urlscan.io logo urlscan.io
SecurityTrails logo

www.bg3.co Open in urlscan Pro
84.17.37.44  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.bg3.co/a/qi-mei-yin-le-jie-ling-hun-de-yin-hen-gan-shou-lang-man-le-pai-de-feng-pei-qing-gan.html
Submission: On September 10 via manual from US — Scanned from AU
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 68 IPs in 8 countries across 80 domains to perform 395 HTTP transactions. The main IP is 84.17.37.44, located in Central, Hong Kong and belongs to CDN77 ^_^, GB. The main domain is www.bg3.co. The Cisco Umbrella rank of the primary domain is 420988.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G2 on May 20th 2022. Valid for: a year.
This is the only time www.bg3.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 84.17.37.44 60068 (CDN77 ^_^)
15 74.125.24.132 15169 (GOOGLE)
1 3 23.108.102.145 59253 (LEASEWEB-...)
4 104.26.5.103 13335 (CLOUDFLAR...)
2 42.99.140.144 4637 (ASN-TELST...)
5 42.99.140.161 4637 (ASN-TELST...)
18 104.26.3.91 13335 (CLOUDFLAR...)
53 142.251.12.155 15169 (GOOGLE)
2 69.16.175.42 20446 (STACKPATH...)
3 209.58.171.197 59253 (LEASEWEB-...)
11 74.125.68.156 15169 (GOOGLE)
9 74.125.24.156 15169 (GOOGLE)
1 172.253.118.94 15169 (GOOGLE)
6 13.76.45.37 8075 (MICROSOFT...)
2 142.251.10.97 15169 (GOOGLE)
2 142.251.12.101 15169 (GOOGLE)
14 51 172.217.194.156 15169 (GOOGLE)
2 142.251.12.157 15169 (GOOGLE)
4 142.251.10.154 15169 (GOOGLE)
3 52.84.251.114 16509 (AMAZON-02)
2 103.229.10.247 16509 (AMAZON-02)
1 104.16.88.20 13335 (CLOUDFLAR...)
1 182.161.73.145 55569 (CRITEO-AS...)
3 52.192.218.173 16509 (AMAZON-02)
1 69.173.158.65 26667 (RUBICONPR...)
1 148.251.44.111 24940 (HETZNER-AS)
1 3 104.83.197.63 16625 (AKAMAI-AS)
3 51.79.234.101 16276 (OVH)
1 5 104.18.19.126 13335 (CLOUDFLAR...)
1 8 34.98.64.218 15169 (GOOGLE)
3 145.40.88.5 54825 (PACKET)
1 52.76.108.50 16509 (AMAZON-02)
2 6 104.254.151.120 29990 (ASN-APPNEX)
1 34.107.148.139 15169 (GOOGLE)
4 52.48.53.23 16509 (AMAZON-02)
5 172.217.194.132 15169 (GOOGLE)
1 13.227.254.11 16509 (AMAZON-02)
2 104.211.156.162 8075 (MICROSOFT...)
1 13.227.254.109 16509 (AMAZON-02)
32 74.125.130.132 15169 (GOOGLE)
1 11 172.217.194.104 15169 (GOOGLE)
10 23.36.252.26 16625 (AKAMAI-AS)
1 42.99.128.161 4637 (ASN-TELST...)
8 104.83.196.24 16625 (AKAMAI-AS)
3 74.125.200.155 15169 (GOOGLE)
2 182.161.73.129 55569 (CRITEO-AS...)
3 5 104.18.18.126 13335 (CLOUDFLAR...)
2 74.125.24.148 15169 (GOOGLE)
4 74.125.24.155 15169 (GOOGLE)
1 1 169.45.107.147 36351 (SOFTLAYER)
1 1 35.186.193.173 15169 (GOOGLE)
2 2 202.241.208.56 4694 (IDCF IDC ...)
1 124.146.215.4 2514 (INFOSPHER...)
2 2 54.254.175.9 16509 (AMAZON-02)
1 2 23.106.127.53 59253 (LEASEWEB-...)
7 7 174.137.133.49 27257 (WEBAIR-IN...)
1 1 13.115.99.16 16509 (AMAZON-02)
1 202.233.84.1 131957 (MICROAD M...)
1 1 52.194.67.219 16509 (AMAZON-02)
2 2 89.207.22.76 399104 (CNVR-APAC)
2 2 18.139.80.135 ()
5 10 35.71.178.8 16509 (AMAZON-02)
2 2 202.131.200.84 17941 (BIT-ISLE ...)
5 6 3.33.220.150 16509 (AMAZON-02)
3 182.161.73.136 55569 (CRITEO-AS...)
2 7 23.15.148.136 16625 (AKAMAI-AS)
1 151.101.1.108 54113 (FASTLY)
1 23.72.44.239 ()
1 52.84.45.7 ()
1 2 69.173.158.64 ()
3 3 52.74.13.196 16509 (AMAZON-02)
1 1 50.116.239.135 ()
1 4 35.244.159.8 15169 (GOOGLE)
1 1 198.8.71.129 ()
2 23.72.44.196 ()
2 2 54.169.94.38 ()
1 182.161.73.146 ()
1 107.23.149.157 ()
2 2 13.107.42.14 ()
1 2 104.18.100.194 ()
1 35.213.12.39 15169 (GOOGLE)
1 204.79.197.200 8068 (MICROSOFT...)
395 68
1    84.17.37.44 (Central, Hong Kong)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-84-17-37-44.cdn77.com
www.bg3.co
15    74.125.24.132 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f132.1e100.net
cdn.ampproject.org
3    23.108.102.145 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
ads.aralego.com
4    104.26.5.103 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.aralego.net
2    42.99.140.144 (Japan)

ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK)
PTR: ip-42-99-140-144.pacnet.net
delivery.adrecover.com
5    42.99.140.161 (Japan)

ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK)
PTR: ip-42-99-140-161.pacnet.net
cdn.adpushup.com
18    104.26.3.91 (United States)

ASN13335 (CLOUDFLARENET, US)
static.bg3.co
53    142.251.12.155 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f155.1e100.net
pagead2.googlesyndication.com
2    69.16.175.42 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: tlb.hwcdn.net
code.jquery.com
3    209.58.171.197 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
sync.aralego.com
11    74.125.68.156 (United States)

ASN15169 (GOOGLE, US)
PTR: sc-in-f156.1e100.net
securepubads.g.doubleclick.net
9    74.125.24.156 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f156.1e100.net
adservice.google.com
1    172.253.118.94 (United States)

ASN15169 (GOOGLE, US)
PTR: sl-in-f94.1e100.net
d-643269229691911375.ampproject.net
6    13.76.45.37 (Singapore, Singapore)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
e3.adpushup.com
2    142.251.10.97 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f97.1e100.net
www.googletagmanager.com
2    142.251.12.101 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f101.1e100.net
www.google-analytics.com
51    172.217.194.156 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f156.1e100.net
googleads.g.doubleclick.net
adservice.google.com.au
cm.g.doubleclick.net
2    142.251.12.157 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f157.1e100.net
partner.googleadservices.com
4    142.251.10.154 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f154.1e100.net
adservice.google.com.au
3    52.84.251.114 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-84-251-114.sin5.r.cloudfront.net
adx.holmesmind.com
2    103.229.10.247 (Singapore)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
1    104.16.88.20 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    182.161.73.145 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
bidder.criteo.com
3    52.192.218.173 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-192-218-173.ap-northeast-1.compute.amazonaws.com
prebid-server.rubiconproject.com
1    69.173.158.65 (Ashburn, United States)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
1    148.251.44.111 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: sundoro
rtb.adxpremium.services
3    104.83.197.63 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a104-83-197-63.deploy.static.akamaitechnologies.com
a.teads.tv
sync.teads.tv
3    51.79.234.101 (Singapore, Singapore)

ASN16276 (OVH, FR)
PTR: ip101.ip-51-79-234.net
onetag-sys.com
5    104.18.19.126 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
ssum-sec.casalemedia.com
8    34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
adpushup-d.openx.net
us-u.openx.net
u.openx.net
jp-u.openx.net
3    145.40.88.5 (Secaucus, United States)

ASN54825 (PACKET, US)
prebid.a-mo.net
1    52.76.108.50 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-76-108-50.ap-southeast-1.compute.amazonaws.com
tlx.3lift.com
6    104.254.151.120 (Los Angeles, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 908.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
ib.adnxs.com
1    34.107.148.139 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 139.148.107.34.bc.googleusercontent.com
prebid.media.net
4    52.48.53.23 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-53-23.eu-west-1.compute.amazonaws.com
ads.servenobid.com
5    172.217.194.132 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f132.1e100.net
fa1d6bc797a36a4e9c0566e7463c46a1.safeframe.googlesyndication.com
2885cbeb76d22c3488fb9b4680f20941.safeframe.googlesyndication.com
a011a39eb7575a461d98b9823b03d532.safeframe.googlesyndication.com
1    13.227.254.11 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-254-11.sin52.r.cloudfront.net
rules.quantcount.com
2    104.211.156.162 (Mumbai, India)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
aplogger.adpushup.com
1    13.227.254.109 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-254-109.sin52.r.cloudfront.net
pxl.qccerttest.com
32    74.125.130.132 (United States)

ASN15169 (GOOGLE, US)
PTR: sb-in-f132.1e100.net
tpc.googlesyndication.com
11    172.217.194.104 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f104.1e100.net
www.google.com
10    23.36.252.26 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-36-252-26.deploy.static.akamaitechnologies.com
hblg.media.net
warp.media.net
lg3.media.net
cs.media.net
1    42.99.128.161 (Japan)

ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK)
PTR: ip-42-99-128-161.pacnet.net
qsearch-a.akamaihd.net
8    104.83.196.24 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a104-83-196-24.deploy.static.akamaitechnologies.com
contextual.media.net
3    74.125.200.155 (United States)

ASN15169 (GOOGLE, US)
PTR: sa-in-f155.1e100.net
www.googletagservices.com
2    182.161.73.129 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
static.criteo.net
5    104.18.18.126 (None, )

ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com
2    74.125.24.148 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f148.1e100.net
s0.2mdn.net
4    74.125.24.155 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f155.1e100.net
googleads4.g.doubleclick.net
1    169.45.107.147 (Baton Rouge, United States)

ASN36351 (SOFTLAYER, US)
PTR: 93.6b.2da9.ip4.static.sl-reverse.com
um.simpli.fi
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
ipac.ctnsnet.com
2    202.241.208.56 (Japan)

ASN4694 (IDCF IDC Frontier Inc., JP)
tg.socdm.com
1    124.146.215.4 (Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)
gdn.socdm.com
2    54.254.175.9 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-254-175-9.ap-southeast-1.compute.amazonaws.com
pr-bh.ybp.yahoo.com
2    23.106.127.53 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
ssbsync.smartadserver.com
7    174.137.133.49 (United States)

ASN27257 (WEBAIR-INTERNET, US)
rtb2-useast.e-volution.ai
dsp.adkernel.com
1    13.115.99.16 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-115-99-16.ap-northeast-1.compute.amazonaws.com
dynalyst-sync.adtdp.com
1    202.233.84.1 (Japan)

ASN131957 (MICROAD MicroAd, Inc., JP)
aid.send.microad.jp
1    52.194.67.219 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-194-67-219.ap-northeast-1.compute.amazonaws.com
ds.uncn.jp
2    89.207.22.76 (Singapore, Singapore)

ASN399104 (CNVR-APAC, US)
PTR: sin01-login-ds.dotomi.com
dclk-match.dotomi.com
2    18.139.80.135 (None, )

ASN- ()
sync.tidaltv.com
10    35.71.178.8 (United States)

ASN16509 (AMAZON-02, US)
PTR: ade9ecc7904667038.awsglobalaccelerator.com
eb2.3lift.com
2    202.131.200.84 (Japan)

ASN17941 (BIT-ISLE Equinix Japan Enterprise K.K., JP)
sync-dsp.ad-m.asia
6    3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
3    182.161.73.136 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
gum.criteo.com
7    23.15.148.136 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-15-148-136.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
secure-assets.rubiconproject.com
1    151.101.1.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
1    23.72.44.239 (None, )

ASN- ()
js-sec.indexww.com
1    52.84.45.7 (None, )

ASN- ()
public.servenobid.com
2    69.173.158.64 (None, )

ASN- ()
pixel.rubiconproject.com
3    52.74.13.196 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-74-13-196.ap-southeast-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    50.116.239.135 (None, )

ASN- ()
ad.turn.com
4    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
us-u.openx.net
1    198.8.71.129 (None, )

ASN- ()
p.rfihub.com
2    23.72.44.196 (None, )

ASN- ()
ads.pubmatic.com
2    54.169.94.38 (None, )

ASN- ()
pm.w55c.net
1    182.161.73.146 (None, )

ASN- ()
dis.criteo.com
1    107.23.149.157 (None, )

ASN- ()
cs.emxdgt.com
2    13.107.42.14 (None, )

ASN- ()
px.ads.linkedin.com
2    104.18.100.194 (None, )

