https://contextual.media.net/cksync.php?type=mf&ovsid=12139009-7b06-47ad-9e17-46e42eaf44f9&cs=1
45 B
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?type=mf&ovsid=12139009-7b06-47ad-9e17-46e42eaf44f9&cs=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.195.152.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Fri, 21 Oct 2022 19:35:33 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Fri, 21 Oct 2022 19:35:33 GMT

Redirect headers

Location
//contextual.media.net/cksync.php?type=mf&ovsid=12139009-7b06-47ad-9e17-46e42eaf44f9&cs=1
Date
Fri, 21 Oct 2022 19:35:32 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
um
cs.emxdgt.com/ Frame 1B05 		0
67 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.emxdgt.com/um?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3093825276832204000V10%26type%3Demx%26refUrl%3D%26vid%3D63809309313093825276832204000V10%26ovsid%3D%24UID
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.236.45.231 -, , ASN (),
Reverse DNS
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:35:31 GMT
server
awselb/2.0
content-length
0
content-type
text/plain; charset=utf-8
cksync
cs.media.net/ Frame 1B05
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=18e01040-c1b4-4d65-84d0-2effa943fb60
45 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=18e01040-c1b4-4d65-84d0-2effa943fb60
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Server
23.36.252.26 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-252-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 21 Oct 2022 19:35:31 GMT
Server
Apache
P3P
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
45
X-MNET-HL2
E
Expires
Fri, 21 Oct 2022 19:35:31 GMT

Redirect headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:35:31 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=18e01040-c1b4-4d65-84d0-2effa943fb60
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
199
usync.js
eus.rubiconproject.com/ Frame 6117 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.9.185.218 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-9-185-218.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
130b4d0812750a442bf7117e25dc3a72be8829b2af22c71707bf55885de688a8

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 21 Oct 2022 19:35:31 GMT
Content-Encoding
gzip
Last-Modified
Mon, 17 Oct 2022 18:37:59 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=21102
Connection
keep-alive
Content-Length
9455
Expires
Sat, 22 Oct 2022 01:27:13 GMT
postback
s.acexedge.com/2/2.74.0/tm75/AZY6VocQDAJ1Vzw4/ Frame 48C1 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.acexedge.com/2/2.74.0/tm75/AZY6VocQDAJ1Vzw4/postback?ac=723720&pc=2577838&ai=4118211376&dm=15&cb=4432968218687010311&c2=3&ci=tm75&di=www.bg3.co&si=833209&ti=2033177727147589838.3843878600110830905&r6=c1fecd6e4d9bf169bf4d89f8acccee5d&dt=2926111444050714666007&ap=&pp=89500&sr=11901&md=DISPLAY&account_id=461428&ui=&sid=AZY6VocQDAJ1Vzw4&oz_sc=570da8e090e2e02975a217b9&oz_df=1666380931141&oz_l=985&cv=3
Requested by
Host: s.acexedge.com
URL: https://s.acexedge.com/2/2.74.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
3.0.26.188 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-0-26-188.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 21 Oct 2022 19:35:31 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 295F 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.44.0.196 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-44-0-196.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=113588
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Fri, 21 Oct 2022 19:35:31 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Sun, 23 Oct 2022 03:08:39 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
unused62
8096267
vary
Accept-Encoding
13926
g2.gumgum.com/usync/ Frame 9009 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.193.151.12 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
54321d1899ee7921dfc4f3f4b89751295f9089a080007f009081478a3413b23a

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Fri, 21 Oct 2022 19:35:31 GMT
etag
W/"027b2103d3d55f124a7a9ab4249b6cd28"
server
nginx
timing-allow-origin
*
/
onetag-sys.com/usync/ Frame BCB9 		2 KB
863 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.79.234.101 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-51-79-234.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
sync
ssbsync.smartadserver.com/api/ Frame D97C 		566 B
668 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.106.127.165 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
104ab4adfb4098c24c15cd9110b67074fe37ca7cb7407c352faa564fc384977e

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

content-length
566
content-type
text/html
date
Fri, 21 Oct 2022 19:35:30 GMT
usermatch
ssum-sec.casalemedia.com/ Frame B03F 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e4129386a8f5495ea4feea76fd73a07f0bb79bdabe8249fb3478d88d9d0e412

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
75dc6fd49e84dfb3-SYD
content-encoding
br
content-type
text/html
date
Fri, 21 Oct 2022 19:35:31 GMT
expires
0
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 2E7C
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.9.185.218 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-9-185-218.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 21 Oct 2022 19:35:31 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Fri, 21 Oct 2022 19:35:31 GMT
location
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
server
AkamaiGHost
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 6C6C 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.44.0.196 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-44-0-196.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=113588
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Fri, 21 Oct 2022 19:35:31 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Sun, 23 Oct 2022 03:08:39 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
unused62
8096267
vary
Accept-Encoding
setuid
x.yieldlift.com/ Frame CA82
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=13702&gdpr=0&gdpr_consent=&us_privacy=1YN-&
  • https://x.yieldlift.com/setuid?bidder=rubicon&uid=L9IW6FUB-20-2PMU&gdpr=0&us_privacy=1YN-
0
189 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.yieldlift.com/setuid?bidder=rubicon&uid=L9IW6FUB-20-2PMU&gdpr=0&us_privacy=1YN-
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
138.197.50.103 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:35:32 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-length
0
vary
Origin

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://x.yieldlift.com/setuid?bidder=rubicon&uid=L9IW6FUB-20-2PMU&gdpr=0&us_privacy=1YN-
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
030b4ddd4a4f3e9891a065664f20c4bb
Expires
0
sync
ads.servenobid.com/ Frame CA82
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID
  • https://ads.servenobid.com/sync?pid=312&uid=7501827152657204586
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=312&uid=7501827152657204586
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.73.238.20 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-73-238-20.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:35:31 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
Date
Fri, 21 Oct 2022 19:35:31 GMT
AN-X-Request-Uuid
96a8a885-09b8-4784-9e14-b7030aa1d973
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://ads.servenobid.com/sync?pid=312&uid=7501827152657204586
Connection
keep-alive
X-Proxy-Origin
173.245.209.130; 173.245.209.130; 908.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ads.servenobid.com/ Frame CA82
Redirect Chain
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1
  • https://ads.servenobid.com/sync?pid=310&uid=FhQXCRZHLgQHpK1sSwOYRtmy
0
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=310&uid=FhQXCRZHLgQHpK1sSwOYRtmy
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.73.238.20 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-73-238-20.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:35:32 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
Date
Fri, 21 Oct 2022 19:35:32 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ads.servenobid.com/sync?pid=310&uid=FhQXCRZHLgQHpK1sSwOYRtmy
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2sfo1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
sync
ads.servenobid.com/ Frame CA82
Redirect Chain
  • https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID
  • https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID&sovrn_retry=true
  • https://ads.servenobid.com/sync?pid=310&uid=FhQXELZHNPf978mLShyWL_ks
0
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=310&uid=FhQXELZHNPf978mLShyWL_ks
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.73.238.20 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-73-238-20.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:35:32 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Date
Fri, 21 Oct 2022 19:35:32 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://ads.servenobid.com/sync?pid=310&uid=FhQXELZHNPf978mLShyWL_ks
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap4sfo1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
sync
ads.servenobid.com/ Frame CA82
Redirect Chain
  • https://x.yieldlift.com/getuid?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D314%26uid%3D%24UID
  • https://ads.servenobid.com/sync?pid=314&uid=05451b47-381e-4905-82a7-82f375d37a41
0
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=314&uid=05451b47-381e-4905-82a7-82f375d37a41
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.73.238.20 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-73-238-20.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:35:32 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=314&uid=05451b47-381e-4905-82a7-82f375d37a41
date
Fri, 21 Oct 2022 19:35:32 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-length
119
vary
Origin
content-type
text/html; charset=utf-8
cksync.php
contextual.media.net/ Frame CA82
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1666380931441
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3990119685
  • https://sync.1rx.io/usersync/tradedesk/18e01040-c1b4-4d65-84d0-2effa943fb60
  • https://sync.targeting.unrulymedia.com/csync/RX-a8b9b933-ce2c-46f4-ac41-fa365bd7ab5c-004?redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3093825276832204000V10%26type%3Dr1%2...
  • https://contextual.media.net/cksync.php?cs=8&vsid=3093825276832204000V10&type=r1&refUrl=&vid=63809309313093825276832204000V10&ovsid=RX-a8b9b933-ce2c-46f4-ac41-fa365bd7ab5c-004
45 B
470 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3093825276832204000V10&type=r1&refUrl=&vid=63809309313093825276832204000V10&ovsid=RX-a8b9b933-ce2c-46f4-ac41-fa365bd7ab5c-004
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
23.195.152.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Fri, 21 Oct 2022 19:35:32 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Fri, 21 Oct 2022 19:35:32 GMT

Redirect headers

location
https://contextual.media.net/cksync.php?cs=8&vsid=3093825276832204000V10&type=r1&refUrl=&vid=63809309313093825276832204000V10&ovsid=RX-a8b9b933-ce2c-46f4-ac41-fa365bd7ab5c-004
date
Fri, 21 Oct 2022 19:35:32 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXa8b9b933ce2c46f4ac41fa365bd7ab5c004
content-type
text/html
sync
ads.servenobid.com/ Frame CA82
Redirect Chain
  • https://p.rfihub.com/cm?pub=44007&in=1
  • https://ads.servenobid.com/sync?pid=324&uid=2018245962786263650
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=324&uid=2018245962786263650
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.73.238.20 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-73-238-20.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:35:32 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Location
https://ads.servenobid.com/sync?pid=324&uid=2018245962786263650
Date
Fri, 21 Oct 2022 19:35:32 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sync
ads.servenobid.com/ Frame CA82
Redirect Chain
  • https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D
  • https://ads.servenobid.com/sync?pid=332&uid=df706057-6329-4283-b6f7-4050a7e3cd51
0
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=332&uid=df706057-6329-4283-b6f7-4050a7e3cd51
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.73.238.20 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-73-238-20.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:35:34 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
Date
Fri, 21 Oct 2022 19:35:33 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-lax-1-5-78
Content-Type
text/plain; charset=utf8
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://ads.servenobid.com/sync?pid=332&uid=df706057-6329-4283-b6f7-4050a7e3cd51
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
3375
prebid.a-mo.net/cchain/1/ Frame CA82
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D
  • https://ssp.disqus.com/redirectuser?partner=adaptmx&gdpr=1&gdpr_consent=&us_privacy=1YN-&r=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%2F3375%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26A%3D3...
  • https://ce.lijit.com/merge?pid=279534&3pid=ua-b07ac557-c0e1-3731-a38b-3b3cfcfb4955&gdpr=0&gdpr_consent=&us_privacy=&location=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D12%26buyeruid%3D%5BSOVRN...
  • https://ssp.disqus.com/match?bidder=12&buyeruid=FhQXCRZHLgQHpK1sSwOYRtmy&r=Cid1YS1iMDdhYzU1Ny1jMGUxLTM3MzEtYTM4Yi0zYjNjZmNmYjQ5NTUq7AFodHRwczovL3ByZWJpZC5hLW1vLm5ldC9jY2hhaW4vMS8zMzc1P2dkcHI9MCZnZH...
  • https://sync.go.sonobi.com/us?gdpr=0&gdpr_consent=&us_privacy=&loc=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D18%26buyeruid%3D%5BUID%5D%26r%3DCid1YS1iMDdhYzU1Ny1jMGUxLTM3MzEtYTM4Yi0zYjNjZmNmYj...
  • https://ssp.disqus.com/match?bidder=18&buyeruid=20df790f-4995-4e4f-ab36-7295cf1a8301&r=Cid1YS1iMDdhYzU1Ny1jMGUxLTM3MzEtYTM4Yi0zYjNjZmNmYjQ5NTUq7AFodHRwczovL3ByZWJpZC5hLW1vLm5ldC9jY2hhaW4vMS8zMzc1P2...
  • https://prebid.a-mo.net/cchain/1/3375?gdpr=0&gdpr_consent=&us_privacy=1YN-&A=35547a94-3441-442f-9002-2b0d5ff75255&bidder=zeta&cbx=aHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%3D&uid=...
0
0
sync
ads.servenobid.com/ Frame CA82
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58559/occ
  • https://ads.servenobid.com/sync?pid=337&uid=y-c5fyyUdE2uEOxIbgqdveLPIxgfn3Pl14hvZy53I-~A
0
367 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=337&uid=y-c5fyyUdE2uEOxIbgqdveLPIxgfn3Pl14hvZy53I-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.73.238.20 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-73-238-20.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:35:31 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=337&uid=y-c5fyyUdE2uEOxIbgqdveLPIxgfn3Pl14hvZy53I-~A
date
Fri, 21 Oct 2022 19:35:31 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
cookie
cm.adform.net/ Frame CA82
Redirect Chain
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D6%26r%3DCid1YS1iMDdhYzU1Ny1jMGUxLTM3MzEtYTM4Yi0zYjNjZmNmYjQ5NTUqU2h0dHBzOi8vYWRz...
  • https://cm.adform.net/cookie?gdpr=1&gdpr_consent=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F5034%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26A%3D35547a94-3441-442f-9002-2b0d5ff75...
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/cookie?gdpr=1&gdpr_consent=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F5034%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26A%3D35547a94-3441-442f-9002-2b0d5ff75255%26bidder%3Dadform%26cbx%3DaHR0cHM6Ly9zc3AuZGlzcXVzLmNvbS9tYXRjaD9iaWRkZXI9NiZyPUNpZDFZUzFpTURkaFl6VTFOeTFqTUdVeExUTTNNekV0WVRNNFlpMHpZak5qWm1ObVlqUTVOVFVxVTJoMGRIQnpPaTh2WVdSekxuTmxjblpsYm05aWFXUXVZMjl0TDNONWJtTV9jR2xrUFRNME5pWjFhV1E5ZFdFdFlqQTNZV00xTlRjdFl6QmxNUzB6TnpNeExXRXpPR0l0TTJJelkyWmpabUkwT1RVMU1nRUdPQUU9JmJ1eWVydWlkPQ%253D%253D%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
37.157.6.253 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:35:34 GMT
server
nginx
content-length
43
content-type
image/gif

Redirect headers

location
https://cm.adform.net/cookie?gdpr=1&gdpr_consent=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F5034%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26A%3D35547a94-3441-442f-9002-2b0d5ff75255%26bidder%3Dadform%26cbx%3DaHR0cHM6Ly9zc3AuZGlzcXVzLmNvbS9tYXRjaD9iaWRkZXI9NiZyPUNpZDFZUzFpTURkaFl6VTFOeTFqTUdVeExUTTNNekV0WVRNNFlpMHpZak5qWm1ObVlqUTVOVFVxVTJoMGRIQnpPaTh2WVdSekxuTmxjblpsYm05aWFXUXVZMjl0TDNONWJtTV9jR2xrUFRNME5pWjFhV1E5ZFdFdFlqQTNZV00xTlRjdFl6QmxNUzB6TnpNeExXRXpPR0l0TTJJelkyWmpabUkwT1RVMU1nRUdPQUU9JmJ1eWVydWlkPQ%253D%253D%26uid%3D%24UID
date
Fri, 21 Oct 2022 19:35:32 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
2
server
envoy
content-length
0
sync
ads.servenobid.com/ Frame CA82
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58632/occ
  • https://ads.servenobid.com/sync?pid=339&uid=y-c5fyyUdE2uEOxIbgqdveLPIxgfn3Pl14hvZy53I-~A
0
367 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=339&uid=y-c5fyyUdE2uEOxIbgqdveLPIxgfn3Pl14hvZy53I-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.73.238.20 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-73-238-20.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:35:31 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=339&uid=y-c5fyyUdE2uEOxIbgqdveLPIxgfn3Pl14hvZy53I-~A
date
Fri, 21 Oct 2022 19:35:31 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame 6117
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YzgwNjQxZTQwMzk4MWU3ZmI4ODIxMWVhNjAyOWE0YTAwNWEwMDQ4OA
170 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YzgwNjQxZTQwMzk4MWU3ZmI4ODIxMWVhNjAyOWE0YTAwNWEwMDQ4OA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-jun-xin-yi-pi-sheng-chang-qi-ban-fei-xing-xue-yuan-jie-ye-you-ge-xin-tu-po.html
Protocol
H3
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:35:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YzgwNjQxZTQwMzk4MWU3ZmI4ODIxMWVhNjAyOWE0YTAwNWEwMDQ4OA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
f60a7260b0ebb7a40a81234af4a9e826
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
setuid
px.ads.linkedin.com/ Frame 6117
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L9IW6FUB-20-2PMU
0
143 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L9IW6FUB-20-2PMU
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-jun-xin-yi-pi-sheng-chang-qi-ban-fei-xing-xue-yuan-jie-ye-you-ge-xin-tu-po.html
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:35:32 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: C81D3439964241A5924E6A4ED770D993 Ref B: SYD03EDGE1617 Ref C: 2022-10-21T19:35:32Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXrkIuH18k9bzvVMO4AbQ==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L9IW6FUB-20-2PMU
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
6690dc791bf02dde8c4051a04cfd7bb8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 6117
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=18e01040-c1b4-4d65-84d0-2effa943fb60&gdpr=0&gdpr_consent=&expires=30
42 B
691 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=18e01040-c1b4-4d65-84d0-2effa943fb60&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-jun-xin-yi-pi-sheng-chang-qi-ban-fei-xing-xue-yuan-jie-ye-you-ge-xin-tu-po.html
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
0ed95c36ed1932be3ba76fc523a6e179
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:35:31 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=18e01040-c1b4-4d65-84d0-2effa943fb60&gdpr=0&gdpr_consent=&expires=30
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
289
ecm3
s.amazon-adsystem.com/ Frame 6117
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=DfCxBu6QTsGUk3OAgplEqg&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=DfCxBu6QTsGUk3OAgplEqg
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=DfCxBu6QTsGUk3OAgplEqg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-jun-xin-yi-pi-sheng-chang-qi-ban-fei-xing-xue-yuan-jie-ye-you-ge-xin-tu-po.html
Protocol
HTTP/1.1
Server
52.46.143.56 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 21 Oct 2022 19:35:32 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
JN02SA36TT530FYACQ2G
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=DfCxBu6QTsGUk3OAgplEqg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4b9b5fe4fdc8ed94e0f7cdc225df187a
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 6117
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlJVzZGVUItMjAtMlBNVQ==
170 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlJVzZGVUItMjAtMlBNVQ==
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-jun-xin-yi-pi-sheng-chang-qi-ban-fei-xing-xue-yuan-jie-ye-you-ge-xin-tu-po.html
Protocol
H3
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:35:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlJVzZGVUItMjAtMlBNVQ==
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
38ddff6a66d3988dfd0c6ea3be81c5f1
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 6117
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEChKtZHZaYkJy7P2Wgjs05g&google_cver=1
42 B
691 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEChKtZHZaYkJy7P2Wgjs05g&google_cver=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-jun-xin-yi-pi-sheng-chang-qi-ban-fei-xing-xue-yuan-jie-ye-you-ge-xin-tu-po.html
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
f60a7260b0ebb7a40a81234af4a9e826
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:35:31 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEChKtZHZaYkJy7P2Wgjs05g&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 6117
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/fWIbB3ZiRpCdwEBAWlyIl8n5EUdSAgOZEtemQ7w0kco?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=5263484574989854185
42 B
691 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=5263484574989854185
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-jun-xin-yi-pi-sheng-chang-qi-ban-fei-xing-xue-yuan-jie-ye-you-ge-xin-tu-po.html
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
808ed95536e7f55d8adbcb9fc76d309d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Fri, 21 Oct 2022 19:35:32 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=5263484574989854185
content-length
0
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 6117
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=CaBfaWD2RxivxA6KJY0rZA&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=CaBfaWD2RxivxA6KJY0rZA
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=CaBfaWD2RxivxA6KJY0rZA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-jun-xin-yi-pi-sheng-chang-qi-ban-fei-xing-xue-yuan-jie-ye-you-ge-xin-tu-po.html
Protocol
HTTP/1.1
Server
54.239.38.253 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 21 Oct 2022 19:35:33 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
02CYF8CZBGS6GBFW1PRS
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=CaBfaWD2RxivxA6KJY0rZA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
550b0c1400f70e56269f7c1848fb3166
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sync
ads.servenobid.com/ Frame D97C 		0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=317&uid=4154198403221592019&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.73.238.20 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-73-238-20.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:35:31 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
bidder
cs.chocolateplatform.com/sync/ Frame D97C
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=smartadserver&gdpr=0&gdpr_consent=
  • https://pr-bh.ybp.yahoo.com/sync/iponweb?bidswitch_ssp_id=smartadserver&ssp_user_id=e8e30d2f-61ec-4802-a103-57a098722b8a&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=74&&user_id=171250804&expires=5
  • https://cs.chocolateplatform.com/sync/bidder?advid=2008&bcid=e8e30d2f-61ec-4802-a103-57a098722b8a
0
0
/
rtb-csync.smartadserver.com/redir/ Frame D97C
Redirect Chain
  • https://match.sharethrough.com/universal/v1?supply_id=v5hJK9Sl&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?partnerid=147&partneruserid=c50f71fb-bfb6-4703-bfcb-c715dac86373&gdpr=0
43 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=147&partneruserid=c50f71fb-bfb6-4703-bfcb-c715dac86373&gdpr=0
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
23.106.127.165 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 21 Oct 2022 19:35:32 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://rtb-csync.smartadserver.com/redir/?partnerid=147&partneruserid=c50f71fb-bfb6-4703-bfcb-c715dac86373&gdpr=0
date
Fri, 21 Oct 2022 19:35:32 GMT
content-length
0
get
uipglob.semasio.net/id5/1/ Frame D97C
Redirect Chain
  • https://id5-sync.com/i/102/9.gif?gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/102/0/9/1.gif?gdpr=0&gdpr_consent=&us_privacy=
  • https://rtb-csync.smartadserver.com/redir/?partnerid=111&partneruserid=ID5-ZHMO8DMmDL84h49eWx_ZFSD7zcveHOZoiqh8g21Mtg&redirurl=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F102%2F8%2F2.gif%3Fpuid%3DSMART_...
  • https://id5-sync.com/c/102/102/8/2.gif?puid=4154198403221592019&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match?party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F10%2F7%2F3.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0
  • https://id5-sync.com/c/102/10/7/3.gif?puid=4043691463762702402&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://id5-sync.com/k/264.gif?puid=18e01040-c1b4-4d65-84d0-2effa943fb60&ttl=%%TTL%%
  • https://uipglob.semasio.net/id5/1/get?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F112%2F5%2F5.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D
0
0
/
csync.loopme.me/ Frame D97C 		0
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://csync.loopme.me/?redirect=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D124%26partneruserid%3D%7Bdevice_id%7D&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.214.174.31 -, , ASN (),
Reverse DNS
Software
_ /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:35:32 GMT
server
_
PugMaster
image6.pubmatic.com/AdServer/ Frame 082E 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=32268721&p=159463&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3093825276832204000V10%26type%3Dpba%26refUrl%3D%26vid%3D63809309313093825276832204000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.196 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
4c47304b8bcbf0e2ec4f8bb937754a34a02bd5554f83f74e500c5df47f0dc313

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Fri, 21 Oct 2022 19:35:31 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
crum
dsum-sec.casalemedia.com/ Frame B03F
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7501827152657204586
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7501827152657204586
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 21 Oct 2022 19:35:32 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Fri, 21 Oct 2022 19:35:32 GMT
AN-X-Request-Uuid
655adee5-9ff7-4a90-a1bd-6e961cb01e27
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7501827152657204586
Connection
keep-alive
X-Proxy-Origin
173.245.209.130; 173.245.209.130; 893.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame B03F
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=c2dc6352-f481-4700-a9d3-3ff400100b3b
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=c2dc6352-f481-4700-a9d3-3ff400100b3b
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 21 Oct 2022 19:35:31 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

Date
Fri, 21 Oct 2022 19:35:31 GMT
Server
MT3 4539 98cc2da master nrt-pixel-x17 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=c2dc6352-f481-4700-a9d3-3ff400100b3b
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 21 Oct 2022 19:35:30 GMT
Y1L0firY8LwSZ3dE2ufZVAAAEk4AAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame B03F
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y1L0firY8LwSZ3dE2ufZVAAAEk4AAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://pr-bh.ybp.yahoo.com/sync/casale/Y1L0firY8LwSZ3dE2ufZVAAAEk4AAAIB
43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y1L0firY8LwSZ3dE2ufZVAAAEk4AAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Server
52.74.172.143 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-74-172-143.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:35:31 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/Y1L0firY8LwSZ3dE2ufZVAAAEk4AAAIB
date
Fri, 21 Oct 2022 19:35:31 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
rum
dsum-sec.casalemedia.com/ Frame B03F
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=8843692322208152390
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=8843692322208152390
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 21 Oct 2022 19:35:32 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=8843692322208152390
pragma
no-cache
date
Fri, 21 Oct 2022 19:35:31 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
dcm
s.amazon-adsystem.com/ Frame B03F
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y1L0firY8LwSZ3dE2ufZVAAAEk4AAAIB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y1L0firY8LwSZ3dE2ufZVAAAEk4AAAIB&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y1L0firY8LwSZ3dE2ufZVAAAEk4AAAIB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
52.46.143.56 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 21 Oct 2022 19:35:32 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
74WY27KGQHAP3MCVAK9B
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 21 Oct 2022 19:35:32 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
YCFZ8Y2V83R75ZDBH8ZZ
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y1L0firY8LwSZ3dE2ufZVAAAEk4AAAIB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame B03F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y1L0firY8LwSZ3dE2ufZVAAAEk4AAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEL5G5H_bZHXIgbcwuAeoCuE&google_cver=1
43 B
646 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEL5G5H_bZHXIgbcwuAeoCuE&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H3
Server
104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:35:32 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
75dc6fd83977dfb3-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:35:31 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEL5G5H_bZHXIgbcwuAeoCuE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame B03F
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=KllpDhQH1OLXNL5
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=KllpDhQH1OLXNL5
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 21 Oct 2022 19:35:31 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Fri, 21 Oct 2022 19:35:31 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/5502e06#5502e06d7dbe3c52c9a5559e1550ac262fba6e07 i-00a1d164ccc6a2581@ap-southeast-1b@dxedge-app-ap-southeast-1-prod-asg
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=KllpDhQH1OLXNL5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum.casalemedia.com/ Frame B03F
Redirect Chain
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e
  • https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=86ec32fa-56a3-84cd-1ee71360
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=86ec32fa-56a3-84cd-1ee71360
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 21 Oct 2022 19:35:33 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