ASN- ()
p.adsymptotic.com
1    35.213.12.39 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 39.12.213.35.bc.googleusercontent.com
x.bidswitch.net
1    204.79.197.200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
PTR: a-0001.a-msedge.net
c.bing.com
Apex Domain
Subdomains		 Transfer
90 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 129
fa1d6bc797a36a4e9c0566e7463c46a1.safeframe.googlesyndication.com
2885cbeb76d22c3488fb9b4680f20941.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 174
a011a39eb7575a461d98b9823b03d532.safeframe.googlesyndication.com
1 MB
62 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 226
googleads.g.doubleclick.net — Cisco Umbrella Rank: 73
cm.g.doubleclick.net — Cisco Umbrella Rank: 303
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 373
586 KB
20 google.com
adservice.google.com — Cisco Umbrella Rank: 142
www.google.com — Cisco Umbrella Rank: 19
6 KB
19 media.net
prebid.media.net — Cisco Umbrella Rank: 1802
hblg.media.net — Cisco Umbrella Rank: 2614
contextual.media.net — Cisco Umbrella Rank: 819
warp.media.net — Cisco Umbrella Rank: 3434
lg3.media.net — Cisco Umbrella Rank: 5204
cs.media.net — Cisco Umbrella Rank: 2305
177 KB
19 bg3.co
www.bg3.co — Cisco Umbrella Rank: 420988
static.bg3.co
177 KB
15 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 305
327 KB
13 rubiconproject.com
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 1415
fastlane.rubiconproject.com — Cisco Umbrella Rank: 694
eus.rubiconproject.com — Cisco Umbrella Rank: 840
pixel.rubiconproject.com
secure-assets.rubiconproject.com
token.rubiconproject.com Failed
25 KB
13 adpushup.com
cdn.adpushup.com — Cisco Umbrella Rank: 13061
e3.adpushup.com — Cisco Umbrella Rank: 15786
aplogger.adpushup.com — Cisco Umbrella Rank: 17196
216 KB
12 openx.net
adpushup-d.openx.net — Cisco Umbrella Rank: 17267
us-u.openx.net — Cisco Umbrella Rank: 708
u.openx.net — Cisco Umbrella Rank: 975
jp-u.openx.net — Cisco Umbrella Rank: 7547
10 KB
11 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 863
eb2.3lift.com — Cisco Umbrella Rank: 652
5 KB
10 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 755
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 904
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 709
9 KB
8 google.com.au
adservice.google.com.au — Cisco Umbrella Rank: 84043
2 KB
7 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 329
acdn.adnxs.com — Cisco Umbrella Rank: 876
secure.adnxs.com Failed
33 KB
6 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 486
3 KB
6 aralego.com
ads.aralego.com — Cisco Umbrella Rank: 25547
sync.aralego.com — Cisco Umbrella Rank: 4304
4 KB
5 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 772
ups.analytics.yahoo.com — Cisco Umbrella Rank: 419
3 KB
5 servenobid.com
ads.servenobid.com — Cisco Umbrella Rank: 2750
public.servenobid.com
6 KB
5 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 834
gum.criteo.com — Cisco Umbrella Rank: 458
dis.criteo.com
1 KB
4 e-volution.ai
rtb2-useast.e-volution.ai — Cisco Umbrella Rank: 9008
2 KB
4 aralego.net
cdn.aralego.net — Cisco Umbrella Rank: 9325
45 KB
3 adkernel.com
dsp.adkernel.com — Cisco Umbrella Rank: 10473
2 KB
3 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1511
gdn.socdm.com — Cisco Umbrella Rank: 113562
3 KB
3 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 234
132 KB
3 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1508
1 KB
3 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 1117
2 KB
3 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1392
sync.teads.tv — Cisco Umbrella Rank: 1510
1 KB
3 holmesmind.com
adx.holmesmind.com — Cisco Umbrella Rank: 318707
3 KB
2 adsymptotic.com
p.adsymptotic.com
478 B
2 linkedin.com
px.ads.linkedin.com
1 KB
2 w55c.net
pm.w55c.net
2 KB
2 pubmatic.com
ads.pubmatic.com
image8.pubmatic.com Failed
image6.pubmatic.com Failed
12 KB
2 ad-m.asia
sync-dsp.ad-m.asia — Cisco Umbrella Rank: 4433
970 B
2 tidaltv.com
sync.tidaltv.com
772 B
2 dotomi.com
dclk-match.dotomi.com — Cisco Umbrella Rank: 5005
884 B
2 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 1267
rtb-csync.smartadserver.com Failed
1 KB
2 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 350
227 KB
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 782
57 KB
2 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 1405
pixel.quantserve.com — Cisco Umbrella Rank: 691
11 KB
2 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 972
1008 B
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 94
502 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 141
74 KB
2 jquery.com
code.jquery.com — Cisco Umbrella Rank: 976
60 KB
2 adrecover.com
delivery.adrecover.com — Cisco Umbrella Rank: 14973
11 KB
1 bing.com
c.bing.com — Cisco Umbrella Rank: 408
668 B
1 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 420
235 B
1 emxdgt.com
cs.emxdgt.com
67 B
1 turn.com
ad.turn.com
441 B
1 indexww.com
js-sec.indexww.com
cdn.indexww.com Failed
2 KB
1 rfihub.com
a.rfihub.com Failed
p.rfihub.com
668 B
1 uncn.jp
ds.uncn.jp — Cisco Umbrella Rank: 18829
555 B
1 microad.jp
aid.send.microad.jp — Cisco Umbrella Rank: 6165
641 B
1 adtdp.com
dynalyst-sync.adtdp.com — Cisco Umbrella Rank: 114336
350 B
1 ctnsnet.com
ipac.ctnsnet.com — Cisco Umbrella Rank: 17693
646 B
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 1468
741 B
1 akamaihd.net
qsearch-a.akamaihd.net — Cisco Umbrella Rank: 2879
1 qccerttest.com
pxl.qccerttest.com — Cisco Umbrella Rank: 1351
550 B
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 1180
681 B
1 adxpremium.services
rtb.adxpremium.services — Cisco Umbrella Rank: 8732
396 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 493
2 KB
1 ampproject.net
d-643269229691911375.ampproject.net
0 zemanta.com Failed
b1sync.zemanta.com Failed
0 everesttech.net Failed
sync-tm.everesttech.net Failed
0 bidr.io Failed
match.prod.bidr.io Failed
0 loopme.me Failed
csync.loopme.me Failed
0 disqus.com Failed
ssp.disqus.com Failed
0 sonobi.com Failed
sync.go.sonobi.com Failed
0 lijit.com Failed
ce.lijit.com Failed
ap.lijit.com Failed
0 yieldlift.com Failed
x.yieldlift.com Failed
0 gumgum.com Failed
g2.gumgum.com Failed
0 amazon-adsystem.com Failed
s.amazon-adsystem.com Failed
aax-eu.amazon-adsystem.com Failed
0 mfadsrvr.com Failed
rtb.mfadsrvr.com Failed
0 bluekai.com Failed
stags.bluekai.com Failed
0 mathtag.com Failed
sync.mathtag.com Failed
0 unrulymedia.com Failed
sync.targeting.unrulymedia.com Failed
0 adform.net Failed
cm.adform.net Failed
0 tapad.com Failed
pixel.tapad.com Failed
0 id5-sync.com Failed
id5-sync.com Failed
0 audience73.com Failed
ad.audience73.com Failed
0 impdesk.com Failed
pix.impdesk.com Failed
0 omnitagjs.com Failed
hb-api.omnitagjs.com Failed
395 80
Domain Requested by
53 pagead2.googlesyndication.com cdn.ampproject.org
ads.aralego.com
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
adx.holmesmind.com
tpc.googlesyndication.com
www.bg3.co
a011a39eb7575a461d98b9823b03d532.safeframe.googlesyndication.com
googleads.g.doubleclick.net
www.googletagservices.com
33 cm.g.doubleclick.net 11 redirects googleads.g.doubleclick.net
a011a39eb7575a461d98b9823b03d532.safeframe.googlesyndication.com
www.bg3.co
u.openx.net
eb2.3lift.com
ssum-sec.casalemedia.com
32 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.bg3.co
googleads.g.doubleclick.net
a011a39eb7575a461d98b9823b03d532.safeframe.googlesyndication.com
pagead2.googlesyndication.com
18 static.bg3.co www.bg3.co
15 cdn.ampproject.org www.bg3.co
cdn.ampproject.org
securepubads.g.doubleclick.net
14 googleads.g.doubleclick.net 3 redirects cdn.ampproject.org
pagead2.googlesyndication.com
googleads.g.doubleclick.net
a011a39eb7575a461d98b9823b03d532.safeframe.googlesyndication.com
www.bg3.co
11 www.google.com 1 redirects tpc.googlesyndication.com
www.bg3.co
a011a39eb7575a461d98b9823b03d532.safeframe.googlesyndication.com
11 securepubads.g.doubleclick.net cdn.aralego.net
cdn.adpushup.com
securepubads.g.doubleclick.net
www.bg3.co
10 eb2.3lift.com 5 redirects cdn.adpushup.com
eb2.3lift.com
9 adservice.google.com cdn.ampproject.org
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
8 contextual.media.net googleads.g.doubleclick.net
contextual.media.net
cdn.adpushup.com
8 adservice.google.com.au pagead2.googlesyndication.com
securepubads.g.doubleclick.net
6 match.adsrvr.org 5 redirects cdn.adpushup.com
ssum-sec.casalemedia.com
6 us-u.openx.net 2 redirects googleads.g.doubleclick.net
u.openx.net
6 ib.adnxs.com 2 redirects cdn.adpushup.com
googleads.g.doubleclick.net
acdn.adnxs.com
6 e3.adpushup.com www.bg3.co
5 eus.rubiconproject.com cdn.adpushup.com
contextual.media.net
eus.rubiconproject.com
public.servenobid.com
5 dsum-sec.casalemedia.com 3 redirects googleads.g.doubleclick.net
ssum-sec.casalemedia.com
5 cdn.adpushup.com www.bg3.co
cdn.adpushup.com
4 rtb2-useast.e-volution.ai 4 redirects
4 googleads4.g.doubleclick.net googleads.g.doubleclick.net
4 ads.servenobid.com cdn.adpushup.com
public.servenobid.com
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
4 adpushup-d.openx.net cdn.adpushup.com
4 cdn.aralego.net www.bg3.co
ads.aralego.com
3 ups.analytics.yahoo.com 3 redirects ssum-sec.casalemedia.com
3 gum.criteo.com cdn.adpushup.com
contextual.media.net
3 cs.media.net contextual.media.net
3 lg3.media.net googleads.g.doubleclick.net
www.bg3.co
3 ssum-sec.casalemedia.com 1 redirects js-sec.indexww.com
public.servenobid.com
3 dsp.adkernel.com 3 redirects
3 www.googletagservices.com googleads.g.doubleclick.net
a011a39eb7575a461d98b9823b03d532.safeframe.googlesyndication.com
3 hblg.media.net googleads.g.doubleclick.net
3 a011a39eb7575a461d98b9823b03d532.safeframe.googlesyndication.com securepubads.g.doubleclick.net
3 prebid.a-mo.net cdn.adpushup.com
www.bg3.co
3 onetag-sys.com cdn.adpushup.com
public.servenobid.com
3 prebid-server.rubiconproject.com cdn.adpushup.com
3 adx.holmesmind.com pagead2.googlesyndication.com
3 sync.aralego.com ads.aralego.com
www.bg3.co
3 ads.aralego.com 1 redirects ads.aralego.com
2 p.adsymptotic.com 1 redirects eb2.3lift.com
2 px.ads.linkedin.com 2 redirects
2 pm.w55c.net 2 redirects
2 ads.pubmatic.com contextual.media.net
public.servenobid.com
2 secure-assets.rubiconproject.com 2 redirects
2 pixel.rubiconproject.com 1 redirects www.bg3.co
eus.rubiconproject.com
2 sync-dsp.ad-m.asia 2 redirects
2 sync.tidaltv.com 2 redirects
2 dclk-match.dotomi.com 2 redirects
2 ssbsync.smartadserver.com 1 redirects public.servenobid.com
2 pr-bh.ybp.yahoo.com 2 redirects ssum-sec.casalemedia.com
2 tg.socdm.com 2 redirects
2 s0.2mdn.net googleads.g.doubleclick.net
2 sync.teads.tv 1 redirects googleads.g.doubleclick.net
2 static.criteo.net cdn.adpushup.com
static.criteo.net
2 aplogger.adpushup.com cdn.adpushup.com
2 htlb.casalemedia.com cdn.adpushup.com
2 partner.googleadservices.com pagead2.googlesyndication.com
2 www.google-analytics.com www.bg3.co
www.googletagmanager.com
2 www.googletagmanager.com cdn.ampproject.org
cdn.adpushup.com
2 code.jquery.com cdn.adpushup.com
delivery.adrecover.com
2 delivery.adrecover.com www.bg3.co
1 c.bing.com eb2.3lift.com
1 x.bidswitch.net eb2.3lift.com
1 cs.emxdgt.com contextual.media.net
1 dis.criteo.com contextual.media.net
1 p.rfihub.com 1 redirects
1 jp-u.openx.net u.openx.net
1 ad.turn.com 1 redirects ssum-sec.casalemedia.com
1 public.servenobid.com cdn.adpushup.com
1 js-sec.indexww.com cdn.adpushup.com
1 acdn.adnxs.com cdn.adpushup.com
1 u.openx.net cdn.adpushup.com
1 ds.uncn.jp 1 redirects
1 aid.send.microad.jp a011a39eb7575a461d98b9823b03d532.safeframe.googlesyndication.com
1 dynalyst-sync.adtdp.com 1 redirects
1 gdn.socdm.com www.bg3.co
1 ipac.ctnsnet.com 1 redirects
1 um.simpli.fi 1 redirects ssum-sec.casalemedia.com
1 warp.media.net googleads.g.doubleclick.net
1 qsearch-a.akamaihd.net googleads.g.doubleclick.net
1 pixel.quantserve.com www.bg3.co
1 pxl.qccerttest.com www.bg3.co
1 2885cbeb76d22c3488fb9b4680f20941.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 rules.quantcount.com secure.quantserve.com
1 fa1d6bc797a36a4e9c0566e7463c46a1.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 prebid.media.net cdn.adpushup.com
1 tlx.3lift.com cdn.adpushup.com
1 a.teads.tv cdn.adpushup.com
1 rtb.adxpremium.services cdn.adpushup.com
1 fastlane.rubiconproject.com cdn.adpushup.com
1 bidder.criteo.com cdn.adpushup.com
1 cdn.jsdelivr.net cdn.adpushup.com
1 secure.quantserve.com cdn.adpushup.com
1 d-643269229691911375.ampproject.net cdn.ampproject.org
1 www.bg3.co
0 cdn.indexww.com Failed ssum-sec.casalemedia.com
0 b1sync.zemanta.com Failed ssum-sec.casalemedia.com
0 sync-tm.everesttech.net Failed ssum-sec.casalemedia.com
0 secure.adnxs.com Failed ssum-sec.casalemedia.com
0 match.prod.bidr.io Failed ssum-sec.casalemedia.com
0 csync.loopme.me Failed ssbsync.smartadserver.com
ssum-sec.casalemedia.com
0 rtb-csync.smartadserver.com Failed ssbsync.smartadserver.com
0 image6.pubmatic.com Failed ads.pubmatic.com
0 ssp.disqus.com Failed public.servenobid.com
0 image8.pubmatic.com Failed public.servenobid.com
0 sync.go.sonobi.com Failed public.servenobid.com
0 ap.lijit.com Failed public.servenobid.com
0 ce.lijit.com Failed public.servenobid.com
0 x.yieldlift.com Failed public.servenobid.com
0 g2.gumgum.com Failed public.servenobid.com
0 aax-eu.amazon-adsystem.com Failed www.bg3.co
0 token.rubiconproject.com Failed www.bg3.co
0 s.amazon-adsystem.com Failed eb2.3lift.com
ssum-sec.casalemedia.com
0 rtb.mfadsrvr.com Failed contextual.media.net
0 stags.bluekai.com Failed contextual.media.net
eb2.3lift.com
0 sync.mathtag.com Failed contextual.media.net
ssum-sec.casalemedia.com
0 sync.targeting.unrulymedia.com Failed contextual.media.net
public.servenobid.com
0 cm.adform.net Failed www.bg3.co
0 pixel.tapad.com Failed www.bg3.co
0 a.rfihub.com Failed www.bg3.co
0 id5-sync.com Failed www.bg3.co
ssbsync.smartadserver.com
0 ad.audience73.com Failed a011a39eb7575a461d98b9823b03d532.safeframe.googlesyndication.com
googleads.g.doubleclick.net
0 pix.impdesk.com Failed a011a39eb7575a461d98b9823b03d532.safeframe.googlesyndication.com
0 hb-api.omnitagjs.com Failed cdn.adpushup.com
395 124

This site contains no links.

Subject Issuer Validity Valid
*.bg3.co
AlphaSSL CA - SHA256 - G2		 2022-05-20 -
2023-06-21		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2022-08-22 -
2022-11-14		 3 months crt.sh
cdn.adpushup.com
R3		 2022-06-29 -
2022-09-27		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-04-16 -
2023-04-16		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-08-22 -
2022-11-14		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2022-08-03 -
2023-07-14		 a year crt.sh
*.aralego.com
Sectigo RSA Domain Validation Secure Server CA		 2021-10-21 -
2022-11-20		 a year crt.sh
*.google.com
GTS CA 1C3		 2022-08-22 -
2022-11-14		 3 months crt.sh
*.adpushup.com
Sectigo ECC Domain Validation Secure Server CA		 2022-08-02 -
2023-09-02		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-08-22 -
2022-11-14		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-08-22 -
2022-11-14		 3 months crt.sh
*.google.com.au
GTS CA 1C3		 2022-08-22 -
2022-11-14		 3 months crt.sh
*.holmesmind.com
Go Daddy Secure Certificate Authority - G2		 2022-05-19 -
2023-06-20		 a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-22 -
2022-09-21		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-08-27 -
2022-11-22		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
*.adxpremium.services
Sectigo RSA Domain Validation Secure Server CA		 2022-08-26 -
2023-08-05		 a year crt.sh
teads.tv
R3		 2022-08-17 -
2022-11-15		 3 months crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-10 -
2023-01-03		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.a-mo.net
R3		 2022-09-05 -
2022-12-04		 3 months crt.sh
*.3lift.com
Amazon		 2022-05-13 -
2023-06-11		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.media.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-06 -
2023-05-04		 a year crt.sh
ads.servenobid.com
Amazon		 2022-05-29 -
2023-06-27		 a year crt.sh
qccerttest.com
Amazon		 2022-04-04 -
2023-05-03		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-08-22 -
2022-11-14		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-08-22 -
2022-11-14		 3 months crt.sh
a248.e.akamai.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-28 -
2023-06-30		 a year crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-09-01 -
2022-11-30		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-08-22 -
2022-11-14		 3 months crt.sh
*.send.microad.jp
GlobalSign RSA OV SSL CA 2018		 2021-10-06 -
2022-11-07		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2022-03-11 -
2023-04-11		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-12-12 -
2022-12-13		 a year crt.sh
*.servenobid.com
Amazon		 2022-02-06 -
2023-03-07		 a year crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2022-02-04 -
2023-02-03		 a year crt.sh
*.emxdgt.com
Amazon		 2022-06-03 -
2023-07-02		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-05 -
2023-05-04		 a year crt.sh
www.bing.com
Microsoft RSA TLS CA 02		 2022-09-03 -
2023-03-03		 6 months crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-25 -
2023-01-25		 a year crt.sh

This page contains 60 frames:

Primary Page: https://www.bg3.co/a/qi-mei-yin-le-jie-ling-hun-de-yin-hen-gan-shou-lang-man-le-pai-de-feng-pei-qing-gan.html
Frame ID: DD4777B21899505F8F4C7FC16A5FBC79
Requests: 99 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: B85B5FD3728BB2EE5651203A902C8D22
Requests: 7 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: D98AF57F6B71C76B6D904C5139D539A3
Requests: 9 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: 7ADC9C9E235AC1E0CD78840B8F119A40
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 11B35E91748E35DD79B7DBD6594C66D1
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=1600x250&w=1600&h=250&ptt=12&adk=3786087787&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-6281013191052366428&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=2879757923&nhd=0&adx=0&ady=3109&oid=2&is_amp=5&amp_v=2208242209000&d_imp=1&c=372826003513&ga_cid=amp-UJEBkswYDI3W72Ea826CEg&ga_hid=3513&dt=1662798189700&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fqi-mei-yin-le-jie-ling-hun-de-yin-hen-gan-shou-lang-man-le-pai-de-feng-pei-qing-gan.html&bdt=2317&dtd=385&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Frame ID: 0A7BA9727DBCBE1D8D6709F3E06BE88C
Requests: 1 HTTP requests in this frame

Frame: https://adx.holmesmind.com/adx-file/20220802/wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
Frame ID: B3E4A43C84D47D94D9B6EB6ED2625A69
Requests: 7 HTTP requests in this frame

Frame: https://adx.holmesmind.com/adx-file/20220802/wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
Frame ID: 14F2BEF3DE1A6CE8FF241929B42F54AD
Requests: 8 HTTP requests in this frame

Frame: https://fa1d6bc797a36a4e9c0566e7463c46a1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 1F578CA1D46966626992DE2445E38BAD
Requests: 1 HTTP requests in this frame

Frame: https://2885cbeb76d22c3488fb9b4680f20941.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 5F253EDC88F2346B64C80ECD3905B434
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662798192126&bpp=11&bdt=234&idt=319&shv=r20220907&mjsv=m202209060101&ptt=5&saldr=sa&correlator=1094902774847&frm=8&ife=1&pv=2&ga_vid=245469315.1662798192&ga_sid=1662798192&ga_hid=1104964764&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31069437%2C44772916%2C44769661&oid=2&pvsid=2709184894833235&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.p4r2luhaezh3&fsb=1&dtd=335
Frame ID: C17479F8B6C42EBDF2EEA9539EBA959F
Requests: 16 HTTP requests in this frame

Frame: https://a011a39eb7575a461d98b9823b03d532.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 154CA8B0200757ED2C696E8D6FF88F88
Requests: 1 HTTP requests in this frame

Frame: https://adx.holmesmind.com/adx-file/20220802/Jpdrj6FTFudMF9gFh20p69WOhIfPkDWiDdiuTHfZ.html
Frame ID: C5A68BD3972AC0A7726228BE8E963B99
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: DD32E0DE326DE07FFADE000DF7C27508
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B0188FC273AB12A01F41C3940FFAC99E
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 6B3C7E603CF23405C0F75B2FDF9ED1D6
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 272F2474F9166F26C5CEBB2D960B29ED
Requests: 2 HTTP requests in this frame

Frame: https://a011a39eb7575a461d98b9823b03d532.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: FAAE2CFA8E84F9414E0014A9D6F0D139
Requests: 15 HTTP requests in this frame