date
Fri, 21 Oct 2022 19:35:32 GMT
via
1.1 google
server
nginx/1.22.1
p3p
CP='This is not a P3P policy!'
access-control-allow-origin
*
location
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=86ec32fa-56a3-84cd-1ee71360
content-type
text/html; charset=utf-8
cache-control
max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
119
sync
ads.servenobid.com/ Frame B03F 		0
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=333&uid=Y1L0firY8LwSZ3dE2ufZVAAAEk4AAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.73.238.20 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-73-238-20.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:35:31 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
async_usersync
ib.adnxs.com/ Frame 1A0E 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.151.120 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
908.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 21 Oct 2022 19:35:32 GMT
AN-X-Request-Uuid
529f2baf-fca7-4567-9a32-156922b7e40b
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
173.245.209.130; 173.245.209.130; 908.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
match
c1.adform.net/serving/cookie/ Frame F3E1
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&cid=951AD2CF-7A6E-400E-A9F4-CFC29AD75D3C
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=951AD2CF-7A6E-400E-A9F4-CFC29AD75D3C
35 B
466 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=951AD2CF-7A6E-400E-A9F4-CFC29AD75D3C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3093825276832204000V10%26type%3Dpba%26refUrl%3D%26vid%3D63809309313093825276832204000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.84.60.21 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Fri, 21 Oct 2022 19:35:33 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
date
Fri, 21 Oct 2022 19:35:33 GMT
expires
-1
location
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=951AD2CF-7A6E-400E-A9F4-CFC29AD75D3C
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 81DE
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:c2dc6352-f481-4700-a9d3-3ff400100b3b&gdpr=0&gdpr_consent=
42 B
325 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:c2dc6352-f481-4700-a9d3-3ff400100b3b&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3093825276832204000V10%26type%3Dpba%26refUrl%3D%26vid%3D63809309313093825276832204000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.86 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 21 Oct 2022 19:35:32 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Fri, 21 Oct 2022 19:35:32 GMT
Expires
Fri, 21 Oct 2022 19:35:31 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 4539 98cc2da master nrt-pixel-x8 config:1.0.0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:c2dc6352-f481-4700-a9d3-3ff400100b3b&gdpr=0&gdpr_consent=
Pug
simage2.pubmatic.com/AdServer/ Frame CC55
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y1L0fwAAAMvh4wAK&gdpr=0&gdpr_consent=
1 B
450 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y1L0fwAAAMvh4wAK&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3093825276832204000V10%26type%3Dpba%26refUrl%3D%26vid%3D63809309313093825276832204000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.86 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Fri, 21 Oct 2022 19:35:31 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Fri, 21 Oct 2022 19:35:32 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y1L0fwAAAMvh4wAK&gdpr=0&gdpr_consent=
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-syd10151-SYD
x-timer
S1666380932.127322,VS0,VE0
Pug
simage2.pubmatic.com/AdServer/ Frame 2049
Redirect Chain
  • https://cm.ambientdsp.com/cm/send?vc=pmj
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=xiolsqy0zzz
1 B
149 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=xiolsqy0zzz
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3093825276832204000V10%26type%3Dpba%26refUrl%3D%26vid%3D63809309313093825276832204000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.86 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Fri, 21 Oct 2022 19:35:32 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-encoding
utf-8
cache-control
no-store
content-length
0
date
Fri, 21 Oct 2022 19:35:32 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=xiolsqy0zzz
lws
127.0.0.1
strict-transport-security
max-age=31536000; includeSubDomains
time-ms
0
Pug
image2.pubmatic.com/AdServer/ Frame 2088
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=H51zzE-acZgElyCYGZprxxmbJJgEzX-cEJ56tnap
42 B
340 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=H51zzE-acZgElyCYGZprxxmbJJgEzX-cEJ56tnap
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3093825276832204000V10%26type%3Dpba%26refUrl%3D%26vid%3D63809309313093825276832204000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.86 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 21 Oct 2022 19:35:31 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Fri, 21 Oct 2022 19:35:32 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=H51zzE-acZgElyCYGZprxxmbJJgEzX-cEJ56tnap
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
Pug
image2.pubmatic.com/AdServer/ Frame B078
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7501827152657204586&gdpr=0&gdpr_consent=
42 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7501827152657204586&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3093825276832204000V10%26type%3Dpba%26refUrl%3D%26vid%3D63809309313093825276832204000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.86 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 21 Oct 2022 19:35:31 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

AN-X-Request-Uuid
bd9723cb-5a80-402f-aeb4-aec9f1626649
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Fri, 21 Oct 2022 19:35:32 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7501827152657204586&gdpr=0&gdpr_consent=
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
173.245.209.130; 173.245.209.130; 908.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
X-XSS-Protection
0
usersync.aspx
dis.criteo.com/dis/ Frame 65EE 		43 B
362 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3093825276832204000V10%26type%3Dpba%26refUrl%3D%26vid%3D63809309313093825276832204000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.146 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-cache
content-type
image/gif
cross-origin-resource-policy
cross-origin
date
Fri, 21 Oct 2022 19:35:31 GMT
expires
Fri, 21 Oct 2022 00:00:00 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
285835
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
Pug
simage2.pubmatic.com/AdServer/ Frame 0E64
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=kEoEJVJTS-NBAvTVnKfN-K310YI
42 B
287 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=kEoEJVJTS-NBAvTVnKfN-K310YI
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3093825276832204000V10%26type%3Dpba%26refUrl%3D%26vid%3D63809309313093825276832204000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.86 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 21 Oct 2022 19:35:31 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
159
Content-Type
text/html; charset=utf-8
Date
Fri, 21 Oct 2022 19:35:32 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=kEoEJVJTS-NBAvTVnKfN-K310YI
send
sync-dsp.ad-m.asia/dsp/api/sync/ Frame 49B8 		43 B
243 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=pubmatic&rd=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw%26piggybackCookie%3D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3093825276832204000V10%26type%3Dpba%26refUrl%3D%26vid%3D63809309313093825276832204000V10%26ovsid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
202.131.200.84 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
no-store,no-cache
Connection
close
Content-Length
43
Content-Type
image/gif
Date
Fri, 21 Oct 2022 19:35:32 GMT
Pragma
no-cache
Server
nginx
expires
-1
Pug
image2.pubmatic.com/AdServer/ Frame DB04
Redirect Chain
  • https://gocm.c.appier.net/pubmatic
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=UoafA6vpA5KnzS7HhPRSYw
42 B
228 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=UoafA6vpA5KnzS7HhPRSYw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3093825276832204000V10%26type%3Dpba%26refUrl%3D%26vid%3D63809309313093825276832204000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.86 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 21 Oct 2022 19:35:32 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-store
content-length
153
content-type
text/html; charset=utf-8
date
Fri, 21 Oct 2022 19:35:32 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=UoafA6vpA5KnzS7HhPRSYw
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
nginx
Pug
simage2.pubmatic.com/AdServer/ Frame F578
Redirect Chain
  • https://ipac.ctnsnet.com/int/cm?exc=14&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA%3D%26piggybackCookie%3D%5Buser_id%5D
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=babaf9eaa4af433e8dceb3bca6b77cbf
42 B
317 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=babaf9eaa4af433e8dceb3bca6b77cbf
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3093825276832204000V10%26type%3Dpba%26refUrl%3D%26vid%3D63809309313093825276832204000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.86 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 21 Oct 2022 19:35:32 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html;charset=UTF-8
date
Fri, 21 Oct 2022 19:35:31 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=babaf9eaa4af433e8dceb3bca6b77cbf
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
status
302
via
1.1 google
x-xss-protection
1; mode=block
pxd
dps.jp.cinarra.com/ Frame 2649 		95 B
220 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dps.jp.cinarra.com/pxd?PLATFORM_ID=D&USER_ID=951AD2CF-7A6E-400E-A9F4-CFC29AD75D3C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3093825276832204000V10%26type%3Dpba%26refUrl%3D%26vid%3D63809309313093825276832204000V10%26ovsid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.182.122.24 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Connection
keep-alive
Content-Length
95
Content-Type
image/png
Date
Fri, 21 Oct 2022 19:35:32 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 4FA2
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:KllpDhQH1OLXNL5&gdpr=0&gdpr_consent=
42 B
197 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:KllpDhQH1OLXNL5&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3093825276832204000V10%26type%3Dpba%26refUrl%3D%26vid%3D63809309313093825276832204000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.86 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 21 Oct 2022 19:35:32 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Fri, 21 Oct 2022 19:35:31 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:KllpDhQH1OLXNL5&gdpr=0&gdpr_consent=
Pragma
no-cache
Server
PingMatch/5502e06#5502e06d7dbe3c52c9a5559e1550ac262fba6e07 i-00a1d164ccc6a2581@ap-southeast-1b@dxedge-app-ap-southeast-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame B461
Redirect Chain
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=870b7612-5177-11ed-ae01-54a68b330875
42 B
325 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=870b7612-5177-11ed-ae01-54a68b330875
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3093825276832204000V10%26type%3Dpba%26refUrl%3D%26vid%3D63809309313093825276832204000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.86 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 21 Oct 2022 19:35:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
0
content-type
image/gif
date
Fri, 21 Oct 2022 19:35:32 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=870b7612-5177-11ed-ae01-54a68b330875
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
aws-apsoutheast1c-delivery-3
usersync
usersync.gumgum.com/ Frame B2F4
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-a8b9b933-ce2c-46f4-ac41-fa365bd7ab5c-004&rndcb=8191113242
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=adconductor&bsw_param=e8e30d2f-61ec-4802-a103-57a098722b8a&google_hm=ZThlMzBkMmYtNjFlYy00ODAyLWExMDMtNTdhMDk4NzIy...
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEJmz9-BvqxHbnWDEwD4esbk&google_cver=1&ssp=adconductor&bsw_param=e8e30d2f-61ec-4802-a103-57a098722b8a
  • https://sync.1rx.io/usersync/bidswitch/e8e30d2f-61ec-4802-a103-57a098722b8a?gdpr=&gdpr_consent=
  • https://sync.targeting.unrulymedia.com/csync/RX-a8b9b933-ce2c-46f4-ac41-fa365bd7ab5c-004?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-a8b9b933-ce2c-46f4-ac41-fa365bd7ab5c-004
  • https://usersync.gumgum.com/usersync?b=rhy&i=RX-a8b9b933-ce2c-46f4-ac41-fa365bd7ab5c-004
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=rhy&i=RX-a8b9b933-ce2c-46f4-ac41-fa365bd7ab5c-004
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3093825276832204000V10%26type%3Dpba%26refUrl%3D%26vid%3D63809309313093825276832204000V10%26ovsid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Fri, 21 Oct 2022 19:35:33 GMT
Expires
0
Pragma
no-cache

Redirect headers

content-type
text/html
date
Fri, 21 Oct 2022 19:35:33 GMT
etag
RXa8b9b933ce2c46f4ac41fa365bd7ab5c004
location
https://usersync.gumgum.com/usersync?b=rhy&i=RX-a8b9b933-ce2c-46f4-ac41-fa365bd7ab5c-004
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
rtb-h
match.taboola.com/sg/pubmatic-ssp-network/1/ Frame B16F
Redirect Chain
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=ce7d40a3-0357-428b-b4d3-1d0b87ad79e1-tucta4c7a04&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdSe...
0
55 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=ce7d40a3-0357-428b-b4d3-1d0b87ad79e1-tucta4c7a04&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3093825276832204000V10%26type%3Dpba%26refUrl%3D%26vid%3D63809309313093825276832204000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
content-length
0
date
Fri, 21 Oct 2022 19:35:32 GMT
server
nginx
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-syd10124-SYD
x-timer
S1666380933.538666,VS0,VE129

Redirect headers

accept-ranges
bytes
content-length
0
date
Fri, 21 Oct 2022 19:35:32 GMT
location
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=ce7d40a3-0357-428b-b4d3-1d0b87ad79e1-tucta4c7a04&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
server
nginx
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-syd10124-SYD
x-timer
S1666380932.340783,VS0,VE94
x-vcl-time-ms
94
i.match
s.tribalfusion.com/z/ Frame 6493
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
414 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3093825276832204000V10%26type%3Dpba%26refUrl%3D%26vid%3D63809309313093825276832204000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.24.173 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
75dc6fdcdf40a89e-SYD
content-length
43
content-type
image/gif; charset=utf-8
date
Fri, 21 Oct 2022 19:35:32 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
75dc6fdb2e58a89e-SYD
content-type
text/html
date
Fri, 21 Oct 2022 19:35:32 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
206
x-reuse-index
2760
cookiesync
core.iprom.net/ Frame F5FD 		43 B
282 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3093825276832204000V10%26type%3Dpba%26refUrl%3D%26vid%3D63809309313093825276832204000V10%26ovsid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Fri, 21 Oct 2022 19:35:33 GMT
Vary
Accept-Encoding
X-adserver-worker
leviathan-fb4db43164c4@version_1.529v3
X-core-time
1ms
X-server-arch
v2
/
csync.loopme.me/ Frame 9104 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3093825276832204000V10%26type%3Dpba%26refUrl%3D%26vid%3D63809309313093825276832204000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.214.174.31 -, , ASN (),
Reverse DNS
Software
_ /
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

date
Fri, 21 Oct 2022 19:35:32 GMT
server
_
cksync.php
contextual.media.net/ Frame DFB5 		45 B
468 B 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3093825276832204000V10&type=pba&refUrl=&vid=63809309313093825276832204000V10&ovsid=951AD2CF-7A6E-400E-A9F4-CFC29AD75D3C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3093825276832204000V10%26type%3Dpba%26refUrl%3D%26vid%3D63809309313093825276832204000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.195.152.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-length
45
content-type
image/gif
date
Fri, 21 Oct 2022 19:35:32 GMT
expires
Fri, 21 Oct 2022 19:35:32 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
pragma
no-cache
server
Apache
strict-transport-security
max-age=31536000
x-mnet-hl2
E
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 082E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=lRrSz3puQA6p9M_CmtddPA%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3093825276832204000V10%26type%3Dpba%26refUrl%3D%26vid%3D63809309313093825276832204000V10%26ovsid%3DPM_UID
Protocol
H2
Server
23.44.0.196 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-44-0-196.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

unused62
8096267
date
Fri, 21 Oct 2022 19:35:32 GMT
content-encoding
gzip
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
server
Apache/2.2.15 (CentOS)
etag
"1300708-3de4-5d6ef246ef4cf"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-type
text/html; charset=UTF-8
cache-control
max-age=113587
accept-ranges
bytes
content-length
5549
expires
Sun, 23 Oct 2022 03:08:39 GMT