Frame: https://a011a39eb7575a461d98b9823b03d532.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: ED5D78F878CDBE4A915A6803B24A14BF
Requests: 15 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012208121708000/amp4ads-v0.mjs
Frame ID: DB385EB6DCC7A51DEEC6F787BEFC146E
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMy_WBDO5ZbtAxiwx-_QATAB&v=APEucNW0NALDJEVOD6qGQ8amyjsl1HaEXQlr39GMm4HBGTulhwGTuQi8-iDy8v6bKF1JTD454m9xhe3MXMdvvW53KrKAax9oDA
Frame ID: A7A3BA35891FA3A498EBA17891186B31
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMy_WBDO5ZbtAxiuye_QATAB&v=APEucNVjzyZhNJIiyQmGVnDL8rg_cJh6OCJ33D8HOIbKxo53V6_O4ph7xesHLQXhYZDjA40I8FixkomldBD1XNlyuokFUznEcg
Frame ID: F337674879AB947FF9FDB3E6E46EC1B5
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220907/r20190131/zrt_lookup.html
Frame ID: 8F4C950247AFF9F071F19190B6B00D47
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 3959150983AF409A85BB039D041FE5FC
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 5189F9F07CDB0583B9009CA01E339F1C
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: E01A43807CB7A607C807C95D1F58A137
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: A27C58DD63CCE36EFB38EA2BED555A80
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4126554779393986&output=html&adk=1812271804&adf=2253520748&plat=1%3A520%2C2%3A520%2C8%3A512%2C9%3A520%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1049088%2C32%3A32&format=0x0&url=https%3A%2F%2Fadx.holmesmind.com%2F&ea=0&pra=5&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662798194081&bpp=3&bdt=418&idt=301&shv=r20220907&mjsv=m202209080101&ptt=9&saldr=aa&nras=1&correlator=1336011910620&frm=8&ife=1&pv=2&ga_vid=623293740.1662798194&ga_sid=1662798194&ga_hid=1300708309&ga_fc=0&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=713434785&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31069448&oid=2&pvsid=1759535697485998&tmod=1688359005&uas=0&nvt=1&top=https%3A%2F%2Fwww.bg3.co%2F&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=4&bc=31&ifi=1&uci=1.nj8ribgm1a6b&fsb=1&dtd=319
Frame ID: D306475132DAA3720E970BAA0049B236
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4126554779393986&output=html&h=280&slotname=4923695364&adk=3446667921&adf=552093736&pi=t.ma~as.4923695364&w=336&fwrn=16&psa=0&format=336x280&url=https%3A%2F%2Fadx.holmesmind.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662798194085&bpp=1&bdt=421&idt=324&shv=r20220907&mjsv=m202209080101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=1336011910620&frm=8&ife=1&pv=1&ga_vid=623293740.1662798194&ga_sid=1662798194&ga_hid=1300708309&ga_fc=0&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=713434785&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31069448&oid=2&pvsid=1759535697485998&tmod=1688359005&uas=0&nvt=1&top=https%3A%2F%2Fwww.bg3.co%2F&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.o6by91gtoczp&fsb=1&dtd=329
Frame ID: 09729D2E3E9F9AA271BE945738B80C29
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CU3SX34C&prvid=99%2C77%2C20000%2C2033%2C262%2C241%2C3018%2C246%2C4%2C313%2C359%2C10000%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Frame ID: 69BE4AE6C22BD0BB2B522568DD1D4EB3
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: D85B6BD557F7EC5AF09AAE3366235853
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 3BF2328E7EBE0571D7D60465633322CB
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: FCAD139D4C90594FBD61128394DDAA27
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: EE7AC2AE13E717557D2CF289B646A25C
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1C6677EDC789D29D2BA3BFE6AFCF6FF5
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: DB2EC67B908B4B0502E3107C7F995373
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 9F00D19D1369C78BD43E604B53E420E8
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 5204C9275C0F5DA4A662E4A67C2D627C
Requests: 10 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: DE7F99C0B2172FAC7FAA0CA0544BA88E
Requests: 7 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 7CA5B4F5AFE3475472A107546CB4400A
Requests: 3 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Frame ID: 5C08251AD98A228496C711ADAAC57445
Requests: 12 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 30BCA6852745E367283C771BFBFC3E4A
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1662798191280
Frame ID: 822511DDCD88AD3B8ADC671D3F28040C
Requests: 1 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: D2CCD3FEC26907B99B7DDBB28404A6A4
Requests: 13 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?&ld=1
Frame ID: B95F3BEFB2A1E8881C72E606B0F563BA
Requests: 11 HTTP requests in this frame

Frame: data://truncated
Frame ID: 4FD7617FAB2FB40E0E6E931CA10CE34D
Requests: 4 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=medianet
Frame ID: 018B02AA8E8653FB80964D200C7F61DD
Requests: 3 HTTP requests in this frame

Frame: https://contextual.media.net/cksync.html?cs=8&vsid=3057997956835795000V10&type=rkt&refUrl=&vid=27981958673057997956835795000V10&ovsid=1975180289631866553
Frame ID: 604CB9B22C5CF0EA95C984DA04A3AF5B
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3057997956835795000V10%26type%3Dpba%26refUrl%3D%26vid%3D27981958673057997956835795000V10%26ovsid%3DPM_UID
Frame ID: FE294FD948BB8F2C07B8D8DC2C492F61
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 5DEFF8760C00D84A235FC90F2F14F716
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 52EB4B5A19C8DAB6956836C1F272FAD6
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: F2A1E68C3B95CEA9CF3F84DFFBCACDF1
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 5E0FC4C549796F78808EC5DA70F3BDDF
Requests: 2 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: E25E94C6CFC59E41A5AD8D5459F39C6D
Requests: 10 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26uid%3D
Frame ID: 8D0CE5D552200141B9BFE9D26ECB3892
Requests: 1 HTTP requests in this frame

Frame: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Frame ID: F3FF84EF05714AC57A0C5C5A834FAB1E
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Frame ID: 9990D2BF6629F6B2412FC55A139FCF64
Requests: 1 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Frame ID: 698D5936B9921B29F07E63BE99503781
Requests: 6 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Frame ID: 89ED99C5061D485BF1300A925FB2BFDF
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Frame ID: 21DDFCB88A4B04ED22E900D986E5470A
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

奇美音樂節「靈魂的印痕」  感受浪漫樂派的豐沛情感 - 天天要聞

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/pagead/show_ads\.js
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

395
Requests

73 %
HTTPS

0 %
IPv6

80
Domains

124
Subdomains

68
IPs

8
Countries

3492 kB
Transfer

9183 kB
Size

67
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • https://ads.aralego.com/sdk HTTP 301
  • https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
Request Chain 71
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1662798190&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fqi-mei-yin-le-jie-ling-hun-de-yin-hen-gan-shou-lang-man-le-pai-de-feng-pei-qing-gan.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662798189972&bpp=14&bdt=1283&idt=479&shv=r20220907&mjsv=m202209060101&ptt=5&saldr=sa&correlator=1364924202001&frm=23&ife=1&pv=2&ga_vid=2018274500.1662798190&ga_sid=1662798190&ga_hid=757594523&ga_fc=0&ga_cid=amp-UJEBkswYDI3W72Ea826CEg&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=2290919004&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44767667%2C42531706%2C21066435&oid=2&pvsid=4230146200296490&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.fzjabr21jwhj&fsb=1&dtd=494 HTTP 302
  • https://adx.holmesmind.com/adx-file/20220802/wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
Request Chain 75
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1662798190&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fqi-mei-yin-le-jie-ling-hun-de-yin-hen-gan-shou-lang-man-le-pai-de-feng-pei-qing-gan.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662798190121&bpp=11&bdt=1414&idt=460&shv=r20220907&mjsv=m202209060101&ptt=5&saldr=sa&correlator=1364924202001&frm=23&ife=1&pv=1&ga_vid=2023976745.1662798191&ga_sid=1662798191&ga_hid=1136682174&ga_fc=0&ga_cid=amp-UJEBkswYDI3W72Ea826CEg&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2328&biw=1600&bih=1200&isw=336&ish=280&ifk=2008949795&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C21066435%2C31062931%2C31068919&oid=2&pvsid=2407276506492534&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.f4spx86n0g5w&btvi=1&fsb=1&dtd=475 HTTP 302
  • https://adx.holmesmind.com/adx-file/20220802/wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
Request Chain 130
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662798192154&bpp=10&bdt=255&idt=351&shv=r20220907&mjsv=m202209060101&ptt=5&saldr=sa&correlator=1336011910620&frm=8&ife=1&pv=2&ga_vid=1535961039.1662798193&ga_sid=1662798193&ga_hid=574537417&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C44767668%2C42531706&oid=2&pvsid=2270844468798228&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.5wc7xvv4avtk&fsb=1&dtd=364 HTTP 302
  • https://adx.holmesmind.com/adx-file/20220802/Jpdrj6FTFudMF9gFh20p69WOhIfPkDWiDdiuTHfZ.html
Request Chain 179
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 180
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEONdxVO51RQYt-e_4aOhwo4&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEONdxVO51RQYt-e_4aOhwo4&google_cver=1&C=1
Request Chain 181
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YxxJcleRX--WhDr2FRISFgAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEONdxVO51RQYt-e_4aOhwo4&google_cver=1
Request Chain 182
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEO4Fl3dxBiN1UaeGhwcLqac&google_cver=1
Request Chain 183
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODU3NjY1ODUxODE2MTcxNzIwMA%3D%3D
Request Chain 184
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEkKv0okHYYlLhNADXCmLXw&google_cver=1
Request Chain 185
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NTQ1MjFhOWYtNTdiMS0yNTk1LWVmOTQtY2E1MjI0MDk3ZGZm
Request Chain 186
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEFDaRfMdTOzbnDPF4CDDxKU&google_cver=1
Request Chain 187
  • https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=YmFlNDc5ZDAtODk2MS00ZTQ5LWFiYjctMTUyY2Q5NTlkMGY0
Request Chain 212
  • https://um.simpli.fi/gp_match?google_gid=CAESEHBL9TXb3XinmYkHoRlp2So&google_cver=1&google_push=AehlK4Dxk6Qf9BKA86NLII3EJeISmJo71a11_xDY8ozzBmJkhA0i_j90iQ7XhtjUBGIvSR7cyh0fu_VEGvBbVnB8E0vSg_NZgPCjxOKAvpr51ih9-eAQ2Mpu4_cV3h30CGtnoeEctmx2iss HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=A7FECE5223934D0E9780D1E84F40E738&google_push=AehlK4Dxk6Qf9BKA86NLII3EJeISmJo71a11_xDY8ozzBmJkhA0i_j90iQ7XhtjUBGIvSR7cyh0fu_VEGvBbVnB8E0vSg_NZgPCjxOKAvpr51ih9-eAQ2Mpu4_cV3h30CGtnoeEctmx2iss
Request Chain 213
  • https://ipac.ctnsnet.com/int/cm?exc=1&acc=crimtan_au&google_gid=CAESEP9Ad2gsO9v3ADF6KyHADIo&google_cver=1&google_push=AehlK4BSvZikavMBtOqULR5dNEGL8dvBHUCjXrrroyb8Fym486bQsuMSnZFlWDNEZuBWV8W5bUaxKIiSEJgA2g9qVVrHP9jKYzMBX0G0duc-F4GACaMBk-Bz626IqamFc7-uexBYafo8OuE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AehlK4BSvZikavMBtOqULR5dNEGL8dvBHUCjXrrroyb8Fym486bQsuMSnZFlWDNEZuBWV8W5bUaxKIiSEJgA2g9qVVrHP9jKYzMBX0G0duc-F4GACaMBk-Bz626IqamFc7-uexBYafo8OuE&google_hm=0LtNleLoSuWOHuRx0ITBVqU
Request Chain 214
  • https://tg.socdm.com/rtb/sync_before?proto=google&sspid=google&google_gid=CAESEMFSRoYfAA7tWUhtHbuwqxA&google_cver=1&google_push=AehlK4Cm6A4CdjBm7UUx-WvnEz8j55-pvEDAYtwpGUkCkld_2Swq3-993SkN2UAOEvp4dAfjz4ALTHJQIs02HP_5OX_V-WuaUJV_yhk0JZd_pQY5Ka8RA13lk4GMC7mgukM8v5Ry_VsFUAs HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=scout&google_cm&google_hm=WXh4SmM4Q281c0lBQUh6S0xOY0FBQUFB HTTP 302
  • https://gdn.socdm.com/rtb/sync?proto=google&sspid=google&google_gid=CAESEMFSRoYfAA7tWUhtHbuwqxA&google_cver=1
Request Chain 216
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEOQp3XfGS_BbAsmB6Iah--k&google_cver=1&google_push=AehlK4B3Z45kG6hUSKw27yCZ_AteLxMOE8wbA8q1W9GsPqxAtPZC7ZH8Vfgp_VyEtRd5zhhnp2qVQFg1jvlZacPjmd68AqJJ2XzMSvSR8RlT1ih9S3S8GPz2yacmu8kCBPfQPZoyN50uB0s HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AehlK4B3Z45kG6hUSKw27yCZ_AteLxMOE8wbA8q1W9GsPqxAtPZC7ZH8Vfgp_VyEtRd5zhhnp2qVQFg1jvlZacPjmd68AqJJ2XzMSvSR8RlT1ih9S3S8GPz2yacmu8kCBPfQPZoyN50uB0s&google_hm=ODgzNzY1MzM5ODk0MTc4ODQ0Nw%3D%3D
Request Chain 217
  • https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEMOky3x3xLb0Hy0ZmbgddK8&google_cver=1&google_push=AehlK4Dzuc9qpF_T4A519OmaMP6UdlLzVKmwFikUEuJEUBuU9bYY0cJ8AUe0IDbNDTfowoA89gidPKfz0yoNij-SMepSdVLVDUap-aI-15EcVYd_5d4FZae1YBYo2ucCI1FwmE-nP8wVcg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AehlK4Dzuc9qpF_T4A519OmaMP6UdlLzVKmwFikUEuJEUBuU9bYY0cJ8AUe0IDbNDTfowoA89gidPKfz0yoNij-SMepSdVLVDUap-aI-15EcVYd_5d4FZae1YBYo2ucCI1FwmE-nP8wVcg&google_hm=MzEzNjg5NjMzMjEyNjE4MTIzOA%3D%3D
Request Chain 218
  • https://rtb2-useast.e-volution.ai/sync?exchange=193&google_gid=CAESEK2PEAoroPoTXA3XaBEKx-k&google_cver=1&google_push=AehlK4C_MtxphO-s3Lhp9bjceAMhj6C7__jORqipq2_uhfW3pmTjL8y27db2GHa0u7YJwTlidBxeF1YEZmHE7pYfHxDnHpoYEsNoOTLRzp54J3cyI6nXXb_RD9E-ULrJ2nC2jHMRHK5pLSp5 HTTP 302
  • https://dsp.adkernel.com/adkuid?r=https%3A%2F%2Frtb2-useast.e-volution.ai%2Fsync%3Fexchange%3D193%26google_gid%3DCAESEK2PEAoroPoTXA3XaBEKx-k%26google_cver%3D1%26google_push%3DAehlK4C_MtxphO-s3Lhp9bjceAMhj6C7__jORqipq2_uhfW3pmTjL8y27db2GHa0u7YJwTlidBxeF1YEZmHE7pYfHxDnHpoYEsNoOTLRzp54J3cyI6nXXb_RD9E-ULrJ2nC2jHMRHK5pLSp5 HTTP 302
  • https://rtb2-useast.e-volution.ai/sync?adkuid=A6304337797325048124&exchange=193&google_gid=CAESEK2PEAoroPoTXA3XaBEKx-k&google_cver=1&google_push=AehlK4C_MtxphO-s3Lhp9bjceAMhj6C7__jORqipq2_uhfW3pmTjL8y27db2GHa0u7YJwTlidBxeF1YEZmHE7pYfHxDnHpoYEsNoOTLRzp54J3cyI6nXXb_RD9E-ULrJ2nC2jHMRHK5pLSp5 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTYzMDQzMzc3OTczMjUwNDgxMjQ&google_push=AehlK4C_MtxphO-s3Lhp9bjceAMhj6C7__jORqipq2_uhfW3pmTjL8y27db2GHa0u7YJwTlidBxeF1YEZmHE7pYfHxDnHpoYEsNoOTLRzp54J3cyI6nXXb_RD9E-ULrJ2nC2jHMRHK5pLSp5
Request Chain 221
  • https://dynalyst-sync.adtdp.com/pixel?pid=10&google_gid=CAESENROCngTfSkyYMkh9Llvj-0&google_cver=1&google_push=AehlK4Afl-Q2iLa63Z2UEnlIrc9u9_js9euGLhxgvf2x_MVBjXy6VDcOok6mciu4KujTzwkojuE8BL0qNb-MW8Rw5JefHojkyhB-Vu3qwyZjRCPJLQA11aK0VYrOseyEUcpPkorka2z6mpE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=cyberagent_dynalyst&google_push=AehlK4Afl-Q2iLa63Z2UEnlIrc9u9_js9euGLhxgvf2x_MVBjXy6VDcOok6mciu4KujTzwkojuE8BL0qNb-MW8Rw5JefHojkyhB-Vu3qwyZjRCPJLQA11aK0VYrOseyEUcpPkorka2z6mpE
Request Chain 224
  • https://dsp.adkernel.com/sync?exchange=11&google_gid=CAESEJ2ThhPhIhQFfo-iq-0m4_M&google_cver=1&google_push=AehlK4DUp34lcSFUp6IGa6oNwgYNs2VtuL27WtV8BWP1qoOEGyB2Bf3-fDD2nbAeGqPV4O8kXecAA3RiQX2o8MI54kdE0T7qs0bpZJfThpqqcckeefocw4wkpJa1edHzRiZ1JvuQXyoacAM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTg1MDI4NjczMzI1NTAxMDI0NzI&google_push=AehlK4DUp34lcSFUp6IGa6oNwgYNs2VtuL27WtV8BWP1qoOEGyB2Bf3-fDD2nbAeGqPV4O8kXecAA3RiQX2o8MI54kdE0T7qs0bpZJfThpqqcckeefocw4wkpJa1edHzRiZ1JvuQXyoacAM
Request Chain 225
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEKYrUww3LBRk975-rRDrbf8&google_cver=1&google_push=AehlK4BZIf-lXe8715xcgMRzYicmczTyeoGnXcqy36O_GEWeRTWK9gSPJDsmI2TJXhG2Skyf-zUz0gTv619xwZITaprgSDkgrdXIv9R1jCgX7oD09Fu7vVZXaTUThkuC1TrC0P-B63b-FJM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEKYrUww3LBRk975-rRDrbf8&google_hm=YxxJcsMym3xtfAffeJ0RQwAAEpAAAAAB&google_nid=index&google_push=AehlK4BZIf-lXe8715xcgMRzYicmczTyeoGnXcqy36O_GEWeRTWK9gSPJDsmI2TJXhG2Skyf-zUz0gTv619xwZITaprgSDkgrdXIv9R1jCgX7oD09Fu7vVZXaTUThkuC1TrC0P-B63b-FJM
Request Chain 226
  • https://ds.uncn.jp/doubleclick/0/sync_push?google_gid=CAESELVHAvzbmgqxZ4GkwXGLaN4&google_cver=1&google_push=AehlK4AjIBecmTfjCwAT_Cu6nfiQTX5bjCQXtTpuJUvtSTN0GbiHSLQXUmCk87KHyXwk79SAKcPnHRAfdsl1EAslA48JZf9TSymDvjzKeYN7Ra4n9M68dnAkjLZeT4va1a6thGzQ_rS9KtI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=unicorn&google_push=AehlK4AjIBecmTfjCwAT_Cu6nfiQTX5bjCQXtTpuJUvtSTN0GbiHSLQXUmCk87KHyXwk79SAKcPnHRAfdsl1EAslA48JZf9TSymDvjzKeYN7Ra4n9M68dnAkjLZeT4va1a6thGzQ_rS9KtI&google_hm=Acmgb1h8n0iJhdiJAx4sVpE
Request Chain 227
  • https://sync.inmobi.com/gob?google_gid=CAESEKGBpyjjKJQnZIKE0w3e2Ho&google_cver=1&google_push=AehlK4AdkgdsPef6NgA1wTLw6jKMZkqyEI2MiQSY3BMpU0EUfNck-kZ1dc8CgLmtJUtVLYPWm7V0Ep8QuqT1VxqluYUSlffymElPLHhihrtuOiYLTcJGm_aAb2_e7V3MpaMuTWzO3RCwRW31 HTTP 302
  • https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAehlK4AdkgdsPef6NgA1wTLw6jKMZkqyEI2MiQSY3BMpU0EUfNck-kZ1dc8CgLmtJUtVLYPWm7V0Ep8QuqT1VxqluYUSlffymElPLHhihrtuOiYLTcJGm_aAb2_e7V3MpaMuTWzO3RCwRW31&gdpr_consent=&gdpr= HTTP 302
  • https://id5-sync.com/c/495/0/0/1.gif?gdpr=0&gdpr_consent=&us_privacy=
Request Chain 246
  • https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESENETH25h2DhkZi63D6jfZi4&google_cver=1&google_push=AehlK4CogT3W81XVaefbcQBuhkeAsOixhyojvY-3G6H354JLJby5EWwVJ7-00egktfWlJnEzvcMSSw7iozp7fF89BAPGXwTpwplz HTTP 302
  • https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=14bf5e0e91c8200e&is_secure=true&networkId=14000&version=1&google_gid=CAESENETH25h2DhkZi63D6jfZi4&google_cver=1&google_push=AehlK4CogT3W81XVaefbcQBuhkeAsOixhyojvY-3G6H354JLJby5EWwVJ7-00egktfWlJnEzvcMSSw7iozp7fF89BAPGXwTpwplz HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAJr3ZvqwTUdgMwxNv8AAAAAAA&expiration=1662884596&google_cver=1&is_secure=true&google_gid=CAESENETH25h2DhkZi63D6jfZi4&google_push=AehlK4CogT3W81XVaefbcQBuhkeAsOixhyojvY-3G6H354JLJby5EWwVJ7-00egktfWlJnEzvcMSSw7iozp7fF89BAPGXwTpwplz
Request Chain 247
  • https://p.rfihub.com/cm?in=1&pub=445&google_gid=CAESEBN2VNwGTJWaEArLKStXZCo&google_cver=1&google_push=AehlK4ArzHKG9na78lOER8FURx7LPjZYFJfe4DJQ1sQK5iEzEbFczgEN_kDXqvGPTuuIchBWye0ZICZI-vaM_6pftIdRe8QE1J8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AehlK4ArzHKG9na78lOER8FURx7LPjZYFJfe4DJQ1sQK5iEzEbFczgEN_kDXqvGPTuuIchBWye0ZICZI-vaM_6pftIdRe8QE1J8&google_hm=MTk4NTEzMzU4NjYzMzYwOTU4MA== HTTP 302
  • https://a.rfihub.com/cm?pub=445&google_error=5
Request Chain 248
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=glrdr&google_gid=CAESEMviwuqi3O1PF8mW70fFsRI&google_cver=1&google_push=AehlK4CnLrwl5z_L6DiX9PYplBViFhJRQjcbYPLvdanFKmvSE-84xufzUh_QZg1hoJ_rrUKx3pVUAXl1bQ4lnEqolgloSQg3krDT HTTP 302
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=glrdr&google_gid=CAESEMviwuqi3O1PF8mW70fFsRI&google_cver=1&google_push=AehlK4CnLrwl5z_L6DiX9PYplBViFhJRQjcbYPLvdanFKmvSE-84xufzUh_QZg1hoJ_rrUKx3pVUAXl1bQ4lnEqolgloSQg3krDT&s_h=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=lucid1&google_push&google_hm=24edYhF9RCe77VoeK5U6Dg
Request Chain 250
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEJVtGUqlYN3Ga8DScwhYrVY&google_cver=1&google_push=AehlK4AQdD1h52LSS8Zzd-V_0mh8W6nYN2dB-EvtQkAFM9VYH2ieTEZ_9Sykl0JpPKblAqdjrnZjIHtgygsUi0h0XBZ1a4qM5oDm HTTP 302
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=0&gdpr_consent=&us_privacy=&sync=1&google_push=AehlK4AQdD1h52LSS8Zzd-V_0mh8W6nYN2dB-EvtQkAFM9VYH2ieTEZ_9Sykl0JpPKblAqdjrnZjIHtgygsUi0h0XBZ1a4qM5oDm&google_gid=CAESEJVtGUqlYN3Ga8DScwhYrVY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzE3MTIzNTQ0MDc2Nzc2MjY5NzUzNw%3D%3D&google_push=AehlK4AQdD1h52LSS8Zzd-V_0mh8W6nYN2dB-EvtQkAFM9VYH2ieTEZ_9Sykl0JpPKblAqdjrnZjIHtgygsUi0h0XBZ1a4qM5oDm
Request Chain 251
  • https://rtb2-useast.e-volution.ai/sync?exchange=193&google_gid=CAESEK2PEAoroPoTXA3XaBEKx-k&google_cver=1&google_push=AehlK4C7RIF3qRZJ2eWgR7VOcQOGji91ekLwji0PpdtcZGipKmKUE8TCvffXguuP4SfaW3h9aiEipPpy1iUNXnD6OGTIU4VSbvaJ9Q HTTP 302
  • https://dsp.adkernel.com/adkuid?r=https%3A%2F%2Frtb2-useast.e-volution.ai%2Fsync%3Fexchange%3D193%26google_gid%3DCAESEK2PEAoroPoTXA3XaBEKx-k%26google_cver%3D1%26google_push%3DAehlK4C7RIF3qRZJ2eWgR7VOcQOGji91ekLwji0PpdtcZGipKmKUE8TCvffXguuP4SfaW3h9aiEipPpy1iUNXnD6OGTIU4VSbvaJ9Q HTTP 302
  • https://rtb2-useast.e-volution.ai/sync?adkuid=A8502867332550102472&exchange=193&google_gid=CAESEK2PEAoroPoTXA3XaBEKx-k&google_cver=1&google_push=AehlK4C7RIF3qRZJ2eWgR7VOcQOGji91ekLwji0PpdtcZGipKmKUE8TCvffXguuP4SfaW3h9aiEipPpy1iUNXnD6OGTIU4VSbvaJ9Q HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTg1MDI4NjczMzI1NTAxMDI0NzI&google_push=AehlK4C7RIF3qRZJ2eWgR7VOcQOGji91ekLwji0PpdtcZGipKmKUE8TCvffXguuP4SfaW3h9aiEipPpy1iUNXnD6OGTIU4VSbvaJ9Q
Request Chain 252
  • https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=google&pixel_match=y&google_gid=CAESEJC7LKCS-VKg-y73wGiIM0Y&google_cver=1&google_push=AehlK4D2xpmt7Wgewuiv6tRbhKsxXCGIS2JkE-CoR1qcdg8rLm-9pUva376220nJA_0RL86Q1qwzPUZ8gNNTVtlTi8_kDK7srCb-LA HTTP 302
  • https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=google&pixel_match=y&google_gid=CAESEJC7LKCS-VKg-y73wGiIM0Y&google_cver=1&google_push=AehlK4D2xpmt7Wgewuiv6tRbhKsxXCGIS2JkE-CoR1qcdg8rLm-9pUva376220nJA_0RL86Q1qwzPUZ8gNNTVtlTi8_kDK7srCb-LA&uid-set=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=admatrix_dsp&google_push=AehlK4D2xpmt7Wgewuiv6tRbhKsxXCGIS2JkE-CoR1qcdg8rLm-9pUva376220nJA_0RL86Q1qwzPUZ8gNNTVtlTi8_kDK7srCb-LA&google_hm=MTk1OEc1aXhBZ2k=&suid-set=1
Request Chain 261
  • https://cm.g.doubleclick.net/pixel?cs=6&google_nid=media&google_cm=1&google_hm=MzA1Nzk5Nzk0NjgzNTc4NzAwMFYxMA%3D%3D&google_sc=1 HTTP 302
  • https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEEwdar_oTK9jRxi2537-j5s&google_cver=1
Request Chain 262
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=9e4e4e56-cdb2-438a-ae55-90584569c230
Request Chain 280
  • https://eb2.3lift.com/sync HTTP 302
  • https://eb2.3lift.com/sync?&ld=1
Request Chain 281
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://prebid.a-mo.net/setuid/magnite?uid=L7VN3ZUG-R-94Q5&gdpr=0&us_privacy=1---
Request Chain 282
  • https://x.bidswitch.net/sync?ssp=adaptmx&user_id=4b2dc87e-5abd-4bba-9846-3ffedc788cbf&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=adaptmx&user_id=4b2dc87e-5abd-4bba-9846-3ffedc788cbf&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=09a44ca7-f1fb-44bf-bb48-0934f7c5e1fc&ssp=adaptmx&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10525404912588158618&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.visitorid%3D%24%7BTA_DEVICE_ID%7D%26ssp%3Dadaptmx%26gdpr_consent%3D%26gdpr%3D0
Request Chain 283
  • https://prebid.a-mo.net/cchain?cb=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Damx%26uid%3D4b2dc87e-5abd-4bba-9846-3ffedc788cbf&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://ssum.casalemedia.com/usermatchredir?s=191503&gdpr=1&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F317%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26A%3D4b2dc87e-5abd-4bba-9846-3ffedc788cbf%26bidder%3Dindex_rtb%26cbx%3DaHR0cHM6Ly9pYi5hZG54cy5jb20vcHJlYmlkL3NldHVpZD9iaWRkZXI9YW14JnVpZD00YjJkYzg3ZS01YWJkLTRiYmEtOTg0Ni0zZmZlZGM3ODhjYmY%253D%26uid%3D HTTP 302
  • https://prebid.a-mo.net/cchain/0/317?gdpr=0&gdpr_consent=&us_privacy=1---&A=4b2dc87e-5abd-4bba-9846-3ffedc788cbf&bidder=index_rtb&cbx=aHR0cHM6Ly9pYi5hZG54cy5jb20vcHJlYmlkL3NldHVpZD9iaWRkZXI9YW14JnVpZD00YjJkYzg3ZS01YWJkLTRiYmEtOTg0Ni0zZmZlZGM3ODhjYmY%3D&uid=YxxJcleRX--WhDr2FRISFgAA%265315 HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F2%2F317%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26A%3D4b2dc87e-5abd-4bba-9846-3ffedc788cbf%26bidder%3Dappnexus%26cbx%3DaHR0cHM6Ly9pYi5hZG54cy5jb20vcHJlYmlkL3NldHVpZD9iaWRkZXI9YW14JnVpZD00YjJkYzg3ZS01YWJkLTRiYmEtOTg0Ni0zZmZlZGM3ODhjYmY%253D%26uid%3D%24UID HTTP 302
  • https://prebid.a-mo.net/cchain/2/317?gdpr=0&gdpr_consent=&us_privacy=1---&A=4b2dc87e-5abd-4bba-9846-3ffedc788cbf&bidder=appnexus&cbx=aHR0cHM6Ly9pYi5hZG54cy5jb20vcHJlYmlkL3NldHVpZD9iaWRkZXI9YW14JnVpZD00YjJkYzg3ZS01YWJkLTRiYmEtOTg0Ni0zZmZlZGM3ODhjYmY%3D&uid=8576658518161717200 HTTP 302
  • https://cm.adform.net/cookie?gdpr=1&gdpr_consent=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F3%2F317%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26A%3D4b2dc87e-5abd-4bba-9846-3ffedc788cbf%26bidder%3Dadform%26cbx%3DaHR0cHM6Ly9pYi5hZG54cy5jb20vcHJlYmlkL3NldHVpZD9iaWRkZXI9YW14JnVpZD00YjJkYzg3ZS01YWJkLTRiYmEtOTg0Ni0zZmZlZGM3ODhjYmY%253D%26uid%3D%24UID
Request Chain 284
  • https://ups.analytics.yahoo.com/ups/58570/occ?gdpr=0&gdpr_consent=&uid=4b2dc87e-5abd-4bba-9846-3ffedc788cbf HTTP 302
  • https://prebid.a-mo.net/setuid/yahoo?uid=y-iLV8alRE2uF3vvqCbv6HztQALkSxLibF1WTmNIc-~A&gdpr=0&gdpr_consent=
Request Chain 290
  • https://ad.turn.com/r/cs?pid=9&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=7477050108822088008&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 291
  • https://match.adsrvr.org/track/cmf/openx?oxid=783dc955-9ec6-7b31-fa74-90ebeeebb39f&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=9e4e4e56-cdb2-438a-ae55-90584569c230&ttd_puid=783dc955-9ec6-7b31-fa74-90ebeeebb39f&gdpr=0&gdpr_consent=
Request Chain 292
  • https://tg.socdm.com/rtb/sync_before?proto=openx HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537072335&val=YxxJc8Co5sIAAHzKLNcAAAAA
Request Chain 293
  • https://cr-p3.ladsp.jp/cookiesender/3 HTTP 302
  • https://cr-pall.ladsp.com/cookiesender/3 HTTP 302
  • https://cr-pall.ladsp.com/cookiesender/3?cr=true HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AZVSBkrv_ON0ks8ADsaW65qk8M8AAAGDJn7x6Q
Request Chain 295
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEkKv0okHYYlLhNADXCmLXw&google_cver=1
Request Chain 300
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=medianet HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=medianet
Request Chain 301
  • https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3057997956835795000V10%26type%3Drkt%26refUrl%3D%26vid%3D27981958673057997956835795000V10%26ovsid%3D%7Buserid%7D HTTP 302
  • https://contextual.media.net/cksync.html?cs=8&vsid=3057997956835795000V10&type=rkt&refUrl=&vid=27981958673057997956835795000V10&ovsid=1975180289631866553
Request Chain 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=9e4e4e56-cdb2-438a-ae55-90584569c230
Request Chain 304
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3057997956835795000V10%26type%3Dapx%26refUrl%3D%26vid%3D27981958673057997956835795000V10%26ovsid%3D%24UID HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3057997956835795000V10&type=apx&refUrl=&vid=27981958673057997956835795000V10&ovsid=8576658518161717200
Request Chain 305
  • https://us-u.openx.net/w/1.0/cm?id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3057997956835795000V10%26type%3Dopx%26refUrl%3D%26vid%3D27981958673057997956835795000V10%26ovsid%3D HTTP 302
  • https://contextual.media.net/cksync.html?cs=8&vsid=3057997956835795000V10&type=opx&refUrl=&vid=27981958673057997956835795000V10&ovsid=b011a0ca-35c6-41d1-993b-ee855c042143
Request Chain 306
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3057997956835795000V10%26type%3Dr1%26refUrl%3D%26vid%3D27981958673057997956835795000V10%26ovsid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&zcc=1&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3057997956835795000V10%26type%3Dr1%26refUrl%3D%26vid%3D27981958673057997956835795000V10%26ovsid%3D%5BRX_UUID%5D&cb=1662798196376 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4900826527 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/9e4e4e56-cdb2-438a-ae55-90584569c230 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-c91c9ec1-1f70-4729-86b8-0e73aebdef5b-004?redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3057997956835795000V10%26type%3Dr1%26refUrl%3D%26vid%3D27981958673057997956835795000V10%26ovsid%3DRX-c91c9ec1-1f70-4729-86b8-0e73aebdef5b-004
Request Chain 307
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3057997956835795000V10%26type%3Ddxu%26refUrl%3D%26vid%3D27981958673057997956835795000V10%26ovsid%3D_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3057997956835795000V10%26type%3Ddxu%26refUrl%3D%26vid%3D27981958673057997956835795000V10%26ovsid%3D_wfivefivec_ HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3057997956835795000V10&type=dxu&refUrl=&vid=27981958673057997956835795000V10&ovsid=ESExH1nC1OwVLK5
Request Chain 309
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1 HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Dmedianet%26bsw_param%3Dc9f9f6b0-0ffe-407d-8133-0592fe6e4f3e&gdpr=0&gdpr_consent=
Request Chain 310
  • https://b1sync.zemanta.com/usersync/medianet/?cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3057997956835795000V10%26type%3Dzem%26refUrl%3D%26vid%3D27981958673057997956835795000V10%26ovsid%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=9cETBB6pVwWgohKpgykq&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPJZMNCVIQSCGZYFM52XM5XWQS3QM54WW4JGOJSWMVLSNQ6SM5DZOBST26TFNUTHM2LEHUZDOOJYGE4TKOBWG4ZTANJXHE4TOOJVGY4DGNJXHE2TAMBQKYYTAJTWONUWIPJTGA2TOOJZG44TKNRYGM2TOOJVGAYDAVRRGA
Request Chain 313
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3658&xuid=9e4e4e56-cdb2-438a-ae55-90584569c230&dongle=0cfd
Request Chain 314
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTQ2MTc2NjYwMjI3Mzc1OTkyMTAzNg%3D%3D HTTP 302
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Request Chain 315
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEHE8Ty96hyQxo-gin92s1l0&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 316
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTQ2MTc2NjYwMjI3Mzc1OTkyMTAzNg%3D%3D
Request Chain 317
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=1461766602273759921036&dbredirect=true&gdpr=0&consent= HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=1461766602273759921036&dbredirect=true&gdpr=0&consent=&cookiesTest=true HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=3f10933a-69ff-4664-b5a7-3bb89c230e6e&_noobservation=1 HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=3f10933a-69ff-4664-b5a7-3bb89c230e6e&_noobservation=1&_expected_cookie=3ed3a142758b9ca8c8e7d8988cc31b65
Request Chain 319
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/1461766602273759921036?gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-na5u52BE2oQdoBguDu2iPzKCfzZeux3mK8hqGtOgCg--~A&dongle=0883
Request Chain 320
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=1461766602273759921036 HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=1461766602273759921036&dcc=t
Request Chain 322
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent= HTTP 302
  • https://stags.bluekai.com/site/23178?id=vUv5jUkfRiNXqvOnHfS4&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5OZKXMNLKKVVWMUTJJZMHC5SPNZEGMUZU&gdpr=0
Request Chain 340
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEMC-eEttGkycP1Yg3tc2B0c&google_cver=1
Request Chain 341
  • https://id.rlcdn.com/709414.gif HTTP 307
  • https://token.rubiconproject.com/esync?pid=28028&puid=&pt=e
Request Chain 353
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Request Chain 354
  • https://pixel.rubiconproject.com/exchange/sync.php?p=13702&gdpr=0&gdpr_consent=&us_privacy=1YN-& HTTP 302
  • https://x.yieldlift.com/setuid?bidder=rubicon&uid=L7VN3ZUG-R-94Q5&gdpr=0&us_privacy=1YN-
Request Chain 355
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID HTTP 302
  • https://ads.servenobid.com/sync?pid=312&uid=8576658518161717200
Request Chain 359
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4313540450 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/9e4e4e56-cdb2-438a-ae55-90584569c230 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-c91c9ec1-1f70-4729-86b8-0e73aebdef5b-004
Request Chain 360
  • https://p.rfihub.com/cm?pub=44007&in=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=324&uid=1992631737148350183
Request Chain 362
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=1&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-mo.net%252Fcchain%252F1%252F564%253Fgdpr%253D0%2526gdpr_consent%253D%2526us_privacy%253D1YN-%2526A%253D4b2dc87e-5abd-4bba-9846-3ffedc788cbf%2526bidder%253Dpubmatic%2526cbx%253DaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%25253D%2526uid%253D%2523PMUID
Request Chain 363
  • https://ups.analytics.yahoo.com/ups/58559/occ HTTP 302
  • https://ads.servenobid.com/sync?pid=337&uid=y-iLV8alRE2uF3vvqCbv6HztQALkSxLibF1WTmNIc-~A
Request Chain 365
  • https://ups.analytics.yahoo.com/ups/58632/occ HTTP 302
  • https://ads.servenobid.com/sync?pid=339&uid=y-iLV8alRE2uF3vvqCbv6HztQALkSxLibF1WTmNIc-~A
Request Chain 371
  • https://pixel.quantserve.com/pixel/p-EtBqU4Lj3YbAv.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=80&gdpr=0&partneruserid=0QxhzdMGZ57KD2LIhlt9n4QGaMjKWjbKgVmiIVqw
Request Chain 373
  • https://id5-sync.com/i/102/9.gif?gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/102/0/9/1.gif?gdpr=0&gdpr_consent=&us_privacy=
Request Chain 374
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=smart-adserver&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=75&issi=1&partneruserid=9e4e4e56-cdb2-438a-ae55-90584569c230&gdpr=0&gdpr_consent=
Request Chain 380
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=9e4e4e56-cdb2-438a-ae55-90584569c230&expiration=1665390197&gdpr=0&gdpr_consent=