Redirect headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:35:32 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
458249.gif
idsync.rlcdn.com/ Frame 082E
Redirect Chain
  • https://idsync.rlcdn.com/420486.gif?partner_uid=951AD2CF-7A6E-400E-A9F4-CFC29AD75D3C
  • https://idsync.rlcdn.com/1000.gif?memo=CIbVGRIwCiwIARCMowEaJDk1MUFEMkNGLTdBNkUtNDAwRS1BOUY0LUNGQzI5QUQ3NUQzQxAAGg0IhOnLmgYSBQjoBxAAQgBKAA
  • https://pippio.com/api/sync?pid=5324&it=1&iv=255fd4bfec8ce5e9c06b5d8fe128ee772e4d5f0de0e1a7de9ee8e6e8c614415c791426b5417dce21&_=2
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlAyNTVmZDRiZmVjOGNlNWU5YzA2YjVkOGZlMTI4ZWU3NzJlNGQ1ZjBkZTBlMWE3ZGU5ZWU4ZTZlOGM2MTQ0MTVjNzkxNDI2YjU...
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlAyNTVmZDRiZmVjOGNlNWU5YzA2YjVkOGZlMTI4ZWU3NzJlNGQ1ZjBkZTBlMWE3ZGU5ZWU4ZTZlOGM2MTQ0MTVjNzkxNDI2YjU0MTdkY2UyMRAAGgwIhenLmgYSBAgCEABCAEoA&goog...
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3=
  • https://idsync.rlcdn.com/458249.gif?partner_uid=4a436b30-4552-41a6-979b-56f4610f183b
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/458249.gif?partner_uid=4a436b30-4552-41a6-979b-56f4610f183b
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3093825276832204000V10%26type%3Dpba%26refUrl%3D%26vid%3D63809309313093825276832204000V10%26ovsid%3DPM_UID
Protocol
H3
Server
35.190.60.146 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:35:34 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

location
https://idsync.rlcdn.com/458249.gif?partner_uid=4a436b30-4552-41a6-979b-56f4610f183b
date
Fri, 21 Oct 2022 19:35:34 GMT
via
1.1 google
x-samesite
secure
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
111
content-type
text/html; charset=utf-8
SPug
image4.pubmatic.com/AdServer/ Frame 082E
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=c2dc6352-f481-4700-a9d3-3ff400100b3b
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=c2dc6352-f481-4700-a9d3-3ff400100b3b
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3093825276832204000V10%26type%3Dpba%26refUrl%3D%26vid%3D63809309313093825276832204000V10%26ovsid%3DPM_UID
Protocol
H2
Server
103.231.98.195 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:35:32 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Fri, 21 Oct 2022 19:35:32 GMT
Server
MT3 4539 98cc2da master nrt-pixel-x10 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=c2dc6352-f481-4700-a9d3-3ff400100b3b
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 21 Oct 2022 19:35:31 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 082E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OTUxQUQyQ0YtN0E2RS00MDBFLUE5RjQtQ0ZDMjlBRDc1RDND&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3093825276832204000V10%26type%3Dpba%26refUrl%3D%26vid%3D63809309313093825276832204000V10%26ovsid%3DPM_UID
Protocol
H2
Server
67.199.150.86 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 21 Oct 2022 19:35:32 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:35:32 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 082E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIntVG9b059DkTZ1v8kX0kc&google_cver=1
42 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIntVG9b059DkTZ1v8kX0kc&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3093825276832204000V10%26type%3Dpba%26refUrl%3D%26vid%3D63809309313093825276832204000V10%26ovsid%3DPM_UID
Protocol
H2
Server
67.199.150.86 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 21 Oct 2022 19:35:32 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:35:32 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIntVG9b059DkTZ1v8kX0kc&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 082E
Redirect Chain
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:D2EB9873C83048939AA9FBD5914232D7
42 B
288 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:D2EB9873C83048939AA9FBD5914232D7
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3093825276832204000V10%26type%3Dpba%26refUrl%3D%26vid%3D63809309313093825276832204000V10%26ovsid%3DPM_UID
Protocol
H2
Server
67.199.150.86 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 21 Oct 2022 19:35:32 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

date
Fri, 21 Oct 2022 19:35:32 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:D2EB9873C83048939AA9FBD5914232D7
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Thu, 20 Oct 2022 19:35:32 GMT
951AD2CF-7A6E-400E-A9F4-CFC29AD75D3C
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 082E 		43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/951AD2CF-7A6E-400E-A9F4-CFC29AD75D3C?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3093825276832204000V10%26type%3Dpba%26refUrl%3D%26vid%3D63809309313093825276832204000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.74.172.143 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-74-172-143.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:35:32 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
Pug
simage2.pubmatic.com/AdServer/ Frame 082E
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=18e01040-c1b4-4d65-84d0-2effa943fb60
42 B
278 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=18e01040-c1b4-4d65-84d0-2effa943fb60
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3093825276832204000V10%26type%3Dpba%26refUrl%3D%26vid%3D63809309313093825276832204000V10%26ovsid%3DPM_UID
Protocol
H2
Server
67.199.150.86 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 21 Oct 2022 19:35:32 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:35:31 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=18e01040-c1b4-4d65-84d0-2effa943fb60
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
313
Pug
simage2.pubmatic.com/AdServer/ Frame 082E
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=e8e30d2f-61ec-4802-a103-57a098722b8a&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
  • https://x.bidswitch.net/sync?dsp_id=283&user_id=483b58d4-3f5f-440d-8278-60f297733297&expires=1&user_group=5&ssp=pubmatic&bsw_param=e8e30d2f-61ec-4802-a103-57a098722b8a
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=e8e30d2f-61ec-4802-a103-57a098722b8a&gdpr=&gdpr_consent=&gdpr_pd=
1 B
282 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=e8e30d2f-61ec-4802-a103-57a098722b8a&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3093825276832204000V10%26type%3Dpba%26refUrl%3D%26vid%3D63809309313093825276832204000V10%26ovsid%3DPM_UID
Protocol
H2
Server
67.199.150.86 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Fri, 21 Oct 2022 19:35:33 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=e8e30d2f-61ec-4802-a103-57a098722b8a&gdpr=&gdpr_consent=&gdpr_pd=
Date
Fri, 21 Oct 2022 19:35:33 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
Pug
simage2.pubmatic.com/AdServer/ Frame 082E
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7501827152657204586
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7501827152657204586
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3093825276832204000V10%26type%3Dpba%26refUrl%3D%26vid%3D63809309313093825276832204000V10%26ovsid%3DPM_UID
Protocol
H2
Server
67.199.150.86 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 21 Oct 2022 19:35:32 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Fri, 21 Oct 2022 19:35:32 GMT
AN-X-Request-Uuid
48616b54-fb3f-4346-bb22-07c182107119
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7501827152657204586
Connection
keep-alive
X-Proxy-Origin
173.245.209.130; 173.245.209.130; 893.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 082E
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=6128369374465870102
42 B
300 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=6128369374465870102
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3093825276832204000V10%26type%3Dpba%26refUrl%3D%26vid%3D63809309313093825276832204000V10%26ovsid%3DPM_UID
Protocol
H2
Server
67.199.150.86 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 21 Oct 2022 19:35:33 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:35:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=6128369374465870102
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
SPug
image4.pubmatic.com/AdServer/ Frame 082E
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=951AD2CF-7A6E-400E-A9F4-CFC29AD75D3C&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-cx6zJGFE2uVweh70c2MiogK35NIVwFA-~A&gdpr=0&gdpr_consent=
0
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-cx6zJGFE2uVweh70c2MiogK35NIVwFA-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3093825276832204000V10%26type%3Dpba%26refUrl%3D%26vid%3D63809309313093825276832204000V10%26ovsid%3DPM_UID
Protocol
H2
Server
103.231.98.195 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:35:32 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-cx6zJGFE2uVweh70c2MiogK35NIVwFA-~A&gdpr=0&gdpr_consent=
date
Fri, 21 Oct 2022 19:35:32 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame 082E
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8843692322208152390&gdpr=0&gdpr_consent=&us_privacy=
1 B
175 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8843692322208152390&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3093825276832204000V10%26type%3Dpba%26refUrl%3D%26vid%3D63809309313093825276832204000V10%26ovsid%3DPM_UID
Protocol
H2
Server
67.199.150.86 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Fri, 21 Oct 2022 19:35:32 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8843692322208152390&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Fri, 21 Oct 2022 19:35:31 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame 082E
Redirect Chain
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=951AD2CF-7A6E-400E-A9F4-CFC29AD75D3C&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=44485eab1fbd2073&is_secure=true&networkId=17100&version=1&nuid=951AD2CF-7A6E-400E-A9F4-CFC29AD75D3C&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAALh0NjBEZirgMJcNMTAAAAAAA&expiration=1666467332&nuid=951AD2CF-7A6E-400E-A9F4-CFC29AD75D3C&...
42 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAALh0NjBEZirgMJcNMTAAAAAAA&expiration=1666467332&nuid=951AD2CF-7A6E-400E-A9F4-CFC29AD75D3C&is_secure=true&gdpr_consent=&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3093825276832204000V10%26type%3Dpba%26refUrl%3D%26vid%3D63809309313093825276832204000V10%26ovsid%3DPM_UID
Protocol
H2
Server
67.199.150.86 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 21 Oct 2022 19:35:32 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:35:32 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAALh0NjBEZirgMJcNMTAAAAAAA&expiration=1666467332&nuid=951AD2CF-7A6E-400E-A9F4-CFC29AD75D3C&is_secure=true&gdpr_consent=&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
d1ba4609
rtb.gumgum.com/getuid/ Frame 082E 		35 B
209 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3093825276832204000V10%26type%3Dpba%26refUrl%3D%26vid%3D63809309313093825276832204000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.79.63.55 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:35:32 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0
usersync
usersync.gumgum.com/ Frame 9009
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=7501827152657204586
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=7501827152657204586
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 21 Oct 2022 19:35:33 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Fri, 21 Oct 2022 19:35:32 GMT
AN-X-Request-Uuid
8b7117fb-24b9-4c4a-a0b5-1361e144c9a2
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://usersync.gumgum.com/usersync?b=apn&i=7501827152657204586
Connection
keep-alive
X-Proxy-Origin
173.245.209.130; 173.245.209.130; 893.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame 9009
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=a_75af814b-815e-4c7d-9911-b60a8e3f6069&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://cms.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=gumgum2&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=gumgum2&gdpr=0&user_id=txJPsOcVTeSsGBzksRVXu7EUGOSsQkPguBGdeaOq
  • https://usersync.gumgum.com/usersync?b=bsw&i=e8e30d2f-61ec-4802-a103-57a098722b8a
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=bsw&i=e8e30d2f-61ec-4802-a103-57a098722b8a
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 21 Oct 2022 19:35:33 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
//usersync.gumgum.com/usersync?b=bsw&i=e8e30d2f-61ec-4802-a103-57a098722b8a
Date
Fri, 21 Oct 2022 19:35:32 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
cookie-sync
sync.outbrain.com/ Frame 9009
Redirect Chain
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobR...
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28zqhvZCSPafKJJF8vOzFiGd6ix7dMJs8OzBJMG91UO8vKMJFrNuQ3u4ZVU0geYAFQ%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%...
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=a_75af814b-815e-4c7d-9911-b60a8e3f6069&obuid=ENC(zqhvZCSPafKJJF8vOzFiGd6ix7dMJs8OzBJMG91UO8vKMJFrNuQ3u4ZVU0geYAFQ)
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51
  • https://ib.adnxs.com/getuid?https://sync.outbrain.com/cookie-sync?p=appnexus&uid=$UID&obUid=zqhvZCSPafKJJF8vOzFiGd6ix7dMJs8OzBJMG91UO8vKMJFrNuQ3u4ZVU0geYAFQ&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_...
  • https://sync.outbrain.com/cookie-sync?p=appnexus&uid=7501827152657204586&obUid=zqhvZCSPafKJJF8vOzFiGd6ix7dMJs8OzBJMG91UO8vKMJFrNuQ3u4ZVU0geYAFQ&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_pri...
0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=appnexus&uid=7501827152657204586&obUid=zqhvZCSPafKJJF8vOzFiGd6ix7dMJs8OzBJMG91UO8vKMJFrNuQ3u4ZVU0geYAFQ&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
38.133.127.127 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 21 Oct 2022 19:35:34 GMT
Cache-Control
no-cache
X-TraceId
c1981af36ea1c74860ad6275bbd91b44
Content-Length
0