395 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request qi-mei-yin-le-jie-ling-hun-de-yin-hen-gan-shou-lang-man-le-pai-de-feng-pei-qing-gan.html
www.bg3.co/a/ 		58 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.bg3.co/a/qi-mei-yin-le-jie-ling-hun-de-yin-hen-gan-shou-lang-man-le-pai-de-feng-pei-qing-gan.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
84.17.37.44 Central, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-84-17-37-44.cdn77.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
35015dfe6bb2f2d529b72d4d50091713ff89f4dcf8cac73bfe1bd44f086c4060

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
max-age=3600
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Sat, 10 Sep 2022 08:23:06 GMT
ETag
"e63d-tAYvcynm/NjMZt4poPbCdgIS0EQ"
Expires
Sat, 10 Sep 2022 09:23:06 GMT
Server
nginx/1.18.0 (Ubuntu)
Transfer-Encoding
chunked
Vary
Accept-Encoding
v0.js
cdn.ampproject.org/ 		276 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qi-mei-yin-le-jie-ling-hun-de-yin-hen-gan-shou-lang-man-le-pai-de-feng-pei-qing-gan.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
b0c35de7e97c6845d33df6e448e10fc57a12dc9029159a609111c6032cc1889d
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
72615
x-xss-protection
0
server
sffe
date
Sat, 10 Sep 2022 08:23:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
private, max-age=3000, stale-while-revalidate=1206600
etag
"d846f64d6544327b"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 10 Sep 2022 08:23:07 GMT
amp-sidebar-0.1.js
cdn.ampproject.org/v0/ 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-sidebar-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qi-mei-yin-le-jie-ling-hun-de-yin-hen-gan-shou-lang-man-le-pai-de-feng-pei-qing-gan.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
20ef0d0404e4822f6483958648bb42a50a00bf51775a9e4d99d56cddd12ba986
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9656
x-xss-protection
0
server
sffe
date
Sat, 10 Sep 2022 08:23:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
private, max-age=604800, stale-while-revalidate=604800
etag
"acc3868951df8a41"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 10 Sep 2022 08:23:07 GMT
amp-auto-ads-0.1.js
cdn.ampproject.org/v0/ 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-auto-ads-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qi-mei-yin-le-jie-ling-hun-de-yin-hen-gan-shou-lang-man-le-pai-de-feng-pei-qing-gan.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
6997292db4f5eefb91b6df8a32cc33f382a9da74890b13d55d9b0263c46f736e
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7578
x-xss-protection
0
server
sffe
date
Sat, 10 Sep 2022 08:23:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
private, max-age=604800, stale-while-revalidate=604800
etag
"2854de22cf21ae71"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 10 Sep 2022 08:23:07 GMT
amp-analytics-0.1.js
cdn.ampproject.org/v0/ 		109 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-analytics-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qi-mei-yin-le-jie-ling-hun-de-yin-hen-gan-shou-lang-man-le-pai-de-feng-pei-qing-gan.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
c86f041243bcea80e0315fc89fa78a1b81dbc3aec419b11af7302ea2eb3100c9
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32045
x-xss-protection
0
server
sffe
date
Sat, 10 Sep 2022 08:23:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
private, max-age=604800, stale-while-revalidate=604800
etag
"41e651644f1ce250"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 10 Sep 2022 08:23:07 GMT
sdk
cdn.aralego.net/ucfad/sdk/apac-sg/
Redirect Chain
  • https://ads.aralego.com/sdk
  • https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
42 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qi-mei-yin-le-jie-ling-hun-de-yin-hen-gan-shou-lang-man-le-pai-de-feng-pei-qing-gan.html
Protocol
H2
Server
104.26.5.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ae78cfe6ee6192120b022cb3c00d586542309c4b88076fe6f12c0f7ef65f015

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 08:23:08 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
408
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43300
last-modified
Mon, 25 Jul 2022 08:38:19 GMT
server
cloudflare
etag
"62de567b-a924"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y7epyyIeAZS29GJOSItJHAKaGoep%2F1fJiYqkkdFuFLdmI1bL5%2ByMhAa2jFh0mU4oe1v2le5duMnge3uBwMEV8%2B3hDIFFOHBBxZHMzqRNqwZVm52Heprd5UdEHLQyf0p5Vg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
7486c286cd1aa820-SYD

Redirect headers

location
https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
connection
close
content-length
0
adRecover.js
delivery.adrecover.com/43519/ 		35 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://delivery.adrecover.com/43519/adRecover.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qi-mei-yin-le-jie-ling-hun-de-yin-hen-gan-shou-lang-man-le-pai-de-feng-pei-qing-gan.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.144 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-144.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
2a40d36b84112f10e6670179fd909ea322eb9c6c8586ef743584a5012724e7c1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AU
date
Sat, 10 Sep 2022 08:23:09 GMT
content-encoding
br
last-modified
Sat, 10 Sep 2022 07:00:24 GMT
server
nginx/1.18.0
vary
Accept-Encoding
x-akamai-device
mobile:false&tablet:false
access-control-allow-origin
*
cache-control
max-age=3600
server-timing
cdn-cache; desc=REVALIDATE, edge; dur=9, origin; dur=891
x-cf-geodata
AU
content-type
application/javascript
content-length
9534
expires
Sat, 10 Sep 2022 09:23:09 GMT
adpushup.js
cdn.adpushup.com/42753/ 		477 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/adpushup.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qi-mei-yin-le-jie-ling-hun-de-yin-hen-gan-shou-lang-man-le-pai-de-feng-pei-qing-gan.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.161 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-161.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
4d115fdd6bcf7131dd4555e5830422890c4fd24ae9ae1b94f52d8d5158139bf5

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AU
date
Sat, 10 Sep 2022 08:23:08 GMT
content-encoding
br
last-modified
Thu, 08 Sep 2022 16:46:43 GMT
server
nginx/1.18.0
vary
Accept-Encoding
x-akamai-device
mobile:false&tablet:false
access-control-allow-origin
*
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=12
x-cf-geodata
AU
content-type
application/javascript
content-length
104713
expires
Sat, 10 Sep 2022 09:23:08 GMT
6ed8b3d3a78b2ecfd234b39cd4d2d960.jpg
static.bg3.co/imgs/202105/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/6ed8b3d3a78b2ecfd234b39cd4d2d960.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qi-mei-yin-le-jie-ling-hun-de-yin-hen-gan-shou-lang-man-le-pai-de-feng-pei-qing-gan.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ab34750986ded99337c04d330ad87e55b9d6597c9f80a2ef44db86089fda607

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 08:23:09 GMT
cf-cache-status
MISS
last-modified
Mon, 24 May 2021 04:24:56 GMT
server
cloudflare
etag
"6ED8B3D3A78B2ECFD234B39CD4D2D960"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kce7PKhHkzbCZPwzC%2F2h%2Fc5Sus4AsrK%2F%2BQN5hvu5YBX2CWiwNXX%2BfwzdWOgA9hcPqk02DtDoFhT2KUbzUI3GkapaxsF%2BY%2FBYSXGRtFLFMjA0vwvFrjw5Nl5MIP251XU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
7486c2875cd755b1-SYD
content-length
10577
expires
Sat, 17 Sep 2022 08:23:09 GMT
cea2146c98086f2b4ba2c67e96599b3b.jpg
static.bg3.co/imgs/202105/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/cea2146c98086f2b4ba2c67e96599b3b.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qi-mei-yin-le-jie-ling-hun-de-yin-hen-gan-shou-lang-man-le-pai-de-feng-pei-qing-gan.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba4e8708b7c90bec734aab7a8530cc90374bfc13a96714e3cbf4dc9583dd3392

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 08:23:09 GMT
cf-cache-status
MISS
last-modified
Fri, 21 May 2021 17:38:13 GMT
server
cloudflare
etag
"CEA2146C98086F2B4BA2C67E96599B3B"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0gpATRcXVkmf0sFYFHBPq6rEJo%2BYrel72%2B3iWCyIahr5HQWLBJcDJ4jSO8VcjP3ERkg7sJouoif%2FT6yVyNAcb3yBsJWLPPDQsZvkKugqm4eQcXcsUU4kMk1HUR0pJg0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
7486c2875cd855b1-SYD
content-length
4637
expires
Sat, 17 Sep 2022 08:23:09 GMT
04bc62cac231e244f38c905580e756ef.jpg
static.bg3.co/imgs/202106/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/04bc62cac231e244f38c905580e756ef.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qi-mei-yin-le-jie-ling-hun-de-yin-hen-gan-shou-lang-man-le-pai-de-feng-pei-qing-gan.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
710de537d79be42c3da28884c1212209d9fa1db3a794c0fa2af3aa88b2936045

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 08:23:09 GMT
cf-cache-status
MISS
last-modified
Sun, 06 Jun 2021 15:27:20 GMT
server
cloudflare
etag
"04BC62CAC231E244F38C905580E756EF"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DYWNu%2BMe4pUMfDZQJkft12r3o%2Fx5djxLx7E9cVqh%2FIzh%2BSFK2yBf1goPEGYRU%2BLhupU9EA3Ag6WvbJxEycmUAlx0G6nfcWMm%2FYo55pdAQPqKvY2Tfy6L5eGSH6n%2ByDI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
7486c2875cd955b1-SYD
content-length
5131
expires
Sat, 17 Sep 2022 08:23:09 GMT
c2c69663243de37b02c03760c19a881a.jpg
static.bg3.co/imgs/202106/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/c2c69663243de37b02c03760c19a881a.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qi-mei-yin-le-jie-ling-hun-de-yin-hen-gan-shou-lang-man-le-pai-de-feng-pei-qing-gan.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36c5c7cc8ac359b9028446ab4d1b8a7398cf20e14b8ec873d6be0f81b3fac82d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 08:23:09 GMT
cf-cache-status
MISS
last-modified
Mon, 14 Jun 2021 01:24:08 GMT
server
cloudflare
etag
"C2C69663243DE37B02C03760C19A881A"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lI0HymMykHDB58pcrD3cma8Q82KTNawsqUiDckLkCB4D6K86ARKE6OUkdoSS6AdgJxmiOD3lQgJ4U7V4meUt66Z5%2Fecyebo68UiIK1etXw%2Bv3PuxGkKLD7Y8kq5qNmY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
7486c2875cd455b1-SYD
content-length
7028
expires
Sat, 17 Sep 2022 08:23:09 GMT
bbc1b3a37344cec57dc377412860ebcd.jpg
static.bg3.co/imgs/202011/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202011/bbc1b3a37344cec57dc377412860ebcd.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qi-mei-yin-le-jie-ling-hun-de-yin-hen-gan-shou-lang-man-le-pai-de-feng-pei-qing-gan.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f5cba9f6d10a0e979fae9d1514906036b4bc071ca3f07b4b9fe4d47dcf3adfe

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 08:23:09 GMT
cf-cache-status
MISS
last-modified
Tue, 10 Nov 2020 15:17:17 GMT
server
cloudflare
etag
"BBC1B3A37344CEC57DC377412860EBCD"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wbT5Wkzq0yuO5eWUu6nOudzguh9DWvJSu0IwOQv%2BZO4LiZrAAE8QGKvEyyeR8qU6OB7Tpv7ZI7wBsvS%2F4wIxNaxMDKt7UDHPpNdwrP5rh1u5AT0zNgGcFfvxbGU5KAg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
7486c2875cd555b1-SYD
content-length
4553
expires
Sat, 17 Sep 2022 08:23:09 GMT
db43533386c7825d0c4fff38a2dc9bf0.jpg
static.bg3.co/imgs/202107/ 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202107/db43533386c7825d0c4fff38a2dc9bf0.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qi-mei-yin-le-jie-ling-hun-de-yin-hen-gan-shou-lang-man-le-pai-de-feng-pei-qing-gan.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cbe3d447509bcba10918feab119c9540a97c6eb498450f231903e80c9c8e5c7f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 08:23:09 GMT
cf-cache-status
MISS
last-modified
Tue, 06 Jul 2021 01:38:37 GMT
server
cloudflare
etag
"DB43533386C7825D0C4FFF38A2DC9BF0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FNqI5ydlpbX0dDjQWHvepi9U932PS5%2BMMWju8Dbx44fPjGtTy%2Bs2L47EkPNqrGZa9eRoP8Vhc4P2pdbnfdI8iaQsNcOnUk%2FhSvEppTageeHReTryQQdrKItIbAevWGI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
7486c2875cd655b1-SYD
content-length
40459
expires
Sat, 17 Sep 2022 08:23:09 GMT
ac5979d5b18c822710bce5f6e0faa5ec.jpg
static.bg3.co/imgs/202109/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202109/ac5979d5b18c822710bce5f6e0faa5ec.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qi-mei-yin-le-jie-ling-hun-de-yin-hen-gan-shou-lang-man-le-pai-de-feng-pei-qing-gan.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6769d2dadd354b2c66c0951ad3599e7861e23aa16ada5b202a37c7e097e10a18

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 08:23:09 GMT
cf-cache-status
MISS
last-modified
Wed, 22 Sep 2021 03:30:15 GMT
server
cloudflare
etag
"AC5979D5B18C822710BCE5F6E0FAA5EC"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2aJgEy7hXBWX2KLtn%2F4dUkgJpJcIDnwhf0N9pj3jcnbNdvIeRt0phdBv52Z5s9vznyOWqPtcWtDp8chqyBZ%2BH6RpcGlIYkaWsPF9eT66iWOcpxvWl5PW6pGsWwLZqSs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
7486c2879cf655b1-SYD
content-length
5916
expires
Sat, 17 Sep 2022 08:23:09 GMT
1c4a5e5948788e4ef60b4f7050c28eb1.jpg
static.bg3.co/imgs/202208/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202208/1c4a5e5948788e4ef60b4f7050c28eb1.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qi-mei-yin-le-jie-ling-hun-de-yin-hen-gan-shou-lang-man-le-pai-de-feng-pei-qing-gan.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6578c92b0695fc583cd02df997b4d6bd9e14e785321952a64743fbfa7eff1b04

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 08:23:09 GMT
cf-cache-status
MISS
last-modified
Wed, 17 Aug 2022 06:36:34 GMT
server
cloudflare
etag
"1C4A5E5948788E4EF60B4F7050C28EB1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wWZfiKtBsdMvAVA1CqGdVmvVSNXxm6HvwanRqOy5jMCDI9g2ZHIwFVxDVD1BbgZHs232VerHgUYr6oXA7amR4UbRzcWWFicm2FSsm9LBQ6o%2B6Wh1uhm2bvf2xIGtcjs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
7486c2879cf755b1-SYD
content-length
7298
expires
Sat, 17 Sep 2022 08:23:09 GMT
ed3a49fe5176bc7cf61a70b7d5c30954.jpg
static.bg3.co/imgs/202105/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/ed3a49fe5176bc7cf61a70b7d5c30954.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qi-mei-yin-le-jie-ling-hun-de-yin-hen-gan-shou-lang-man-le-pai-de-feng-pei-qing-gan.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a2b1223b0de2adef4069686f9acaf1da6b16d55d37eae00b177a06bebf84f03

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 08:23:09 GMT
cf-cache-status
MISS
last-modified
Sun, 30 May 2021 00:26:51 GMT
server
cloudflare
etag
"ED3A49FE5176BC7CF61A70B7D5C30954"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t90GJPIuYNhWb6hyBwZCKowLJ1lm81aa67pGApPoMuKN2N%2FAQyHbeYFF0B1YULNPNjC8QFomtE%2FaySXMR0EyaTr5LRupTuk8SLeFNyocnwZozYlAgBKniCb%2BrwVF1l0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
7486c287fd2355b1-SYD
content-length
4373
expires
Sat, 17 Sep 2022 08:23:09 GMT
55a1c2b5e04ce2386f60446e18b6ba00.jpg
static.bg3.co/imgs/202105/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/55a1c2b5e04ce2386f60446e18b6ba00.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qi-mei-yin-le-jie-ling-hun-de-yin-hen-gan-shou-lang-man-le-pai-de-feng-pei-qing-gan.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce795d24724e49e16344036d57d179a93183e3d0c8faf0688139cc58d35d018f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 08:23:09 GMT
cf-cache-status
MISS
last-modified
Sat, 29 May 2021 02:16:05 GMT
server
cloudflare
etag
"55A1C2B5E04CE2386F60446E18B6BA00"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pk8U6tqhA9zQ%2Bz3LWM1y5wW4iyZE7uG4d5n7Ic3AGRo6sfF%2FuL5Qf3nrbidnBWlr9JFudmIanwAEeR%2Bx2xf3YIyroHFEPfL8GYOeYMTpPlLmJsW61MAAGQmMX746Jy0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
7486c287fd2455b1-SYD
content-length
8761
expires
Sat, 17 Sep 2022 08:23:09 GMT
e595e48bb30a879c70b4898d197a3c3b.jpg
static.bg3.co/imgs/202106/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/e595e48bb30a879c70b4898d197a3c3b.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qi-mei-yin-le-jie-ling-hun-de-yin-hen-gan-shou-lang-man-le-pai-de-feng-pei-qing-gan.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd7956a83701dec41d13ac20c925f2c82f5b519de129ad1a399022bdee3f8121

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 08:23:09 GMT
cf-cache-status
MISS
last-modified
Mon, 07 Jun 2021 04:50:32 GMT
server
cloudflare
etag
"E595E48BB30A879C70B4898D197A3C3B"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=enknwmQdWI5xB78qa%2F11a0apAfU2jdUj9FZ8UlUc4wh%2Bn87uIAIbvJ6z%2ByVUmDe4SicFByGZVF8d6G%2BHd5ijpdqV8MAIDr9f2LX%2FaweBsDjOHp%2Bry%2B12sqgl1Yb1kpY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
7486c287fd2555b1-SYD
content-length
9716
expires
Sat, 17 Sep 2022 08:23:09 GMT
ee28bac29d50855705daebdb1a4c3639.jpg
static.bg3.co/imgs/202106/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/ee28bac29d50855705daebdb1a4c3639.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qi-mei-yin-le-jie-ling-hun-de-yin-hen-gan-shou-lang-man-le-pai-de-feng-pei-qing-gan.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a40e8992434e535b62d75d7e4b6094b82b407cc034fef81975281c39ecfb2cba

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 08:23:09 GMT
cf-cache-status
MISS
last-modified
Wed, 23 Jun 2021 06:20:24 GMT
server
cloudflare
etag
"EE28BAC29D50855705DAEBDB1A4C3639"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8qGBMnA20%2Fwkc%2B1fMh6fPfTSaM2K%2F4D52MPNy69BbhSEepxRp2%2FY0E%2BzTyKMWD0EQfAEZMMLWSTQ6%2Bl6gjX28r1hBb9ovz%2Fx0mjq4xegJcQ4BTZvju61yMmqoUCU07o%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
7486c287fd2655b1-SYD
content-length
3458
expires
Sat, 17 Sep 2022 08:23:09 GMT
b92f870c6f2d7ea86ecab4a774be0559.jpg
static.bg3.co/imgs/202105/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/b92f870c6f2d7ea86ecab4a774be0559.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qi-mei-yin-le-jie-ling-hun-de-yin-hen-gan-shou-lang-man-le-pai-de-feng-pei-qing-gan.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ded514870717c9f3f532784ab18c92ef1a9703bae7fd521f91c028d4eb2364a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 08:23:09 GMT
cf-cache-status
MISS
last-modified
Thu, 27 May 2021 00:45:11 GMT
server
cloudflare
etag
"B92F870C6F2D7EA86ECAB4A774BE0559"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lr%2ByuKTLaTRkneYDxzZNlcUYLWN2ngkl6Ug1PD9mrvX9C%2FFCj1O3VBURCeGQRaJ34FlLuwsHwFgF6UJvLY%2Fxp%2FOvs63utUP%2B%2BF5oxJitETQBxQe0S59E8D6GQB3hwqs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
7486c287fd2755b1-SYD
content-length
2821
expires
Sat, 17 Sep 2022 08:23:09 GMT
2862c4a8dde0a98eae524d624321f093.jpg
static.bg3.co/imgs/202010/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202010/2862c4a8dde0a98eae524d624321f093.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qi-mei-yin-le-jie-ling-hun-de-yin-hen-gan-shou-lang-man-le-pai-de-feng-pei-qing-gan.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
968e3d44d7648e175b6b08fdc7c40ba1264fe7e1bd76027cc962d05f18c04351

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 08:23:09 GMT
cf-cache-status
MISS
last-modified
Mon, 26 Oct 2020 18:56:19 GMT
server
cloudflare
etag
"2862C4A8DDE0A98EAE524D624321F093"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H9mxHdhCl0L1rYCu8y%2Buae8M0YjcSbGNZpMOoLtNXW3MZkCDFnM%2FsXy6KbE0D6abYgMXiuI7VjSUuG4sXbTyV5sYIcsG%2BUn3sOU38x8ttpDrH4ruWAgw8TEl%2B%2FUl8p4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
7486c287fd2855b1-SYD
content-length
5921
expires
Sat, 17 Sep 2022 08:23:09 GMT
d16dbb05d59d3004c8f1f9e2b5fb04be.jpg
static.bg3.co/imgs/202105/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/d16dbb05d59d3004c8f1f9e2b5fb04be.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qi-mei-yin-le-jie-ling-hun-de-yin-hen-gan-shou-lang-man-le-pai-de-feng-pei-qing-gan.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e416f9c5beff9b32c1786ebeb3ac32c7c7037311a49b7a05c32cd6dc1c53208

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 08:23:09 GMT
cf-cache-status
MISS
last-modified
Mon, 24 May 2021 04:24:34 GMT
server
cloudflare
etag
"D16DBB05D59D3004C8F1F9E2B5FB04BE"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5f5qtyxvGP4f62iyc5Y8UD696Y1maV3MaVETW%2B%2BzUoCTSgyO3Gcc83DVBI2%2FGYHLDS76m4PfkkezOSZR8K%2BZ2N0uXF6XTrrBYZAxww2MzOSkHN9QKAcUxFnhmfwboAs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
7486c287fd2955b1-SYD
content-length
5886
expires
Sat, 17 Sep 2022 08:23:09 GMT
29f3e17337d49b16e599f9dda08d9c0f.jpg
static.bg3.co/imgs/202106/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/29f3e17337d49b16e599f9dda08d9c0f.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qi-mei-yin-le-jie-ling-hun-de-yin-hen-gan-shou-lang-man-le-pai-de-feng-pei-qing-gan.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bee2c5e2a31868cbe503c8b91d964a71e7ae6ec100753a5bc4b59f5c2a9d4c60

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 08:23:09 GMT
cf-cache-status
MISS
last-modified
Tue, 01 Jun 2021 08:54:30 GMT
server
cloudflare
etag
"29F3E17337D49B16E599F9DDA08D9C0F"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dMtE%2BQ4BpMUWXPQeqmPbMgeAb2wjDVyNb6AAGdNmoqm3p0uk2TZ8FuVv46wqeTuaBKKKMo08WG3IVFpO%2BzRELW2Zv8rIRrbWuS56T2LPDbUJkfPUgy80JSYAKI4LPYU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
7486c287fd2a55b1-SYD
content-length
4161
expires
Sat, 17 Sep 2022 08:23:09 GMT
d9edc09e6d1226a98e3f62cfb861f30f.jpg
static.bg3.co/imgs/202105/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/d9edc09e6d1226a98e3f62cfb861f30f.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qi-mei-yin-le-jie-ling-hun-de-yin-hen-gan-shou-lang-man-le-pai-de-feng-pei-qing-gan.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5d2d371a727dced75538c04972ae4ed978402937763c4eb78291954fbef7322

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 08:23:09 GMT
cf-cache-status
MISS
last-modified
Sat, 22 May 2021 13:38:33 GMT
server
cloudflare
etag
"D9EDC09E6D1226A98E3F62CFB861F30F"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z2hL7UiMFyyx0Twy25bH7hVyvT63SCbj7G%2Fb6C4eM4LX3nUMpmqnRZ6N2019zNz5HRm6UMX%2B4pJFly7wp79Obpexol7HAwdU8CUsR2U6xkSvvZY1ucrb8iHVkQ4qU5Y%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
7486c287fd2b55b1-SYD
content-length
10588
expires
Sat, 17 Sep 2022 08:23:09 GMT
9a0db0fe4dfd0540ad118e33764ed60e.jpg
static.bg3.co/imgs/202105/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/9a0db0fe4dfd0540ad118e33764ed60e.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qi-mei-yin-le-jie-ling-hun-de-yin-hen-gan-shou-lang-man-le-pai-de-feng-pei-qing-gan.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b6f82463e9e98ffd7782b239ee71fee00103e68b4f0c27a2ce16f6c91eb1551a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 08:23:09 GMT
cf-cache-status
MISS
last-modified
Tue, 25 May 2021 02:36:48 GMT
server
cloudflare
etag
"9A0DB0FE4DFD0540AD118E33764ED60E"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nMtrt42%2BX3LRSRm58EQfB1R223EIRGmIpMianaxpFlirD9eMi%2Bmx8Q95e2YCgxO0J5oHih%2B%2BKp2p77MHos8y%2B32xHhr83PmQpLerr9%2BB2aVRcoO%2Fjq88IpY5cTFHYvc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
7486c287fd2c55b1-SYD
content-length
15609
expires
Sat, 17 Sep 2022 08:23:09 GMT
amp-auto-lightbox-0.1.js
cdn.ampproject.org/rtv/012208242209000/v0/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012208242209000/v0/amp-auto-lightbox-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
beb04705b4768996852ded7b4cef6e5fcd8bd57b76f289519c95a007d8ab7693
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
306340
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2980
x-xss-protection
0
server
sffe
date
Tue, 06 Sep 2022 19:17:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"9dad1bb78ff989b7"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 06 Sep 2023 19:17:28 GMT
amp-ad-0.1.js
cdn.ampproject.org/rtv/012208242209000/v0/ 		81 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012208242209000/v0/amp-ad-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
095348d33dfcfa5ed1de252a53bff7ecda596451ce782f98ad45970c44f6ca5e
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
306115
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23012
x-xss-protection
0
server
sffe
date
Tue, 06 Sep 2022 19:21:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"4c6500572c835440"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 06 Sep 2023 19:21:13 GMT
ama
pagead2.googlesyndication.com/getconfig/ 		3 KB
996 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/ama?client=ca-pub-3216231935713038&plah=www.bg3.co&ama_t=amp&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fqi-mei-yin-le-jie-ling-hun-de-yin-hen-gan-shou-lang-man-le-pai-de-feng-pei-qing-gan.html&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
e0a104fbbee2e540bada9deeb913d367f345ffc77ab96ae1713d3486e2763418
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 10 Sep 2022 08:23:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
547
x-xss-protection
0
amp-loader-0.1.js
cdn.ampproject.org/rtv/012208242209000/v0/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012208242209000/v0/amp-loader-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
45d8a1c989f3fb759ada706bcba787b1d492dfce7b9f2494c9ca704aae6133b8
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
306308
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3839
x-xss-protection
0
server
sffe
date
Tue, 06 Sep 2022 19:18:00 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"e713e5c0fef433e3"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 06 Sep 2023 19:18:00 GMT
jquery-3.6.0.min.js
code.jquery.com/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.6.0.min.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
tlb.hwcdn.net
Software
nginx /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 08:23:09 GMT
content-encoding
gzip
last-modified
Fri, 20 Aug 2021 17:47:53 GMT
server
nginx
etag
W/"611feac9-15d9d"
vary
Accept-Encoding
x-hw
1662798189.dop206.sj3.t,1662798189.cds207.sj3.hn,1662798189.cds046.sj3.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30875
ucfad-formats.css
cdn.aralego.net/css/dev/ 		975 B
614 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.5.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 08:23:08 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
31
cf-polished
origSize=1191
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 16 Mar 2018 07:19:46 GMT
server
cloudflare
etag
W/"5aab7012-4a7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cV9VfSJeun2%2B2T4SjTGrdEZJEmjxPGPKToaFlK16ShNbFk8Sk9JrWC0DrKVoDbTGluQTC%2BcqO7tyqQvNGUPGt8LkGNt80j49zzrDcVF09xX60KtMkUhYzAws6ugPpUminw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
7486c2879e9fa820-SYD
cf-bgj
minify
idRequest
sync.aralego.com/ 		46 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
209.58.171.197 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
e45926cd4427970d0ecdcd27d2f4343e89f584a1c02fe00eb5107135ad9b77a9

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 10 Sep 2022 08:23:09 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Allow-Credentials
true
Connection
close
Content-Length
46
idRequest
sync.aralego.com/ 		46 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
209.58.171.197 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
e45926cd4427970d0ecdcd27d2f4343e89f584a1c02fe00eb5107135ad9b77a9

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 10 Sep 2022 08:23:09 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Allow-Credentials
true
Connection
close
Content-Length
46
ad_request
ads.aralego.com/ 		508 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Fqi-mei-yin-le-jie-ling-hun-de-yin-hen-gan-shou-lang-man-le-pai-de-feng-pei-qing-gan.html&adid=ad-627443DBE4283AB9F7A46EA83243447&w=336&h=280&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.16646370094358542&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.108.102.145 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
e813a8d8d41c0dbdc33020ad6ef27d16afd2b590ceeb998e267409c8f666b829

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 08:23:09 GMT
x-width
336
x-height
280
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
x-adsource
PSA
x-adtype
html
connection
close
access-control-allow-credentials
true
content-length
508
x-adstyle
banner
ad_request
ads.aralego.com/ 		508 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Fqi-mei-yin-le-jie-ling-hun-de-yin-hen-gan-shou-lang-man-le-pai-de-feng-pei-qing-gan.html&adid=ad-627443DBE4283AB9F7A46EA83243447&w=336&h=280&ver=UCX_WEB-20200113&pos=1&seq=1&cb=0.5621260056713184&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.108.102.145 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
e813a8d8d41c0dbdc33020ad6ef27d16afd2b590ceeb998e267409c8f666b829