Redirect headers

Pragma
no-cache
Date
Fri, 21 Oct 2022 19:35:34 GMT
AN-X-Request-Uuid
7cb01a59-bc9b-4c97-a08e-973a28924fa7
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://sync.outbrain.com/cookie-sync?p=appnexus&uid=7501827152657204586&obUid=zqhvZCSPafKJJF8vOzFiGd6ix7dMJs8OzBJMG91UO8vKMJFrNuQ3u4ZVU0geYAFQ&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA
Connection
keep-alive
X-Proxy-Origin
173.245.209.130; 173.245.209.130; 908.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame 9009
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=b459f1e4-30a8-445a-95f4-e2e7a1580bb7
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=opx&i=b459f1e4-30a8-445a-95f4-e2e7a1580bb7
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 21 Oct 2022 19:35:33 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Fri, 21 Oct 2022 19:35:32 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://usersync.gumgum.com/usersync?b=opx&i=b459f1e4-30a8-445a-95f4-e2e7a1580bb7
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usersync
usersync.gumgum.com/ Frame 9009
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-904a0425-5253-4be3-4102-f4d59ca7cdf8$ip$173.245.209.130
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-904a0425-5253-4be3-4102-f4d59ca7cdf8$ip$173.245.209.130
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 21 Oct 2022 19:35:33 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-904a0425-5253-4be3-4102-f4d59ca7cdf8$ip$173.245.209.130
Date
Fri, 21 Oct 2022 19:35:32 GMT
Connection
keep-alive
Content-Length
129
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame 9009
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=oth&i=y-bo_.92ZE2pfOTK8tvXj1a81ojKKl_IE4x7w3~A
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=oth&i=y-bo_.92ZE2pfOTK8tvXj1a81ojKKl_IE4x7w3~A
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 21 Oct 2022 19:35:33 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Fri, 21 Oct 2022 19:35:32 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://usersync.gumgum.com/usersync?b=oth&i=y-bo_.92ZE2pfOTK8tvXj1a81ojKKl_IE4x7w3~A
content-length
0
usersync
usersync.gumgum.com/ Frame 9009
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fuser...
  • https://usersync.gumgum.com/usersync?b=vnt&i=f216d31b-0b31-4487-a527-37d830980be9
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=vnt&i=f216d31b-0b31-4487-a527-37d830980be9
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 21 Oct 2022 19:35:33 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=vnt&i=f216d31b-0b31-4487-a527-37d830980be9
Date
Fri, 21 Oct 2022 19:35:33 GMT
Connection
keep-alive
X-CI-RTID
c69c37c9-56e5-4248-949f-d7e9083a874d
Content-Length
108
Content-Type
text/html; charset=utf-8
services
sync.technoratimedia.com/ Frame 9009 		0
293 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
193.122.128.135 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:35:32 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
653061406
access-control-allow-origin
https://g2.gumgum.com/
access-control-allow-credentials
true
142
match.deepintent.com/usersync/ Frame 9009 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 -, , ASN (),
Reverse DNS
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:35:32 GMT
content-length
0
server
a
usersync
usersync.gumgum.com/ Frame 9009
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=a_75af814b-815e-4c7d-9911-b60a8e3f6069&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
  • https://stags.bluekai.com/site/23178?id=rlRpjlEWpIGUQPTZSCP0&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LO...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT24TMKJYGU3CFK5YESR2VKFIFIWSTINIDA...
  • https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=rlRpjlEWpIGUQPTZSCP0&us_privacy=1---
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=rlRpjlEWpIGUQPTZSCP0&us_privacy=1---
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 21 Oct 2022 19:35:33 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Fri, 21 Oct 2022 19:35:33 GMT
Content-Type
text/html; charset=utf-8
Location
https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=rlRpjlEWpIGUQPTZSCP0&us_privacy=1---
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
123
Expires
Thu, 01 Dec 1994 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame 9009
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://usersync.gumgum.com/usersync?b=idi&i=64369d98-8a2d-4a3c-9cc2-63ebe2b53a2c
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=idi&i=64369d98-8a2d-4a3c-9cc2-63ebe2b53a2c
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 21 Oct 2022 19:35:33 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=idi&i=64369d98-8a2d-4a3c-9cc2-63ebe2b53a2c
access-control-allow-origin
*
date
Fri, 21 Oct 2022 19:35:32 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
RX-a8b9b933-ce2c-46f4-ac41-fa365bd7ab5c-004
sync.targeting.unrulymedia.com/csync/ Frame 9009
Redirect Chain
  • https://sync.1rx.io/usersync2/floor6?gdpr=0&gdpr_consent=&dspret=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-a8b9b933-ce2c-46f4-ac41-fa365bd7ab5c-004&rndcb=7808810580
  • https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=adconductor&bsw_custom_parameter=e8e30d2f-61ec-4802-a103-57a098722b8a&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
  • https://x.bidswitch.net/sync?dsp_id=283&user_id=d6e551d6-3816-42c7-ac76-372dc8eb941e&expires=1&user_group=5&ssp=adconductor&bsw_param=e8e30d2f-61ec-4802-a103-57a098722b8a
  • https://sync.1rx.io/usersync/bidswitch/e8e30d2f-61ec-4802-a103-57a098722b8a?gdpr=&gdpr_consent=
  • https://sync.targeting.unrulymedia.com/csync/RX-a8b9b933-ce2c-46f4-ac41-fa365bd7ab5c-004
43 B
377 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.targeting.unrulymedia.com/csync/RX-a8b9b933-ce2c-46f4-ac41-fa365bd7ab5c-004
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
74.118.186.44 Serangoon, Singapore, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:35:34 GMT
content-length
43
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

location
https://sync.targeting.unrulymedia.com/csync/RX-a8b9b933-ce2c-46f4-ac41-fa365bd7ab5c-004
pragma
no-cache
date
Fri, 21 Oct 2022 19:35:34 GMT
cache-control
no-store, no-cache, must-revalidate
expires
0
content-type
text/html
usersync
usersync.gumgum.com/ Frame 9009
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://usersync.gumgum.com/usersync?b=pln&i=83KN0WGY7VlW&ev=1&pid=558355
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=pln&i=83KN0WGY7VlW&ev=1&pid=558355
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 21 Oct 2022 19:35:33 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
location
https://usersync.gumgum.com/usersync?b=pln&i=83KN0WGY7VlW&ev=1&pid=558355
content-language
en-AU
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-74995b8c8d-xs6c4
expires
-1
usersync
usersync.gumgum.com/ Frame 9009
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sad&i=4154198403221592019
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sad&i=4154198403221592019
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 21 Oct 2022 19:35:33 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=sad&i=4154198403221592019
date
Fri, 21 Oct 2022 19:35:32 GMT
content-length
0
sync
ads.servenobid.com/ Frame 9009 		0
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=309&uid=a_75af814b-815e-4c7d-9911-b60a8e3f6069
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.73.238.20 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-73-238-20.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:35:32 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
usync.js
eus.rubiconproject.com/ Frame 497B 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=medianet
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.9.185.218 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-9-185-218.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
130b4d0812750a442bf7117e25dc3a72be8829b2af22c71707bf55885de688a8

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=medianet
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 21 Oct 2022 19:35:32 GMT
Content-Encoding
gzip
Last-Modified
Mon, 17 Oct 2022 18:37:59 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=21101
Connection
keep-alive
Content-Length
9455
Expires
Sat, 22 Oct 2022 01:27:13 GMT
usync.js
eus.rubiconproject.com/ Frame 2E7C 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.9.185.218 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-9-185-218.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
130b4d0812750a442bf7117e25dc3a72be8829b2af22c71707bf55885de688a8

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 21 Oct 2022 19:35:32 GMT
Content-Encoding
gzip
Last-Modified
Mon, 17 Oct 2022 18:37:59 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=21101
Connection
keep-alive
Content-Length
9455
Expires
Sat, 22 Oct 2022 01:27:13 GMT
usersync
usersync.gumgum.com/ Frame F756
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
  • https://usersync.gumgum.com/usersync?b=mmh&i=c2dc6352-f481-4700-a9d3-3ff400100b3b&gdpr=0&gdpr_consent=
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=mmh&i=c2dc6352-f481-4700-a9d3-3ff400100b3b&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Fri, 21 Oct 2022 19:35:33 GMT
Expires
0
Pragma
no-cache

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Fri, 21 Oct 2022 19:35:32 GMT
Expires
Fri, 21 Oct 2022 19:35:31 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 4539 98cc2da master nrt-pixel-x14 config:1.0.0
location
https://usersync.gumgum.com/usersync?b=mmh&i=c2dc6352-f481-4700-a9d3-3ff400100b3b&gdpr=0&gdpr_consent=
usersync
usersync.gumgum.com/ Frame 5603
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=atm&i=Y1L0fwAAAMvh4wAK&gdpr=0&gdpr_consent=
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=atm&i=Y1L0fwAAAMvh4wAK&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Fri, 21 Oct 2022 19:35:33 GMT
Expires
0
Pragma
no-cache

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Fri, 21 Oct 2022 19:35:32 GMT
location
https://usersync.gumgum.com/usersync?b=atm&i=Y1L0fwAAAMvh4wAK&gdpr=0&gdpr_consent=
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-syd10151-SYD
x-timer
S1666380932.180728,VS0,VE0
pixel
cm.g.doubleclick.net/ Frame BE77 		170 B
191 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=YV83NWFmODE0Yi04MTVlLTRjN2QtOTkxMS1iNjBhOGUzZjYwNjk=&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Fri, 21 Oct 2022 19:35:32 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 09B9 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.44.0.196 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-44-0-196.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=113587
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Fri, 21 Oct 2022 19:35:32 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Sun, 23 Oct 2022 03:08:39 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
unused62
8096267
vary
Accept-Encoding
usersync
usersync.gumgum.com/ Frame EF1F
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=ttd&i=18e01040-c1b4-4d65-84d0-2effa943fb60
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=ttd&i=18e01040-c1b4-4d65-84d0-2effa943fb60
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Fri, 21 Oct 2022 19:35:33 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
private,no-cache, must-revalidate
content-length
193
content-type
text/html
date
Fri, 21 Oct 2022 19:35:32 GMT
location
https://usersync.gumgum.com/usersync?b=ttd&i=18e01040-c1b4-4d65-84d0-2effa943fb60
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
um
cs.emxdgt.com/ Frame 6040 		0
66 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.236.45.231 -, , ASN (),
Reverse DNS
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

content-length
0
content-type
text/plain; charset=utf-8
date
Fri, 21 Oct 2022 19:35:32 GMT
server
awselb/2.0
usersync
usersync.gumgum.com/ Frame 07C3
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=Y1L0hMCo8XUAACBNFdwAAAAA
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=sus&i=Y1L0hMCo8XUAACBNFdwAAAAA
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Fri, 21 Oct 2022 19:35:33 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Fri, 21 Oct 2022 19:35:32 GMT
Location
https://usersync.gumgum.com/usersync?b=sus&i=Y1L0hMCo8XUAACBNFdwAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
3
X-SO-Cluster-ID
43
X-SO-HostName
m-ad363.dc4p.scaleout.jp
X-SO-IP
173.245.209.130
X-SO-Key
Y1L0hMCo8XUAACBNFdwAAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":43,"gdpr":false,"ipv4":"173.245.209.130","key":"Y1L0hMCo8XUAACBNFdwAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad363"}
X-SO-LB-Hostname
m-tgng17.dc4p.scaleout.jp
X-SO-Upstream-ID
m-ad363
usersync
usersync.gumgum.com/ Frame E57C
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D
  • https://usersync.gumgum.com/usersync?b=iex&i=Y1L0firY8LwSZ3dE2ufZVAAA%264686
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=iex&i=Y1L0firY8LwSZ3dE2ufZVAAA%264686
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Fri, 21 Oct 2022 19:35:33 GMT
Expires
0
Pragma
no-cache

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
75dc6fda2a9fdfb3-SYD
content-length
0
date
Fri, 21 Oct 2022 19:35:32 GMT
expires
0
location
https://usersync.gumgum.com/usersync?b=iex&i=Y1L0firY8LwSZ3dE2ufZVAAA%264686
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
server
cloudflare
vary
Accept-Encoding
usersync
usersync.gumgum.com/ Frame 1863
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://usersync.gumgum.com/usersync?b=rth&i=b7gTcOouOLY3xsQPdykv&pi=gumgum&tc=1
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=b7gTcOouOLY3xsQPdykv&pi=gumgum&tc=1
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Fri, 21 Oct 2022 19:35:33 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Fri, 21 Oct 2022 19:35:33 GMT Fri, 21 Oct 2022 19:35:33 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=b7gTcOouOLY3xsQPdykv&pi=gumgum&tc=1
pragma
no-cache
usync.html
eus.rubiconproject.com/ Frame 7037
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
410 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.9.185.218 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-9-185-218.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Fri, 21 Oct 2022 19:35:32 GMT
etag
"402b2-119-5d32342a551c0"
last-modified
Tue, 14 Dec 2021 23:07:59 GMT
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Fri, 21 Oct 2022 19:35:32 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
cksync.php
contextual.media.net/ Frame 497B
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=medianet&khaos=L9IW6FUB-20-2PMU
  • https://contextual.media.net/cksync.php?type=rbcn&ovsid=L9IW6FUB-20-2PMU
45 B
452 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?type=rbcn&ovsid=L9IW6FUB-20-2PMU
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=medianet
Protocol
H2
Server
23.195.152.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Fri, 21 Oct 2022 19:35:32 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Fri, 21 Oct 2022 19:35:32 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://contextual.media.net/cksync.php?type=rbcn&ovsid=L9IW6FUB-20-2PMU
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
c80248407eff6cf595ce43a76c04e23f
Expires
0
sync
ads.servenobid.com/ Frame 2E7C
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=duration_media&khaos=L9IW6FUB-20-2PMU
  • https://ads.servenobid.com/sync?pid=323&uid=L9IW6FUB-20-2PMU
0
343 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=323&uid=L9IW6FUB-20-2PMU
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
H2
Server
54.73.238.20 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-73-238-20.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:35:34 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ads.servenobid.com/sync?pid=323&uid=L9IW6FUB-20-2PMU
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
84e0f527cd81a00b0210e20b4ee7ed94
Expires
0
usync.js
eus.rubiconproject.com/ Frame 7037 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.9.185.218 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-9-185-218.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
130b4d0812750a442bf7117e25dc3a72be8829b2af22c71707bf55885de688a8