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 08:23:09 GMT
x-width
336
x-height
280
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
x-adsource
PSA
x-adtype
html
connection
close
access-control-allow-credentials
true
content-length
508
x-adstyle
banner
amp-sticky-ad-1.0.js
cdn.ampproject.org/rtv/012208242209000/v0/ 		39 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012208242209000/v0/amp-sticky-ad-1.0.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
e325e7ac2e5f7158a7ed69054a0a07a499f2af228d98fca31b039b875ae11e85
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
306116
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10232
x-xss-protection
0
server
sffe
date
Tue, 06 Sep 2022 19:21:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"0872f735faca1dbc"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 06 Sep 2023 19:21:13 GMT
amp-ad-network-adsense-impl-0.1.js
cdn.ampproject.org/rtv/012208242209000/v0/ 		214 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012208242209000/v0/amp-ad-network-adsense-impl-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
923bfe4249cc964c58e87df66b351ebb93c6fc54f658fda2c259e2ffc089ddd7
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
305454
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
57876
x-xss-protection
0
server
sffe
date
Tue, 06 Sep 2022 19:32:15 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"396e090561abbfd0"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 06 Sep 2023 19:32:15 GMT
jquery-2.2.2.min.js
code.jquery.com/ 		84 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-2.2.2.min.js
Requested by
Host: delivery.adrecover.com
URL: https://delivery.adrecover.com/43519/adRecover.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
tlb.hwcdn.net
Software
nginx /
Resource Hash
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 08:23:09 GMT
content-encoding
gzip
last-modified
Fri, 20 Aug 2021 17:47:53 GMT
server
nginx
etag
W/"611feac9-14e98"
vary
Accept-Encoding
x-hw
1662798189.dop206.sj3.t,1662798189.cds207.sj3.hn,1662798189.cds210.sj3.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
29880
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame B85B 		116 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
412d618519aa7bd4d923227c23cb39a16453a941d0343956ddbcc2f007589b30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 08:23:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40164
x-xss-protection
0
server
cafe
etag
8260289957193327082
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 10 Sep 2022 08:23:09 GMT
cookieSyncIframe.html
cdn.aralego.net/ucfad/cookie/ Frame D98A 		714 B
795 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

access-control-allow-credentials
true
age
3583
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
7486c28b5ae1aadb-SYD
content-encoding
br
content-type
text/html
date
Sat, 10 Sep 2022 08:23:09 GMT
last-modified
Wed, 09 Feb 2022 05:59:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=niGkKv3BbJfdIccC33pjYqlEkGccrMrf8PWSWKAPIKgGGItC3VGtKAvpAukt%2Fpm%2BgE4Q0WLZq7P4sg5bQ32P7IqGsFC6gaicpVUaLhnNOrwim%2FF0jy7N2YqMaMEn5XlB2w%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
idsync
sync.aralego.com/ 		35 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aralego.com/idsync?gdpr=1&euconsent-v2=${GDPR_CONSENT_607}&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qi-mei-yin-le-jie-ling-hun-de-yin-hen-gan-shou-lang-man-le-pai-de-feng-pei-qing-gan.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
209.58.171.197 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 10 Sep 2022 08:23:09 GMT
Connection
close
Content-Length
35
Content-Type
image/gif
cookieSyncIframe.html
cdn.aralego.net/ucfad/cookie/ Frame 7ADC 		714 B
762 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

access-control-allow-credentials
true
age
3583
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
7486c28b7af2aadb-SYD
content-encoding
br
content-type
text/html
date
Sat, 10 Sep 2022 08:23:09 GMT
last-modified
Wed, 09 Feb 2022 05:59:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BKJ6YqZcGNSNqXswnSrychChFqoqyQkg3uP47GFeOicy25qLHH5i7VgSRo9%2FMNa4bKiBROBOV%2BZqv26Zux79CPNUYRdl62knd7gb66m4cfWxnIThoLZG3XEtKYlaLqu%2BIA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame D98A 		84 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f156.1e100.net
Software
sffe /
Resource Hash
a41aa6181ca08937de11eee721860701ee7e1b1d7050bd6d4350d14f29eaafef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 08:23:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28683
x-xss-protection
0
server
sffe
etag
"1329 / 137 of 1000 / last-modified: 1662761167"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 10 Sep 2022 08:23:09 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 7ADC 		84 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f156.1e100.net
Software
sffe /
Resource Hash
cee9ee9c76292f7dd906f013e312ae23e92e67d93ecb66a6941d33e9e4c786f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 08:23:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28677
x-xss-protection
0
server
sffe
etag
"1329 / 16 of 1000 / last-modified: 1662761167"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 10 Sep 2022 08:23:09 GMT
gtag.json
cdn.ampproject.org/rtv/012208242209000/v0/analytics-vendors/ 		2 KB
930 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012208242209000/v0/analytics-vendors/gtag.json
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
a8993772c9eb591474f38d257bebc8c4286703e1af72d04c8c294be5fff7b649
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
901
x-xss-protection
0
server
sffe
date
Sat, 10 Sep 2022 08:23:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
application/json
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"7eb7066936b4d634"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 10 Sep 2023 08:23:09 GMT
integrator.json
adservice.google.com/adsid/ 		86 B
572 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.json?domain=www.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
14cfb5058acaf3af2f07088f1582f29941d7a4cc74fd1cea5050cecad862d154
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 10 Sep 2022 08:23:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
access-control-allow-origin
https://www.bg3.co
cache-control
private, no-cache, no-store
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
83
x-xss-protection
0
nameframe.html
d-643269229691911375.ampproject.net/2208242209000/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://d-643269229691911375.ampproject.net/2208242209000/nameframe.html
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f94.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
pb.42753.1662648504901.js
cdn.adpushup.com/prebid/ 		342 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/prebid/pb.42753.1662648504901.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.161 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-161.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
7c0b90fe6a2f1f5380a33c83ccd0fc9ead3520adfe057f55f784c12b49fab4be

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AU
date
Sat, 10 Sep 2022 08:23:10 GMT
content-encoding
br
last-modified
Thu, 08 Sep 2022 14:48:36 GMT
server
nginx/1.18.0
etag
W/"631a00c4-5597e"
vary
Accept-Encoding
x-akamai-device
mobile:false&tablet:false
access-control-allow-origin
*
cache-control
max-age=31536000
server-timing
cdn-cache; desc=HIT, edge; dur=12
content-type
application/javascript
content-length
93736
expires
Sun, 10 Sep 2023 08:23:10 GMT
quantcast.js
cdn.adpushup.com/pbuseridscripts/ 		450 B
618 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.161 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-161.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AU
date
Sat, 10 Sep 2022 08:23:10 GMT
content-encoding
gzip
last-modified
Mon, 28 Jun 2021 04:15:23 GMT
server
nginx/1.18.0
etag
"60d94cdb-1c2"
vary
Accept-Encoding
x-akamai-device
mobile:false&tablet:false
access-control-allow-origin
*
cache-control
max-age=31536000
server-timing
cdn-cache; desc=HIT, edge; dur=10
accept-ranges
bytes
content-type
application/javascript
content-length
317
expires
Sun, 10 Sep 2023 08:23:10 GMT
linkPreview.js
cdn.adpushup.com/42753/ 		72 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/linkPreview.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qi-mei-yin-le-jie-ling-hun-de-yin-hen-gan-shou-lang-man-le-pai-de-feng-pei-qing-gan.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.161 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-161.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
968012b3a49390a10d31c6d36b2aab796ec167a83378b5f9787756ee7cb035c5

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AU
date
Sat, 10 Sep 2022 08:23:10 GMT
content-encoding
br
last-modified
Thu, 14 Jul 2022 19:44:27 GMT
server
nginx/1.18.0
etag
W/"62d0721b-11ed1"
vary
Accept-Encoding
x-akamai-device
mobile:false&tablet:false
access-control-allow-origin
*
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=14
content-type
application/javascript
content-length
17440
expires
Sat, 10 Sep 2022 09:23:10 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		84 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f156.1e100.net
Software
sffe /
Resource Hash
a41aa6181ca08937de11eee721860701ee7e1b1d7050bd6d4350d14f29eaafef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 08:23:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28683
x-xss-protection
0
server
sffe
etag
"1329 / 272 of 1000 / last-modified: 1662761167"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 10 Sep 2022 08:23:09 GMT
sync
e3.adpushup.com/AdPushupFeedbackWebService/user/ 		70 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/user/sync
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qi-mei-yin-le-jie-ling-hun-de-yin-hen-gan-shou-lang-man-le-pai-de-feng-pei-qing-gan.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Sep 2022 08:23:10 GMT
server
nginx/1.10.3 (Ubuntu)
ap-cookie-status
cookies ap_uid and ap_usid are set
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2NjI3OTgxODk3MTUsInBhY2tldElkIjoiMDAwMEE3MDEtZmQ2OTY5MjMtYmZiNy00ZTRjLWExMGItMTQwNzlhYWFkYThkIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3FpLW1laS15aW4tbGUtamllLWxpbmctaHVuLWRlLXlpbi1oZW4tZ2FuLXNob3UtbGFuZy1tYW4tbGUtcGFpLWRlLWZlbmctcGVpLXFpbmctZ2FuLmh0bWwiLCJtb2RlIjo0LCJlcnJvckNvZGUiOjAsInJlZmVycmVyIjoiIiwicGFnZUdyb3VwIjoiQVJUSUNMRSIsInBhZ2VWYXJpYXRpb25JZCI6Ijk2NzUwMTI1LWI5MGMtNDk3YS04Njk5LTczMTcxZjdiNDkzNSIsInBhZ2VWYXJpYXRpb25OYW1lIjoiQWRQdXNodXAiLCJwYWdlVmFyaWF0aW9uVHlwZSI6MSwicGxhdGZvcm0iOiJERVNLVE9QIiwiaXNHZW5pZWUiOmZhbHNlLCJzZWN0aW9ucyI6bnVsbH0%3D
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qi-mei-yin-le-jie-ling-hun-de-yin-hen-gan-shou-lang-man-le-pai-de-feng-pei-qing-gan.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Sep 2022 08:23:10 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2NjI3OTgxODk3MTYsInBhY2tldElkIjoiMDAwMEE3MDEtZmQ2OTY5MjMtYmZiNy00ZTRjLWExMGItMTQwNzlhYWFkYThkIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3FpLW1laS15aW4tbGUtamllLWxpbmctaHVuLWRlLXlpbi1oZW4tZ2FuLXNob3UtbGFuZy1tYW4tbGUtcGFpLWRlLWZlbmctcGVpLXFpbmctZ2FuLmh0bWwiLCJtb2RlIjo1LCJlcnJvckNvZGUiOjEsInJlZmVycmVyIjoiIiwicGFnZUdyb3VwIjoiQVJUSUNMRSIsInBhZ2VWYXJpYXRpb25JZCI6Ijk2NzUwMTI1LWI5MGMtNDk3YS04Njk5LTczMTcxZjdiNDkzNSIsInBhZ2VWYXJpYXRpb25OYW1lIjoiQWRQdXNodXAiLCJwYWdlVmFyaWF0aW9uVHlwZSI6MSwicGxhdGZvcm0iOiJERVNLVE9QIiwiaXNHZW5pZWUiOmZhbHNlLCJzZWN0aW9ucyI6bnVsbH0%3D
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qi-mei-yin-le-jie-ling-hun-de-yin-hen-gan-shou-lang-man-le-pai-de-feng-pei-qing-gan.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Sep 2022 08:23:10 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2NjI3OTgxODk3MTYsInBhY2tldElkIjoiMDAwMEE3MDEtZmQ2OTY5MjMtYmZiNy00ZTRjLWExMGItMTQwNzlhYWFkYThkIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3FpLW1laS15aW4tbGUtamllLWxpbmctaHVuLWRlLXlpbi1oZW4tZ2FuLXNob3UtbGFuZy1tYW4tbGUtcGFpLWRlLWZlbmctcGVpLXFpbmctZ2FuLmh0bWwiLCJtb2RlIjoxLCJlcnJvckNvZGUiOjEsInJlZmVycmVyIjoiIiwicGFnZUdyb3VwIjoiQVJUSUNMRSIsInBhZ2VWYXJpYXRpb25JZCI6Ijk2NzUwMTI1LWI5MGMtNDk3YS04Njk5LTczMTcxZjdiNDkzNSIsInBhZ2VWYXJpYXRpb25OYW1lIjoiQWRQdXNodXAiLCJwYWdlVmFyaWF0aW9uVHlwZSI6MSwicGxhdGZvcm0iOiJERVNLVE9QIiwiaXNHZW5pZWUiOmZhbHNlLCJzZWN0aW9ucyI6W3sic2VjdGlvbklkIjoiNzdhOWMyMmYtYWMwMi00NWRkLTk2YmMtYjA4OTZhOGE3ZDVhIiwic2VjdGlvbk5hbWUiOiJBUF9MX0RfQVJUSUNMRV83MjhYMjUwXzc3YTljIiwic3RhdHVzIjoxLCJuZXR3b3JrIjoiYWRwVGFncyIsIm5ldHdvcmtBZFVuaXRJZCI6IkFEUF80Mjc1M183MjhYMjUwXzc3YTljMjJmLWFjMDItNDVkZC05NmJjLWIwODk2YThhN2Q1YSIsInNlcnZpY2VzIjpbMSwzXSwiYWRVbml0VHlwZSI6MX1dfQ%3D%3D
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qi-mei-yin-le-jie-ling-hun-de-yin-hen-gan-shou-lang-man-le-pai-de-feng-pei-qing-gan.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Sep 2022 08:23:10 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2NjI3OTgxODk3MjEsInBhY2tldElkIjoiMDAwMEE3MDEtZmQ2OTY5MjMtYmZiNy00ZTRjLWExMGItMTQwNzlhYWFkYThkIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3FpLW1laS15aW4tbGUtamllLWxpbmctaHVuLWRlLXlpbi1oZW4tZ2FuLXNob3UtbGFuZy1tYW4tbGUtcGFpLWRlLWZlbmctcGVpLXFpbmctZ2FuLmh0bWwiLCJtb2RlIjoxLCJlcnJvckNvZGUiOjEsInJlZmVycmVyIjoiIiwicGFnZUdyb3VwIjoiQVJUSUNMRSIsInBhZ2VWYXJpYXRpb25JZCI6Ijk2NzUwMTI1LWI5MGMtNDk3YS04Njk5LTczMTcxZjdiNDkzNSIsInBhZ2VWYXJpYXRpb25OYW1lIjoiQWRQdXNodXAiLCJwYWdlVmFyaWF0aW9uVHlwZSI6MSwicGxhdGZvcm0iOiJERVNLVE9QIiwiaXNHZW5pZWUiOmZhbHNlLCJzZWN0aW9ucyI6W3sic2VjdGlvbklkIjoiZDFjMTBhNzItMjdiNC00OTMxLThjZTctOTlhMThlYmJkYmFlIiwic2VjdGlvbk5hbWUiOiJBUF9JX0RfQVJUSUNMRV83MjhYOTBfZDFjMTAiLCJzdGF0dXMiOjEsIm5ldHdvcmsiOiJhZHBUYWdzIiwibmV0d29ya0FkVW5pdElkIjoiU1RJQ0tZX0FEUF80Mjc1M183MjhYOTBfZDFjMTBhNzItMjdiNC00OTMxLThjZTctOTlhMThlYmJkYmFlIiwic2VydmljZXMiOls1LDNdLCJhZFVuaXRUeXBlIjozfV19
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qi-mei-yin-le-jie-ling-hun-de-yin-hen-gan-shou-lang-man-le-pai-de-feng-pei-qing-gan.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Sep 2022 08:23:10 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2NjI3OTgxODk3MjQsInBhY2tldElkIjoiMDAwMEE3MDEtZmQ2OTY5MjMtYmZiNy00ZTRjLWExMGItMTQwNzlhYWFkYThkIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3FpLW1laS15aW4tbGUtamllLWxpbmctaHVuLWRlLXlpbi1oZW4tZ2FuLXNob3UtbGFuZy1tYW4tbGUtcGFpLWRlLWZlbmctcGVpLXFpbmctZ2FuLmh0bWwiLCJtb2RlIjoxLCJlcnJvckNvZGUiOjEsInJlZmVycmVyIjoiIiwicGFnZUdyb3VwIjoiQVJUSUNMRSIsInBhZ2VWYXJpYXRpb25JZCI6Ijk2NzUwMTI1LWI5MGMtNDk3YS04Njk5LTczMTcxZjdiNDkzNSIsInBhZ2VWYXJpYXRpb25OYW1lIjoiQWRQdXNodXAiLCJwYWdlVmFyaWF0aW9uVHlwZSI6MSwicGxhdGZvcm0iOiJERVNLVE9QIiwiaXNHZW5pZWUiOmZhbHNlLCJzZWN0aW9ucyI6W3sic2VjdGlvbklkIjoiMTA0YjI4MmEtYmQxMS00ZDhkLWFkNjQtMDQ5MjA2M2I2Y2JhIiwic2VjdGlvbk5hbWUiOiJBUF9JX0RfQVJUSUNMRV8xMjBYNjAwXzEwNGIyIiwic3RhdHVzIjoxLCJuZXR3b3JrIjoiYWRwVGFncyIsIm5ldHdvcmtBZFVuaXRJZCI6IlNUSUNLWV9BRFBfNDI3NTNfMTIwWDYwMF8xMDRiMjgyYS1iZDExLTRkOGQtYWQ2NC0wNDkyMDYzYjZjYmEiLCJzZXJ2aWNlcyI6WzUsM10sImFkVW5pdFR5cGUiOjN9XX0%3D
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qi-mei-yin-le-jie-ling-hun-de-yin-hen-gan-shou-lang-man-le-pai-de-feng-pei-qing-gan.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Sep 2022 08:23:10 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
block.jpg
delivery.adrecover.com/ 		631 B
915 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://delivery.adrecover.com/block.jpg?ts=1662798189730
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qi-mei-yin-le-jie-ling-hun-de-yin-hen-gan-shou-lang-man-le-pai-de-feng-pei-qing-gan.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.144 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-144.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AU
date
Sat, 10 Sep 2022 08:23:09 GMT
last-modified
Wed, 23 Jun 2021 06:37:54 GMT
server
nginx/1.18.0
etag
"60d2d6c2-277"
vary
Accept-Encoding
x-akamai-device
mobile:false&tablet:false
access-control-allow-origin
*
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=1
accept-ranges
bytes
content-type
image/jpeg
content-length
631
expires
Sat, 10 Sep 2022 09:23:09 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 11B3 		116 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
c06bb7367188863b6c828ff2788f0b782ac995b6178fc53b92af5c75d449551b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 08:23:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40159
x-xss-protection
0
server
cafe
etag
6699289059182006663
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 10 Sep 2022 08:23:09 GMT
amp
www.googletagmanager.com/gtag/ 		610 B
808 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/amp?__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
8492f3fc13f89700f09e8a96308911979a6289be084af2c497ea54dbd7dd7f5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=utf-8