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:35:32 GMT
content-encoding
gzip
last-modified
Mon, 17 Oct 2022 18:37:59 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=21101
content-length
9455
expires
Sat, 22 Oct 2022 01:27:13 GMT
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=2oeaj0&_p=7105&cid=577634872.1666380927&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1666380927&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-jun-xin-yi-pi-sheng-chang-qi-ban-fei-xing-xue-yuan-jie-ye-you-ge-xin-tu-po.html&dt=%E6%B5%B7%E8%BB%8D%E6%96%B0%E4%B8%80%E6%89%B9%E7%94%9F%E9%95%B7%E6%9C%9F%E7%8F%AD%E9%A3%9B%E8%A1%8C%E5%AD%B8%E5%93%A1%E7%B5%90%E6%A5%AD%EF%BC%8C%E6%9C%89%E5%80%8B%E6%96%B0%E7%AA%81%E7%A0%B4%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_failed&_et=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f113.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:35:32 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usersync
usersync.gumgum.com/ Frame 7037
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=L9IW6FUB-20-2PMU
  • https://usersync.gumgum.com/usersync?b=mag&i=L9IW6FUB-20-2PMU
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=mag&i=L9IW6FUB-20-2PMU
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 21 Oct 2022 19:35:33 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://usersync.gumgum.com/usersync?b=mag&i=L9IW6FUB-20-2PMU
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
030b4ddd4a4f3e9891a065664f20c4bb
Expires
0
2b2d52d0bfb14c81b3a63185f6a9b05f_cpn_120x600_1.gif
static.criteo.net/design/dt/39665/220428/ Frame 0E64 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/design/dt/39665/220428/2b2d52d0bfb14c81b3a63185f6a9b05f_cpn_120x600_1.gif
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-jun-xin-yi-pi-sheng-chang-qi-ban-fei-xing-xue-yuan-jie-ye-you-ge-xin-tu-po.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
69f12d85abfad64d722551b2a4d1abfb01e78a19a8c642a81010ba10850ed0e2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:35:33 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 14:51:49 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626aaa05-7332"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
29490
expires
Mon, 16 Oct 2023 19:35:33 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 082E 		0
0
PugMaster
image6.pubmatic.com/AdServer/ Frame 6C6C 		791 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=89462795&p=162412&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.196 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
c0f2cbfe44b9c490b26be7a8f7dfebb9dbf55b81160d78831a69aaa82a0db1b0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Fri, 21 Oct 2022 19:35:34 GMT
content-length
791
content-type
text/html; charset=UTF-8
PugMaster
image6.pubmatic.com/AdServer/ Frame 295F 		791 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=77649675&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.196 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
c0f2cbfe44b9c490b26be7a8f7dfebb9dbf55b81160d78831a69aaa82a0db1b0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Fri, 21 Oct 2022 19:35:34 GMT
content-length
791
content-type
text/html; charset=UTF-8
141
match.deepintent.com/usersync/ Frame 1EFC 		0
0
Pug
simage2.pubmatic.com/AdServer/ Frame A594
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:D2EB9873C83048939AA9FBD5914232D7
0
0
sync
ads.servenobid.com/ Frame A170 		0
0
info
uipglob.semasio.net/pubmatic/1/ Frame 6C6C 		0
0
qmap
sync.crwdcntrl.net/ Frame 6C6C 		49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=951AD2CF-7A6E-400E-A9F4-CFC29AD75D3C&gdpr=0&gdpr_consent=
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.139.5.162 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-139-5-162.ap-southeast-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:35:35 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.42.18.179
content-length
49
expires
0
generic
match.adsrvr.org/track/cmf/ Frame 6C6C
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=951AD2CF-7A6E-400E-A9F4-CFC29AD75D3C
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=e6dd36e3-0a67-4488-b839-23f315d550e5%252C&gdpr=0&gdpr_consent=
0
0
info
uipglob.semasio.net/pubmatic/1/ Frame 295F 		0
0
qmap
sync.crwdcntrl.net/ Frame 295F 		0
0
receive
pixel.tapad.com/idsync/ex/ Frame 295F 		0
0
141
match.deepintent.com/usersync/ Frame FB46 		0
0
pm_match
um.simpli.fi/ Frame 0369 		0
0
setuid
x.yieldlift.com/ Frame CD94 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cs.chocolateplatform.com
URL
https://cs.chocolateplatform.com/pub?pid=ebda&google_gid=CAESEAIf7c0dGTaHAbc_QPfg2fo&google_cver=1&google_push=AZmPxg8jYe8NJ6CEfjbzszDNLOpPF9q8FitvfafP0Ay2lc_4_PvhzPB-siymZlrS5z33_n5O6O9UiI4PEni6ejuiEN24Pk56WdXsW09DTd-tTeuK1hGyAtN3gnzUkmcLgg5W2poMHrAE1lzDsAWZa7fQUNg
Domain
prebid.a-mo.net
URL
https://prebid.a-mo.net/cchain/1/3375?gdpr=0&gdpr_consent=&us_privacy=1YN-&A=35547a94-3441-442f-9002-2b0d5ff75255&bidder=zeta&cbx=aHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%3D&uid=ua-b07ac557-c0e1-3731-a38b-3b3cfcfb4955
Domain
cs.chocolateplatform.com
URL
https://cs.chocolateplatform.com/sync/bidder?advid=2008&bcid=e8e30d2f-61ec-4802-a103-57a098722b8a
Domain
uipglob.semasio.net
URL
https://uipglob.semasio.net/id5/1/get?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F112%2F5%2F5.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D
Domain
simage4.pubmatic.com
URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=159463&gdpr=0&gdpr_consent=&us_privacy=
Domain
match.deepintent.com
URL
https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Domain
simage2.pubmatic.com
URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:D2EB9873C83048939AA9FBD5914232D7
Domain
ads.servenobid.com
URL
https://ads.servenobid.com/sync?pid=316&uid=951AD2CF-7A6E-400E-A9F4-CFC29AD75D3C
Domain
uipglob.semasio.net
URL
https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=951AD2CF-7A6E-400E-A9F4-CFC29AD75D3C&sInitiator=external&gdpr=0&gdpr_consent=
Domain
match.adsrvr.org
URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=e6dd36e3-0a67-4488-b839-23f315d550e5%252C&gdpr=0&gdpr_consent=
Domain
uipglob.semasio.net
URL
https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=951AD2CF-7A6E-400E-A9F4-CFC29AD75D3C&sInitiator=external&gdpr=0&gdpr_consent=
Domain
sync.crwdcntrl.net
URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=951AD2CF-7A6E-400E-A9F4-CFC29AD75D3C&gdpr=0&gdpr_consent=
Domain
pixel.tapad.com
URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=951AD2CF-7A6E-400E-A9F4-CFC29AD75D3C
Domain
match.deepintent.com
URL
https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Domain
um.simpli.fi
URL
https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID
Domain
x.yieldlift.com
URL
https://x.yieldlift.com/setuid?bidder=pubmatic&gdpr=0&gdpr_consent=&us_privacy=1YN-&uid=951AD2CF-7A6E-400E-A9F4-CFC29AD75D3C

Verdicts & Comments Add Verdict or Comment

102 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| adpushup object| ucfad_async object| adRecover object| AMP_CONFIG object| AMP_EXP object| AMP object| __AMP_LOG function| HTMLElementOrig object| __AMP_ERRORS object| __AMP_MODE function| __AMP_REPORT_ERROR object| __AMP_TOP object| __AMP_SERVICES object| __AMP_URL_CACHE object| __AMP__EXPERIMENT_TOGGLES boolean| __AMP_TAG object| __AMP_EXTENDED_ELEMENTS function| __AMP_BASE_CE_CLASS function| setImmediate function| clearImmediate object| ucf object| request string| paramsString undefined| $ undefined| jQuery function| jqAlias object| google_reactive_ads_global_state string| currentState object| googletag object| _apPbJs object| hbAnalytics object| adpTags number| ampAdSlotIdCounter object| ggeac object| google_tag_data object| google_js_reporting_queue object| google_ad_modifications number| google_global_correlator object| google_prev_clients object| ap_link_preview_states object| apLinkPreviewUtils object| apEuCountries object| _qevents object| _apPbJsChunk object| _pbjsGlobals object| mnet string| nobidVersion object| nobid object| Criteo undefined| google_measure_js_timing object| __AMP_EXPERIMENT_BRANCHES object| goog_identity_prom string| __AMP_DEFAULT_BOOTSTRAP_SUBDOMAIN number| ampAdGoogleIfiCounter function| quantserve function| __qc object| ezt object| _qoptions function| qtrack object| gaGlobal number| ampAdPageCorrelator object| listeningFors number| 3pla boolean| noPreviewPage object| dataLayer function| gtag object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| google_tag_manager function| onYouTubeIframeAPIReady number| lnt_z object| criteo_pubtag object| criteo_pubtag_prebid_117 object| Criteo_prebid_117

104 Cookies

Domain/Path Name / Value
.3lift.com/sync Name: sync
Value: CgoIoQEQ3Lys4L8wCgoIgQIQ3Lys4L8wCgoI4gEQ3Lys4L8wCgoI5gEQ3Lys4L8wCgoIhwIQ3Lys4L8wCgkICRDcvKzgvzAKCQg6ENy8rOC_MAoJCAsQ3Lys4L8wCgoIjAIQ3Lys4L8wCgkIXxDcvKzgvzA=
.aralego.com/ Name: sspid
Value: f25fc242-8f2c-310b-8a1c-1d73203dc9d5
www.bg3.co/ Name: __AP_SESSION__
Value: dd728a44-2167-4a0c-a527-ecd5d79b9d91
.aralego.com/ Name: euconsent-v2
Value:
.aralego.com/ Name: gdpr
Value: 1
.adpushup.com/ Name: ap_uid
Value: 8286bde0-5177-11ed-bacd-000d3aa248b3
.adpushup.com/ Name: ap_usid
Value: 8286bde1-5177-11ed-bacd-000d3aa248b3
www.bg3.co/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.bg3.co/ Name: _pubcid
Value: 90c86acd-b13a-43fb-a859-3ae20d2f390c
.bg3.co/ Name: __gpi
Value: UID=00000b6890e0b8df:T=1666380925:RT=1666380925:S=ALNI_MZKHonCvIprHGydGlOIg6pEVH02hA
.doubleclick.net/ Name: IDE
Value: AHWqTUnFZfRjLONwTroeV39uLi3AlU_CS9ocyXAz6m7NfxerQcsbvZv2FP-KBsFFgmU
.openx.net/ Name: i
Value: 90c86acd-b13a-43fb-a859-3ae20d2f390c|1666380925
.omnitagjs.com/ Name: ayl_visitor
Value: 29f8ef7af7007a763f502b59c2330335
.rubiconproject.com/ Name: khaos
Value: L9IW6FUB-20-2PMU
.prebid.a-mo.net/ Name: __amc
Value: 1_1666380926_1666380926
.a-mo.net/ Name: amuid2
Value: 35547a94-3441-442f-9002-2b0d5ff75255
.prebid.a-mo.net/ Name: sd_amuid2
Value: 35547a94-3441-442f-9002-2b0d5ff75255
.adnxs.com/ Name: icu
Value: ChgIm_VtEAoYASABKAEw_ujLmgY4AUABSAEQ_ujLmgYYAA..
.teads.tv/ Name: tt_viewer
Value: 1d22d196-c73b-4735-b0fb-7abfd6139020
.blismedia.com/ Name: b
Value: 6352F47E01D17914E0C1605BBLIS
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2InAnv3C<!]tbPl1M>e)ZlrFUfJ+tGXxo3>4c#z_'8hX:zljkE_kl=HnYkLc?3fgZj@<.3If)y3KL9D3I?+g!Bk8K
.adnxs.com/ Name: uuid2
Value: 7501827152657204586
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&4534b312-bd90-4482-87f0-bce562aaf00d"
.linkedin.com/ Name: lidc
Value: "b=OGST02:s=O:r=O:a=O:p=O:g=2777:u=1:x=1:i=1666380927:t=1666467327:v=2:sig=AQF5N9O8pWJE-ATxalepoyD9YX8kBH8j"
.casalemedia.com/ Name: CMID
Value: Y1L0firY8LwSZ3dE2ufZVAAA
.casalemedia.com/ Name: CMPS
Value: 4686
.casalemedia.com/ Name: CMPRO
Value: 4686
.yahoo.com/ Name: A3
Value: d=AQABBH_0UmMCEBlJmmWSnprKhexueboXPEMFEgEBAQFFVGNcYwAAAAAA_eMAAA&S=AQAAAoWVHJe41P1GGLGo312QjgE
.bidswitch.net/ Name: tuuid
Value: e8e30d2f-61ec-4802-a103-57a098722b8a
.bidswitch.net/ Name: c
Value: 1666380927
.bidswitch.net/ Name: tuuid_lu
Value: 1666380927
.dotomi.com/ Name: DotomiTest
Value: 26e8ebc23f1020af
.media.net/ Name: visitor-id
Value: 3093825276832204000V10
.media.net/ Name: data-g
Value: CAESEHaJwhN9HoK9davzUl4o34I~~3
.smartadserver.com/ Name: pid
Value: 4154198403221592019
.adkernel.com/ Name: ADK_EX_11
Value: 1
.adkernel.com/ Name: ADKUID
Value: A3571550053013243290
.bg3.co/ Name: __gads
Value: ID=08798c37c58cd3ec:T=1666380925:S=ALNI_MbP1zZgy0gzS9SHG1IfUso1OCPjZw
.uncn.jp/ Name: t
Value: v_22385cd2-842a-49fb-902a-e52fce79737b
.quantserve.com/ Name: mc
Value: 6352f47f-9ff04-905bf-c9b90
.bg3.co/ Name: __qca
Value: P0-1672687719-1666380927554
.bg3.co/ Name: _ga_Z0TZ7TDHS1
Value: GS1.1.1666380927.1.0.1666380927.0.0.0
.bg3.co/ Name: _ga
Value: GA1.1.577634872.1666380927
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 951AD2CF-7A6E-400E-A9F4-CFC29AD75D3C
.turn.com/ Name: uid
Value: 8843692322208152390
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~Y1L0fwAAAMvh4wAK
.mookie1.com/ Name: id
Value: 10524560487958652797
.mookie1.com/ Name: mdata
Value: 1|10524560487958652797|1666380928105
.mookie1.com/ Name: ov
Value: dcd8b0ae3e6eedc298e87de50426f725
.tapad.com/ Name: TapAd_TS
Value: 1666380928592
.tapad.com/ Name: TapAd_DID
Value: e6dd36e3-0a67-4488-b839-23f315d550e5
.adsrvr.org/ Name: TDID
Value: 18e01040-c1b4-4d65-84d0-2effa943fb60
.everesttech.net/ Name: ev_sync_enc
Value: MjAyMjEwMjE_Mzo6MzA
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.ctnsnet.com/ Name: gid_CAESEK2Lag5QxWmQO1bfdPdZPfw
Value: 1
.ctnsnet.com/ Name: cid_babaf9eaa4af433e8dceb3bca6b77cbf
Value: 1
.simpli.fi/ Name: suid
Value: D2EB9873C83048939AA9FBD5914232D7
.w55c.net/ Name: wfivefivec
Value: KllpDhQH1OLXNL5
.mathtag.com/ Name: uuid
Value: c2dc6352-f481-4700-a9d3-3ff400100b3b
.mathtag.com/ Name: mt_mop
Value: 4:1666380929
.mookie1.com/ Name: syncdata_TAP
Value: 1
.w55c.net/ Name: matchgoogle
Value: 5
.crwdcntrl.net/ Name: _cc_dc
Value: 2
.crwdcntrl.net/ Name: _cc_id
Value: 285dcc1824979db9268d7410cf2fbd9
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-904a0425-5253-4be3-4102-f4d59ca7cdf8.IoOqn3smjathkpxD%2B5F9ArTmeCFN681WqWxpoZJhcEk
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AkEoEJVJTS-NBAvTVnKfN-K310YI.Ph014JBekWhg2xKIjEZ9cbkp%2Bi2QpVcZV3r4WVdzmjM
.yandex.ru/ Name: yuidss
Value: 9283401801666380929
.yandex.ru/ Name: yandexuid
Value: 9283401801666380929
www.bg3.co/ Name: pbjs-unifiedid
Value: %7B%22TDID%22%3A%2218e01040-c1b4-4d65-84d0-2effa943fb60%22%2C%22TDID_LOOKUP%22%3A%22TRUE%22%2C%22TDID_CREATED_AT%22%3A%222022-09-21T19%3A35%3A30%22%7D
.agkn.com/ Name: ab
Value: 0001%3AJcXWArxbvpV1YXZ7B2j8I%2BwX2yQcV%2BW%2F
.zemanta.com/ Name: zuid
Value: rlRpjlEWpIGUQPTZSCP0
.openx.net/ Name: pd
Value: v2|1666380930|jElYiuvOiahI
.prebid.a-mo.net/ Name: _sv3_0
Value: 1
.mookie1.com/ Name: syncdata_NEU
Value: 1
.3lift.com/ Name: tluid
Value: 1103849637477511590286
.openx.net/ Name: univ_id
Value: 537072971|18e01040-c1b4-4d65-84d0-2effa943fb60|1666380930462634
.mookie1.com/ Name: syncdata_IOW
Value: 1
.prebid.a-mo.net/ Name: _sv3_9
Value: 1
.ladsp.com/ Name: cr
Value: 1
.prebid.a-mo.net/ Name: _sv3_3
Value: 1
.quantserve.com/ Name: d
Value: EG0BDQGxJ7jvsQA
.linkedin.com/ Name: li_sugr
Value: 1ef10a9a-6e67-40fa-99a6-adfd9b5b43cb
.socdm.com/ Name: SOSYNC
Value: anNvbjp7Im9wZW54IjoxNjY2MzgwOTMwfQ
.w55c.net/ Name: matchmedianet
Value: 5
.prebid.a-mo.net/ Name: _sv3_7
Value: 1
.bing.com/ Name: MUID
Value: 2853EDACFD2D61091B4FFFE8FC1F6088
.c.bing.com/ Name: MR
Value: 0
.ladsp.com/ Name: smn_uid
Value: 0K-v5ru7aPmlhLbHYi2fbQ8BtLBr5XU
.ladsp.com/ Name: lum
Value: CJLArOC_MBIFCAMQ0AU
.bg3.co/ Name: cto_bundle
Value: DVqlbF9oSDU1Q25lWkY1c3VuNiUyQmVkcnhUcjYzbyUyRnNyaVRReXZCMnJnek1Jajd3ZlRHeDJ6d1hOS3g4dWdHSmdUZVQ1RmFVVVJXTThoYWVxUm9YQmh2OW5BYkRxdzFGWlFGMlFRdk5IVlpiRWN1YzglM0Q
.bg3.co/ Name: cto_bidid
Value: UEjeFV96TmQ5MmIweWswc0h0clgwMjllb3RUR1VDUXpzOFd0SGp3eXA5MU0lMkZKcyUyRmptbm8xeVdZWFBSNkVtUE5MV1RvbHJ4OGVoQ1Y0RiUyQlVDRGFqbnhZUTUlMkJ3JTNEJTNE
.media.net/ Name: data-ttd
Value: 18e01040-c1b4-4d65-84d0-2effa943fb60~~1
.rubiconproject.com/ Name: audit
Value: 1|WD0cx+9RTMK5CXDSz7fsFbUyebV3a1stWXykCl1osLuDowxF2vtJeCtzQEqEF9Fp0EDmZOSFlB1gEJ9oO5p1EmA5m/0RLi7+t87ZpM6MNOg=
.analytics.yahoo.com/ Name: IDSYNC
Value: "18yx~27uj:196y~27uj:198o~27uj"
.media.net/ Name: data-xu
Value: KllpDhQH1OLXNL5~~8
.media.net/ Name: data-mm
Value: c2dc6352-f481-4700-a9d3-3ff400100b3b~~8
.adsrvr.org/ Name: TDCPM
Value: CAESFQoGZ29vZ2xlEgsIxLOOlK7pmTsQBRIVCgZjYXNhbGUSCwiA6qenrumZOxAFEhYKB3J1Ymljb24SCwjigMCsrumZOxAFGAEgAigCMgsI0t2l1cTpmTsQBTgBWgc4bTMzems0YAI.
.media.net/ Name: data-a
Value: 7501827152657204586~~8
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-a8b9b933-ce2c-46f4-ac41-fa365bd7ab5c-004%22%2C%22zdxidn%22%3A%222057.4%22%2C%22nxtrdr%22%3A%22https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3093825276832204000V10%26type%3Dr1%26refUrl%3D%26vid%3D63809309313093825276832204000V10%26ovsid%3D%5BRX_UUID%5D%22%7D
.prebid.a-mo.net/ Name: _sv3_10
Value: 1
.ads.pubmatic.com/ Name: KCCH
Value: YES
.media.net/ Name: data-o
Value: 8b483c0b-b3bd-46ec-91c0-8c64dbe7982d~~8
.casalemedia.com/ Name: CMTS
Value: 4960

6 Console Messages

Source Level URL
Text
network error URL: https://cdn.adpushup.com/42753/L2EvaGFpLWp1bi14aW4teWktcGktc2hlbmctY2hhbmctcWktYmFuLWZlaS14aW5nLXh1ZS15dWFuLWppZS15ZS15b3UtZ2UteGluLXR1LXBvLmh0bWw=.json
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://cs.chocolateplatform.com/pub?pid=ebda&google_gid=CAESEAIf7c0dGTaHAbc_QPfg2fo&google_cver=1&google_push=AZmPxg8jYe8NJ6CEfjbzszDNLOpPF9q8FitvfafP0Ay2lc_4_PvhzPB-siymZlrS5z33_n5O6O9UiI4PEni6ejuiEN24Pk56WdXsW09DTd-tTeuK1hGyAtN3gnzUkmcLgg5W2poMHrAE1lzDsAWZa7fQUNg
Message:
Failed to load resource: net::ERR_CONNECTION_CLOSED
other warning URL: https://4d6f72d0e14a2586548118fd7cc8457d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html(Line 11)
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
worker error URL: blob:https://www.bg3.co/22b1ab14-6cf6-4fbb-8c0b-f3955a6586b4
Message:
Mixed Content: The page at 'blob:https://www.bg3.co/22b1ab14-6cf6-4fbb-8c0b-f3955a6586b4' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'chrome-extension://eppiocemhmnlbhjplcgkofciiegomcon/content/safecheck-notification/notification-iframe/index.html'. This request has been blocked; the content must be served over HTTPS.
worker error URL: blob:https://www.bg3.co/22b1ab14-6cf6-4fbb-8c0b-f3955a6586b4
Message:
Mixed Content: The page at 'blob:https://www.bg3.co/22b1ab14-6cf6-4fbb-8c0b-f3955a6586b4' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'chrome-extension://cplklnmnlbnpmjogncfgfijoopmnlemp/skin/logo24.png'. This request has been blocked; the content must be served over HTTPS.
network error URL: https://cs.chocolateplatform.com/sync/bidder?advid=2008&bcid=e8e30d2f-61ec-4802-a103-57a098722b8a
Message:
Failed to load resource: net::ERR_CONNECTION_CLOSED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4ac4850c21c18d152dec82a4f4b546ba.safeframe.googlesyndication.com
4d6f72d0e14a2586548118fd7cc8457d.safeframe.googlesyndication.com
a.sportradarserving.com
a.teads.tv
a.tribalfusion.com
aa.agkn.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.360yield.com
ad.turn.com
adpushup-d.openx.net
ads.aralego.com
ads.as.criteo.com
ads.playground.xyz
ads.pubmatic.com
ads.servenobid.com
adservice.google.com
adservice.google.com.au
aeda70c3d9f8ebee0b4cc653358b610c.safeframe.googlesyndication.com
an.yandex.ru
ap.lijit.com
aplogger.adpushup.com
b1sync.zemanta.com
bh.contextweb.com
bidder.criteo.com
c.bing.com
c1.adform.net
cat.sg1.as.criteo.com
cdn.adnxs.com
cdn.adpushup.com
cdn.ampproject.org
cdn.aralego.net
cdn.indexww.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
ce.lijit.com
cm.adform.net
cm.adgrx.com
cm.ambientdsp.com
cm.g.doubleclick.net
cms.quantserve.com
code.jquery.com
contextual.media.net
core.iprom.net
cr-p3.ladsp.com
creativecdn.com
cs.chocolateplatform.com
cs.emxdgt.com
cs.media.net
csm.as.criteo.net
csync.loopme.me
d-535395998747397289.ampproject.net
dclk-match.dotomi.com
delivery.adrecover.com
dis.criteo.com
displayf-tm.everesttech.net
dmp.brand-display.com
dpm.demdex.net
dps.jp.cinarra.com
ds.uncn.jp
dsp.adkernel.com
dsp.nrich.ai
dsum-sec.casalemedia.com
dsum.casalemedia.com
e3.adpushup.com
eb2.3lift.com
eus.rubiconproject.com
event.clientgear.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
g2.gumgum.com
gocm.c.appier.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
grid.bidswitch.net
gum.criteo.com
hb-api.omnitagjs.com
htlb.casalemedia.com
ib.adnxs.com
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
ipac.ctnsnet.com
jp-u.openx.net
js-sec.indexww.com
lax1-ib.adnxs.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
match.taboola.com
odr.mookie1.com
onetag-sys.com
p.adsymptotic.com
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
pippio.com
pix.as.criteo.net
pixel-us-east.rubiconproject.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
playtime.tubemogul.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid-server.rubiconproject.com
prebid.a-mo.net
prebid.media.net
public.servenobid.com
pubmatic-match.dotomi.com
px.ads.linkedin.com
r.turn.com
rtb-csync.smartadserver.com
rtb.gumgum.com
rtb.jp2.as.criteo.com
rtb.mfadsrvr.com
rtd-tm.everesttech.net
rules.quantcount.com
s.acexedge.com
s.amazon-adsystem.com
s.tribalfusion.com
s0.2mdn.net
secure-assets.rubiconproject.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
ssbsync.smartadserver.com
ssp.disqus.com
ssum-sec.casalemedia.com
stags.bluekai.com
static.bg3.co
static.criteo.net
statsf-tm.everesttech.net
sync-dsp.ad-m.asia
sync-tm.everesttech.net
sync.1rx.io
sync.aralego.com
sync.crwdcntrl.net
sync.go.sonobi.com
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.technoratimedia.com
tags.rd.linksynergy.com
tg.socdm.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
tr.blismedia.com
trc.taboola.com
u.openx.net
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
usersync.gumgum.com
v9999.adv.admeme.net
www.bg3.co
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
x.yieldlift.com
ads.servenobid.com
cs.chocolateplatform.com
match.adsrvr.org
match.deepintent.com
pixel.tapad.com
prebid.a-mo.net
simage2.pubmatic.com
simage4.pubmatic.com
sync.crwdcntrl.net
uipglob.semasio.net
um.simpli.fi
x.yieldlift.com
103.229.10.211
103.229.205.242
103.231.98.195
103.231.98.196
103.254.153.160
103.3.63.48
104.16.85.20
104.17.25.14
104.18.100.194
104.18.13.76
104.18.19.126
104.18.24.173
104.211.156.162
104.254.148.251
104.254.151.120
104.26.4.103
107.178.244.193
107.178.254.65
117.18.232.64
124.146.215.44
13.107.21.200
13.107.42.14
13.115.138.242
13.224.250.18
13.227.254.129
13.227.254.36
13.230.2.255
13.251.241.69
13.76.45.37
138.197.50.103
139.5.84.243
142.250.4.132
142.250.4.155
142.250.4.95
142.251.10.154
142.251.10.94
142.251.10.97
145.40.89.200
151.101.1.108
151.101.129.44
151.101.2.49
169.197.150.7
172.217.194.132
172.217.194.94
172.253.118.155
172.253.118.94
172.67.72.16
174.137.133.49
175.41.189.179
18.138.18.111
18.139.5.162
18.142.141.82
18.177.254.176
18.182.122.24
182.161.73.129
182.161.73.132
182.161.73.135
182.161.73.136
182.161.73.142
182.161.73.145
182.161.73.146
182.161.73.148
182.161.74.19
185.184.8.90
185.84.60.21
193.122.128.135
195.5.165.20
198.8.71.131
202.131.200.84
209.191.163.208
209.191.163.210
209.58.188.181
213.180.193.90
23.106.127.165
23.195.152.23
23.195.153.54
23.36.252.26
23.44.0.183
23.44.0.196
23.73.13.201
23.9.185.218
3.0.26.188
3.1.14.27
3.33.220.150
34.102.253.54
34.107.148.139
34.111.151.213
34.236.45.231
34.237.81.207
34.96.105.8
34.98.67.3
35.156.131.180
35.186.193.173
35.190.60.146
35.213.117.18
35.213.12.39
35.213.93.179
35.214.174.31
35.227.202.26
35.230.38.116
35.244.159.8
35.71.178.8
35.79.63.55
37.157.6.253
38.133.127.127
42.99.140.144
42.99.140.161
47.252.78.131
50.116.239.135
51.68.39.188
51.79.234.101
52.193.151.12
52.222.158.43
52.46.143.56
52.74.162.2
52.74.172.143
52.77.151.123
54.148.107.193
54.164.39.11
54.203.144.13
54.225.103.119
54.238.120.71
54.239.38.253
54.249.121.116
54.73.238.20
64.202.112.159
67.199.150.86
69.16.175.42
69.173.151.100
69.173.158.64
69.173.158.65
72.34.250.75
74.118.186.44
74.125.200.148
74.125.24.113
74.125.24.132
74.125.24.154
74.125.24.99
74.214.196.131
84.17.37.44
89.207.22.73
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
06a55574709ebf1fbbb4e954c8e470d019f7e0609e8b8bd18dafedc3fe580c72
06da16002b06a44b36022933c8aa72978db6661c4491e40f81ab16ac9b9833d5
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
098980589061ef1f96ebd793b2f82779ca5ec4e46316aacee1392b761c60b8ba
0a935bcb26d17b1f20321b7c5e101597e8288c386b3e007778b5675a3fd032ef
0ab4d6d723781eb281e8a39a304e8f0c17d907c41c62c1bdfff487030f959deb
0aee38d39dbc2aa6064e12e59406ec0264f7a57a4fd630b4d3ccbb3611a87d10
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0d03d635346d3d5fe77d4422871021b2b91d56d87a1075764dd2b0f39e9f2491
0e9f8699ed460214761575f0c16079988bfc7cdbaff9dd35c2b6ba22b7b4cce8
0f6e1da8966aa681e8149a7e59ee5dff9eedee1a396342eddcfe8c524b62da9a
104ab4adfb4098c24c15cd9110b67074fe37ca7cb7407c352faa564fc384977e
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
130b4d0812750a442bf7117e25dc3a72be8829b2af22c71707bf55885de688a8
14cfb5058acaf3af2f07088f1582f29941d7a4cc74fd1cea5050cecad862d154
1565e86901dcdf16855f1391694c60dec54949ab61e7043e1672d73c96a9cac3
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
196eb4e1c32206100f0e8ad4ec1d25770d5dc9d91acd7b7972ec369440323aaf
1a12e03c6e7368771df0045c0d29660585881ec9e385b5cc885351c2a0bc3905
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced
1c479d0abecadc8d5fde30eeb515508b6148fa3d92dd617b427788d6c792b0a8
1decf50a161fc7830e2f819b3ddf4657f8e95b1a931bbb8758b245e5771136d2
1f848d12e0c73ffe76cce049dd372c19fd257214e8ec43be66bd27a4d335837f
229593a4d77f8a17a2225bd1570da351b1c11d37672e14c4ee9c90d1ed7d9fa6
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16
280f65f41d5c1f1c884ca450563c5830c78c3157ca8ae30083d52f653f672997
2813ee0e1c553ed4eaaa05596f3f264fc3d266a94cdf30762cce72725ad0eb8f
28bf646c6e799ca96adb3a5b48fe882639d31e27102cad9ed2979555da55944a
293fc15c33edf25fff2ef66e3b4d300e21de6a3ed7e6ed2441827fb34a3cf4d4
299f8f0dd3022468c0b5ae4d609d456d52b13360bd201e925062b277d60fb14a
2d52560a0b97222a18a95c89256d89765d3d821699eebc14213d531c2a93adb5
2e091a29c92172cbde55adc06d9109071c4d7a1b2aa5a9d283473e0353411d9d
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
31d90e88b42cb190992b056a8e6964bcdf46a93116a99e4c2511957fa3fff4dd
33052d6a85202e35a5a0ee4407cd5ad4f9f3e3b2c0b9d0b567b7cce960fd183c
35ca76222f5e9076fed131635b13cbf0ce78ee41f3a04555de45b25e876aba40
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570
3772c62c6a77a8e84e253b4fee14543a7d93e79ddbeb0327948349a70dc84e45
377a3b76c64a751f7487f248a658068f56cc9b77184476c8b0bfaefa5f14df33
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
37ea70000680c2a275bdfa33a020a40035e74272a905cdddf5a006de1767d27f
397f7dac2c15e7d7192987a1b3c1a97f86b6ec8cec850ad641b6979f99f1ad03
3b17e5d516f9bd51ed05461dcca0a156e97a77768ff453f678a493de698783ec
3d19af45008ce69c11e8c4b67948814233bc01c14b5d594dec0cd3462782c3e7
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
3ff03beeeb122d5f8398574a1a72263b6d2ab17e949298892816bfdf71758819
40cb368f045d5452437d16c14a82ceeec9b37204f16b657be49d086106ae4700
41621263c5ba403b5ea10a6aa3eccd253a9cdadc826e9c287639bc3b133bd744
432ef3d374bc323a6e057fa9b5395ba04b40ce35e6e73f5e2b19a8b73ea0c4d8
46768fcb3912822c3da6fd39a529caeb581c4a6ef88a5ffc0c93b45addd7c94a
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
474fd7065e109e9c3a71ef4bd08ade415a9dd4c4dbec005261f31991172e492c
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4969b4bf76345402a86ecab8fb5da6d49eb48e1d8100cab5c648581cfe9541e2
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4a8014be2573ce560209a78fe2804b55f842c366f3de407fb85a56ae70f737fd
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bf72653612ba267fd4bf6bdfdb65a274971a29811132ad52ec5c8f4b8a4e0ad
4c0ab4ae0248b6bf96bf3c23e7881771febea31be253ca161a311227fd7042ba
4c47304b8bcbf0e2ec4f8bb937754a34a02bd5554f83f74e500c5df47f0dc313
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f3534de2f48969db245f439bcd09b861ee17f91e6d471cf3169904f6661c889
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4f6f824ff25abb1b43611e3813fe33e3641f03fc1a57366737405a3d6dd92064
4f98288f80f8f6efa924dda183adac93bd524bbe2ad91c988b22991a4f7c813d
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5056e3a41bc800617739913c478c6e504b9b0fc3968525e6de98824437107a3a
51c8802968db2aaddba0f3aea68631d5e21f1c042c6c0af3fd1136d8e7e97ff4
5224b2f163ef3e27af255497131bc5c1a4c99713258e27e1547be661ef6f1148
54321d1899ee7921dfc4f3f4b89751295f9089a080007f009081478a3413b23a
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56df0a279f759f13bf5024aaf4547c82d47fad55498ba1473aece0f2c9587531
57ba9c79273602051bd0fa9f6dcd52a3f199dc59f134308efeeaad35424b8311
57f40920d21a4a0c901d673fc56fef62254d76acf14198da71950f8936481ab8
5875e955513dba34f16b8469e2472c9fecf4bf2d89e5f958646dd6e4e0cf4b7f
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
632df954115706e27c82972cf5f28a037b04a3621d4bbf47d84bdf33fefa2cb4
63b631be39760d0a5178be461ca16659a404971b9aafdabb70278476a3ac326c
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
66acb48e5d896c024b5ce7003d0375794e4a6603e8454e902ea448db160884d8
6781c3c73b1f11152e870bd1e218e2c09c6e8a7ff6e44a4b0593e8a01f6f2c59
69f12d85abfad64d722551b2a4d1abfb01e78a19a8c642a81010ba10850ed0e2
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088
6d922d9796792c6eaae90a015f4ff71ddefc3bf06f0acd9ceaae8c2dd5cdd56e
6df78d976052a9da6f359fa4cf3160afadc95c3488dbef812129f9ff9a762453
6e27b570cde961f5f085e18cb07156e5a5c7d74c3562ef8be547c6fcb7e5851b
71a038ff05ef25a0224ee93700fec3242f38c0d513666da789cb4785f1d933bd
71bddacf24ca4f5f48bdffcb3fb634a1bc8d0dc67cc1b3fa6e4674dfe1fc3901
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
72fd305802da3df496970d7aed342cd911ea0f1f85d733e48aa7dea1292f47d1
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658
74440a611a3743fc1029a006d02b5075af3e20a46d7a4e77ef7e05a38464d4d5
745345e0c052a7c122d4fb1bccfbb7763d62942f414a2e41f80e8c8eb01573ef
74d61144580d5aadf123c1e89fab1063ce5197a1a00af3798d3526a56f0b66e8
766a4ae1c2dde75b07dfc2636ad893d9b09866102de3b8c8b749236b5d63b8ff
77f9e3ad543c9ffc64193db32aeaba06b156f5c43e5713b89f5d62ef76e45696
7da7c152f53634c4ca8ccfef1ddba9724c8b4b630a63a114d12938c7af0ea7d9
80635e9ef2748ba71ab418355af60edb2f46b6a80ac7a93ba27b676fc00f86e2
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
848c2b11a39d6af4a9cb08e516faaa87f05227446e5af4e2a1b7634e929806d4
848fe19ed492948709b881f504ce2eb6274baa694606ca88eb9b2990a2460caf
8492f3fc13f89700f09e8a96308911979a6289be084af2c497ea54dbd7dd7f5f
84c62bd8c5a91a46ef0894bef6ac25d7fd977d22f28fd80e9df45e746f64d4e5
85af3052d288ffd9157258dfe4daf5309f0b64d0067ab8221cd0c62909c18419
8712317a2e61de51a70bc8a8554268a5cc3118f22ba81f875a6428cdb42c44a3
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8c62c94bdfb94071467f04fe908771c6a506339dc14d4b7746627b0a48308711
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
91e8bd3a37b3a0951444714dc07c68417ac878ebf22d8c7b0d10b1ce3fec1122
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5
968012b3a49390a10d31c6d36b2aab796ec167a83378b5f9787756ee7cb035c5
971ffed62cd33a6bbefdfbb85b9a68905b07a684adc033aa52d055d29e213fbe
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ace4f561335a8c8904c2b302d50e0d47e532f8ae01f30e705a03c6583d389f1
9e34975a0a58f4262f18fc35a4a9efb9f9b3962b87772f8fa5c006d5b7bc3f57
9e4129386a8f5495ea4feea76fd73a07f0bb79bdabe8249fb3478d88d9d0e412
9f83dfac786ddc2fc1caf524cc26f599bf41beb09f6ec104a8919a2f0b81ed67
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0aed5d6070276dcbf847b073b7d275ae9fce1b5759926b8486938019f13223a
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a1c356180c7fbdf0d9eb6f57137385cf961ff09bf84eeb409928253d0823e209
a22fc455e0d3e4665ac22b063ab3ca326c2ac4d9a1b251d0a9e7dafb7cc3e6d0
a281705044bd22ec622b7eca6581587c6fd9aa238deb788ac5cc3ebb6de436d3
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
a8993772c9eb591474f38d257bebc8c4286703e1af72d04c8c294be5fff7b649
aa11ea86c019f629c38f89edb2041c3938b3a9efe6de3e51703a7c22fce41058
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
af4b954cf45e99d5eccbea113dc2b66799cf8db96c3e8dfc33d145398743727b
afaabe4aa45aec789f7eea4145a2ca4af22065314b47a27383d0649451cfbf31
afffebb4ed94399b92676dae5e14a2ab78f32eecf05c101bede2883b45291d53
b10288ffd4a63305211a25cee922aec7cb52e3b27b1a8cda9d12dff818d75ccf
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2f747b38b406bc27665c2acea3562dc5dbf6b49c16dfe4052c7b7ee19f583c6
b39c934479cfe0991a6eea4f9a0597eebea9da311d8ca1aebffd48fef946b5b7
b54520b2ede95b730e62b7351cdc5bd9efee86940ec18fd6168a184be03fd43b
b6376c014d1a5f9dba7f40a72b3ac60ae4dcf49ac7318f2fc125faf564233b26
b92fc84da1b620da13bd9c59c923d0b9cc03748b1f19c295a26e65e9d5e6de0c
ba8af0d50d79678d5e9e6e68935c23511ff6ae811c880f6b0815855e696b023e
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bce9e081d218c2af98e81169cc19d412a8c7274f00c6c42ae1230bdb14f59394
bdfe0e6d1a1df677c36d88f7d6b16828eb3b5e288f940761617ce96b32b6f856
be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e
bee00dc9ac61a6eae0a5a1efd6af3ba501f5d4208e5e21e1bbc545db78c161fe
bef4f970876b5891897c17f9930c01c31e96099d6564de62503f53f953a07e70
c0c3b890c117f1c6daf08c5acb2460f8bc1de83f9dec7e869c9ecfa7de415436
c0f2cbfe44b9c490b26be7a8f7dfebb9dbf55b81160d78831a69aaa82a0db1b0
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c244523230d04076c228f37eeff99debfa3f8556900282113b39e7e6981462a5
c65b0337ee76472a1fbc1adf89bf03f91d33a27a05cf505c3aec6124b48323cd
ca1fb699a2983a06644e63512aad064b0b32c9cf4f286cb98b19153ec42c6cfb
ce1b5d2df4ec789b656829714d84c7d235b7694e1812492dd5faf99c17324b08
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d032f559abab05823fd5efcd2e485a8fe441f821083e574b1df54e0233edc4a6
d2ed3fd545568285345130ea7f5bb020dc63073584458309435e74476ffa462a
d54633573668b4703db3bdccede99c1076819aa2bb287773cf8ef5d2bebae418
d838285d6f9ed2cbbf06058d07fd3ebd422a01d614fcf10e50d816da3268a9f0
d8bfaf509aa8d228db427b982894e920c816a6ae9e0c4297c9d303b53c93905e
d94471246aef9f3fe04c1e4fc2e8377b6ddfdb0f8f13761444161d0d8f2e8fa2
dbd4823276e5ec482f818631f1af3b15fa4c6d600a3617097eb7bae9538669f6
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd077349a06d9c21c75ffc7b287de576f506a262b218d8a9926dc10145ccf4df
df10dd06d129115a2c661ed3b19d55cb62e21fcc23ada41b0dd1b98fc7cad9a9
df50e96c71b174d18e2c265d871f7f7a35f0adbb2892b5318a4e42535b33d044
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e6847141df7f757562d3f101846b5ae90afba1d62b9c9b72c90cc9b82f2de64c
e78cc98217eae227b1399697ff18c30d3a7a8f0bddabe2295c3e6799e053e612
e7aaa31aec9d6a9f88c0af5d361aff3e7828ace0fb0c55ab35922025e12700b1
e813a8d8d41c0dbdc33020ad6ef27d16afd2b590ceeb998e267409c8f666b829
ec02e823e01d1232cee2790c6af67c336c7d7381a961157538d42bc49bc35502
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6
ee542e058c48ee58ede04d1283ce09ecc457066bdc48d7a4260eac0e2e9502c5
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef7a57a302b36125eb5ba94568307ee15f9f69bad283cc56dbb847f3913b0929
f240ff3997fe588de46cdba36eec7155b129235fa80c878110393c51e38b4c04
f2dbee6e8cb9bff59607fadf14404bd7fca23c704c0677fc43b902e4e15de00f
f6d94121fc73ee7e556482349f1c1160d294a883410a5e062f8c38519d5ddf16
f77f47058428a1c21dad5a75ac13fbfdeb9858947218fee2112fded5972a0b5d
f9d374ef87ca2b8179870daa8739f8b060fc77446a4109ec87dc523bd8059ea4
fd0de5f7d41be3db0fd9ef61c34d19d7a180bd9a274e5e1495a071640c7bdcc0
fed06c1400cc3a474a7faf63e6c8d1777e69d96c2797ef3553a5fee2a0d22f30
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e