Response headers

date
Sat, 10 Sep 2022 08:23:10 GMT
content-encoding
br
vary
*
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="amp.json"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
258
x-xss-protection
0
pragma
no-cache
amp-access-control-allow-source-origin
https://www.bg3.co
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
expires
Fri, 01 Jan 1990 00:00:00 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209060101/ Frame B85B 		345 KB
121 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209060101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
388c5feeadc76c0960b6635be32ef74cff2163831cba387670bd40d3595c273a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 08:23:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
124234
x-xss-protection
0
server
cafe
etag
12751671913542466850
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sat, 10 Sep 2022 08:23:10 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209060101/ Frame 11B3 		345 KB
121 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209060101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
32a0bb127aad9a7b19061909d898721b6a4c22d4ae922ff303eeb77f1af4e118
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 08:23:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
124228
x-xss-protection
0
server
cafe
etag
13440094440735383159
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sat, 10 Sep 2022 08:23:10 GMT
pubads_impl_2022090601.js
securepubads.g.doubleclick.net/gpt/ Frame D98A 		382 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f156.1e100.net
Software
sffe /
Resource Hash
ce67b0786f14c7c1861eebd94f6557072e99e50ab95176a2f23d7444c4dc2741
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 10:31:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
337877
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133157
x-xss-protection
0
last-modified
Tue, 06 Sep 2022 08:35:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 06 Sep 2023 10:31:53 GMT
pubads_impl_2022090601.js
securepubads.g.doubleclick.net/gpt/ Frame 7ADC 		382 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f156.1e100.net
Software
sffe /
Resource Hash
ce67b0786f14c7c1861eebd94f6557072e99e50ab95176a2f23d7444c4dc2741
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 10:31:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
337877
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133157
x-xss-protection
0
last-modified
Tue, 06 Sep 2022 08:35:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 06 Sep 2023 10:31:53 GMT
collect
www.google-analytics.com/r/ 		35 B
396 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=a1&ds=AMP&aip&_s=1&dt=%E5%A5%87%E7%BE%8E%E9%9F%B3%E6%A8%82%E7%AF%80%E3%80%8C%E9%9D%88%E9%AD%82%E7%9A%84%E5%8D%B0%E7%97%95%E3%80%8D%20%E3%80%80%E6%84%9F%E5%8F%97%E6%B5%AA%E6%BC%AB%E6%A8%82%E6%B4%BE%E7%9A%84%E8%B1%90%E6%B2%9B%E6%83%85%E6%84%9F%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&sr=1600x1200&cid=amp-UJEBkswYDI3W72Ea826CEg&tid=UA-172083736-2&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fqi-mei-yin-le-jie-ling-hun-de-yin-hen-gan-shou-lang-man-le-pai-de-feng-pei-qing-gan.html&dr=&sd=24&ul=en-us&de=UTF-8&t=pageview&jid=0.3603960082905635&gjid=0.9531658392976583&_r=1&a=3513&z=0.995211760757472&gtm=2pu000
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qi-mei-yin-le-jie-ling-hun-de-yin-hen-gan-shou-lang-man-le-pai-de-feng-pei-qing-gan.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f101.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Sep 2022 08:23:10 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_2022090601.js
securepubads.g.doubleclick.net/gpt/ 		382 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f156.1e100.net
Software
sffe /
Resource Hash
ce67b0786f14c7c1861eebd94f6557072e99e50ab95176a2f23d7444c4dc2741
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 10:31:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
337877
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133157
x-xss-protection
0
last-modified
Tue, 06 Sep 2022 08:35:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 06 Sep 2023 10:31:53 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		109 B
118 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.bg3.co
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f156.1e100.net
Software
cafe /
Resource Hash
57ba9c79273602051bd0fa9f6dcd52a3f199dc59f134308efeeaad35424b8311
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 10 Sep 2022 08:23:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
93
x-xss-protection
0
expires
Sat, 10 Sep 2022 08:23:10 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 0A7B 		603 B
627 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=1600x250&w=1600&h=250&ptt=12&adk=3786087787&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-6281013191052366428&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=2879757923&nhd=0&adx=0&ady=3109&oid=2&is_amp=5&amp_v=2208242209000&d_imp=1&c=372826003513&ga_cid=amp-UJEBkswYDI3W72Ea826CEg&ga_hid=3513&dt=1662798189700&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fqi-mei-yin-le-jie-ling-hun-de-yin-hen-gan-shou-lang-man-le-pai-de-feng-pei-qing-gan.html&bdt=2317&dtd=385&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012208242209000/v0/amp-ad-0.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 10 Sep 2022 08:23:11 GMT
expires
Sat, 10 Sep 2022 08:23:11 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
cookie.js
partner.googleadservices.com/gampad/ Frame B85B 		379 B
691 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209060101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
cafe /
Resource Hash
6d94d8c9dda948f977ea7a029adfd90310a309ad35c866f4551d2bcdfbfc83c4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 08:23:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
246
x-xss-protection
0
integrator.js
adservice.google.com.au/adsid/ Frame B85B 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209060101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 10 Sep 2022 08:23:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame B85B 		107 B
196 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209060101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 10 Sep 2022 08:23:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
adx.holmesmind.com/adx-file/20220802/ Frame B3E4
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1662798190&url=...
  • https://adx.holmesmind.com/adx-file/20220802/wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
673 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://adx.holmesmind.com/adx-file/20220802/wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209060101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.251.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-251-114.sin5.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
21902e4026c2f774fbd13f64845d6fd3a823c1ea64ee93e76a9fe06a49a74711

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
604
content-length
673
content-type
text/html
date
Sat, 10 Sep 2022 08:14:12 GMT
etag
"48eae0cda160246f65db69ea3a0e8b6a"
last-modified
Tue, 02 Aug 2022 04:45:52 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 f448aba82e4fd70230de47f9a261511c.cloudfront.net (CloudFront)
x-amz-cf-id
0I0tqfnGS-JO6QOdi-oqBnaaxSJtUkHlRuQr4inKoFGZGNNWZ0YB_w==
x-amz-cf-pop
SIN5-C1
x-amz-version-id
AXCXhborHznj.8nLhhiA1470QYBmIoZE
x-cache
Hit from cloudfront

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 10 Sep 2022 08:23:11 GMT
location
https://adx.holmesmind.com/adx-file/20220802/wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
cookie.js
partner.googleadservices.com/gampad/ Frame 11B3 		379 B
317 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209060101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
cafe /
Resource Hash
fb54d3a759090684587336727e28cd7f40e3d6e896e5a133a1fbc977b381217a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 08:23:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
248
x-xss-protection
0
integrator.js
adservice.google.com.au/adsid/ Frame 11B3 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209060101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 10 Sep 2022 08:23:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 11B3 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209060101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 10 Sep 2022 08:23:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
adx.holmesmind.com/adx-file/20220802/ Frame 14F2
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1662798190&url=...
  • https://adx.holmesmind.com/adx-file/20220802/wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
673 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://adx.holmesmind.com/adx-file/20220802/wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209060101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.251.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-251-114.sin5.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
21902e4026c2f774fbd13f64845d6fd3a823c1ea64ee93e76a9fe06a49a74711

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
604
content-length
673
content-type
text/html
date
Sat, 10 Sep 2022 08:14:12 GMT
etag
"48eae0cda160246f65db69ea3a0e8b6a"
last-modified
Tue, 02 Aug 2022 04:45:52 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 f448aba82e4fd70230de47f9a261511c.cloudfront.net (CloudFront)
x-amz-cf-id
RjMpuCOmLbbZagJS550e7Uzh_uhdvcj3Zl6mWoPQvUMLhPDCBP4bgw==
x-amz-cf-pop
SIN5-C1
x-amz-version-id
AXCXhborHznj.8nLhhiA1470QYBmIoZE
x-cache
Hit from cloudfront

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 10 Sep 2022 08:23:11 GMT
location
https://adx.holmesmind.com/adx-file/20220802/wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
quant.js
secure.quantserve.com/ 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.229.10.247 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
32cf0a8fe53899cf276cb12df8c8f5f1558bfb49a803502eda8296818dafef6f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 08:23:11 GMT
content-encoding
gzip
etag
"3K3nn1ChiYCKxJYFUmbsHw=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Sat, 17 Sep 2022 08:23:11 GMT
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20220910
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1662648504901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
92aa39d317688eccaab953ef7fd83477e61ad957a222d6454a6fd45419d998dc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 10 Sep 2022 08:23:10 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
19306
x-jsd-version
1.0.1458
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19144-FRA, cache-scl2220028-SCL
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"666-DWs08tSmUo/obvZUfoCKYDJBJus"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rUOKfPkU8SAijm3XxxR1Y%2FytE0ns1AUx5UrYaQu7%2BQbwyaIFmUbbQsgdXqnh9%2BuJSIf5pcuqWmjVOKEfJ5WDuQq04i9UtC5egLZSiHr7lvr4NY4C4eEN4x0iBPZHP%2B4x7Jc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
7486c2954fe26a68-SYD
cdb
bidder.criteo.com/ 		0
212 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.19.0&cb=55409824829
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1662648504901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.145 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 10 Sep 2022 08:23:10 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
auction
prebid-server.rubiconproject.com/openrtb2/ 		185 B
406 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1662648504901.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.192.218.173 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-192-218-173.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
4946803c26c32c4e02614e061b6a4b9ba5a1008b9918314d7902527a52897b78

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 10 Sep 2022 08:23:11 GMT
content-encoding
gzip
x-prebid
pbs-java/1.97.0
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
175
expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		185 B
405 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1662648504901.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.192.218.173 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-192-218-173.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
411d52d20bd61f0a87f51b784e1c7acb62721ef8c2c67e2a2840a63465e055ce

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 10 Sep 2022 08:23:12 GMT
content-encoding
gzip
x-prebid
pbs-java/1.97.0
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
174
expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		185 B
406 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1662648504901.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.192.218.173 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-192-218-173.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
231fee910520b0c5cde0985cfe2d2e587cf67c42ec85ad06710fc0ade03d9a1a

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 10 Sep 2022 08:23:11 GMT
content-encoding
gzip
x-prebid
pbs-java/1.97.0
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
174
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		472 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20616&site_id=395958&zone_id=2209398&size_id=15%3B2%3B8&alt_size_ids=2%2C1%2C13%2C14%2C19%2C43%2C44%2C117%3B1%2C43%2C44%3B&rp_schain=1.0,1!adpushup.com,062d9a21f747ddee7c25d4297776e0aa,1,,,&eid_pubcid.org=ab91f60c-3741-44c6-a0a2-58038acc8062%5E1&rf=https%3A%2F%2Fwww.bg3.co%2Fa%2Fqi-mei-yin-le-jie-ling-hun-de-yin-hen-gan-shou-lang-man-le-pai-de-feng-pei-qing-gan.html&tk_flint=pbjs_lite_v6.19.0&x_source.tid=9c9c909e-4fec-4b51-a57d-86a8f53a11b8%3Bb2921b39-4a69-49e4-a16c-bfb7cf649e16%3B414b59ad-6bd1-4720-aa10-165758e2952c&l_pb_bid_id=6c52e69efe47f9%3B714960f59d01ae%3B8aea2e6fe35d12&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=3&rand=0.9765514832930817
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1662648504901.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
a6d8bdaa3aa2faef258cab77911cb0c974c1da4ad88edac570deb2320341161c

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 10 Sep 2022 08:23:11 GMT
server
nginx/1.21.4
vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-type
application/json
expires
Wed, 17 Sep 1975 21:32:10 GMT
auction
rtb.adxpremium.services/openrtb2/ 		59 B
396 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.adxpremium.services/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1662648504901.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
148.251.44.111 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
sundoro
Software
/
Resource Hash
1c877b4b7e75bf2c8432415bb762ed9bfc73830abf68497eff686fcc9fa44f9f

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 10 Sep 2022 08:23:12 GMT
x-prebid
pbs-go/unknown
vary
Origin
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
59
expires
0
bid-request
a.teads.tv/hb/ 		811 B
707 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1662648504901.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.83.197.63 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-197-63.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
26abfaab1dd7b7815b1f3b6b2a6cad15933a22aa60ebf97efdbd3120614b1e3e

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 10 Sep 2022 08:23:12 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
388
expires
Sat, 10 Sep 2022 08:23:12 GMT
prebid-request
onetag-sys.com/ 		15 B
407 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1662648504901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.79.234.101 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-51-79-234.net
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
access-control-allow-headers
content-type, origin, referer, user-agent
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://www.bg3.co
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
41
cygnus
htlb.casalemedia.com/ 		37 B
312 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=693656&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22290b12ea926212e%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fqi-mei-yin-le-jie-ling-hun-de-yin-hen-gan-shou-lang-man-le-pai-de-feng-pei-qing-gan.html%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A7%2C%22msi%22%3A7%2C%22mfu%22%3A3%2C%22bu%22%3A3%2C%22iu%22%3A0%2C%22nu%22%3A3%2C%22ou%22%3A3%2C%22allu%22%3A3%2C%22ren%22%3Atrue%2C%22version%22%3A%226.19.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22365e77053df1959%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A320%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22320x50%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22300x50%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A250%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22250x250%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%223923a95e777785b%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A320%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22320x50%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22300x50%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%22407dc0f44f41a71%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A120%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22120x600%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpushup.com%22%2C%22sid%22%3A%22062d9a21f747ddee7c25d4297776e0aa%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22ab91f60c-3741-44c6-a0a2-58038acc8062%22%7D%5D%7D%5D%7D%7D
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1662648504901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b865c56c4ad5dcba27c8548903262a68eacdb2728a6095b31802eb54178be5b2

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 10 Sep 2022 08:23:11 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PniE0cLrBnokafeVlhY88y2Prk%2FuoEG8Xu78qbbIqVCnIqrAVMvFTRq05%2B1u%2FKZLTP7TJi7r2B2Ac6WXBkF%2BwNR%2FsRUveY4t5%2BLLv5SN6DlgmnW8mnceyfc4C96aCa9oKfqRIC2T"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7486c2959d7ea8d1-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
cygnus
htlb.casalemedia.com/ 		37 B
565 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=693656&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%22290b12ea926212e%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fqi-mei-yin-le-jie-ling-hun-de-yin-hen-gan-shou-lang-man-le-pai-de-feng-pei-qing-gan.html%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A3%2C%22bu%22%3A3%2C%22iu%22%3A0%2C%22nu%22%3A3%2C%22ou%22%3A3%2C%22allu%22%3A3%2C%22ren%22%3Atrue%2C%22version%22%3A%226.19.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%223923a95e777785b%22%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22728x90%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B728%2C90%5D%5D%2C%22api%22%3A%5B2%5D%2C%22linearity%22%3A1%2C%22placement%22%3A4%2C%22w%22%3A728%2C%22h%22%3A90%7D%7D%2C%7B%22id%22%3A%22407dc0f44f41a71%22%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22120x600%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B120%2C600%5D%5D%2C%22api%22%3A%5B2%5D%2C%22linearity%22%3A1%2C%22placement%22%3A4%2C%22w%22%3A120%2C%22h%22%3A600%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpushup.com%22%2C%22sid%22%3A%22062d9a21f747ddee7c25d4297776e0aa%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22ab91f60c-3741-44c6-a0a2-58038acc8062%22%7D%5D%7D%5D%7D%7D
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1662648504901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b865c56c4ad5dcba27c8548903262a68eacdb2728a6095b31802eb54178be5b2

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 10 Sep 2022 08:23:11 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fo0k%2Fny2PyBDY%2BumqZ1s0JplrTK9lTvx0LmCFy4ODS6SuxRAnjD%2BA3J6u4cZWDQJxQu5kSksUqUzRFv2bC6d6eDCtXzUEyJG4aeGZ4HcntWKwp5z34SAg%2F%2BomC0F8pfq3SOPV9ue"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7486c2959d7fa8d1-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
arj
adpushup-d.openx.net/w/1.0/ 		29 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Fqi-mei-yin-le-jie-ling-hun-de-yin-hen-gan-shou-lang-man-le-pai-de-feng-pei-qing-gan.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=a47302dd-338b-4331-bfad-51da1ac30287%2C3077e993-c5ad-4f71-863d-b62549b004e5%2Cf7e1fa1c-885c-4688-bc21-31a73983eb93&nocache=1662798190708&pubcid=ab91f60c-3741-44c6-a0a2-58038acc8062&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&aus=728x250%2C728x90%2C690x90%2C690x250%2C675x90%2C675x250%2C670x90%2C670x250%2C650x90%2C650x250%2C650x150%2C630x90%2C630x250%2C602x100%2C600x90%2C600x250%2C580x90%2C570x90%2C550x150%2C468x60%2C320x50%2C320x100%2C300x50%2C300x100%2C300x75%2C300x250%2C250x250%2C200x200%7C728x90%2C690x90%2C675x90%2C670x90%2C650x90%2C630x90%2C600x90%2C580x90%2C570x90%2C468x60%2C320x50%2C300x50%2C300x75%7C120x600&divids=ADP_42753_728X250_77a9c22f-ac02-45dd-96bc-b0896a8a7d5a%2CSTICKY_ADP_42753_728X90_d1c10a72-27b4-4931-8ce7-99a18ebbdbae%2CSTICKY_ADP_42753_120X600_104b282a-bd11-4d8d-ad64-0492063b6cba&aucs=%2C%2C&auid=545618347%2C545618347%2C545618347
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1662648504901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
5d139f799fc35853e39cdeb2b6ebb46eaaaebb4f356982e05dcae54363e1c994

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 10 Sep 2022 08:23:11 GMT
content-encoding
gzip
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7957
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
avjp
adpushup-d.openx.net/v/1.0/ 		106 B
296 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Fqi-mei-yin-le-jie-ling-hun-de-yin-hen-gan-shou-lang-man-le-pai-de-feng-pei-qing-gan.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=f55afe98-36e5-40d1-882d-6cad357020f3&nocache=1662798190708&pubcid=ab91f60c-3741-44c6-a0a2-58038acc8062&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A120%2C%22h%22%3A600%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22api%22%3A%5B2%5D%2C%22playbackmethod%22%3A6%2C%22linearity%22%3A1%7D%7D%5D%7D&auid=545618481&vwd=120&vht=600&vos=101&vmimes=video%2Fmp4%2Cvideo%2Fwebm
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1662648504901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 10 Sep 2022 08:23:11 GMT
via
1.1 google
server
OXGW/0.0.0
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
avjp
adpushup-d.openx.net/v/1.0/ 		106 B
296 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Fqi-mei-yin-le-jie-ling-hun-de-yin-hen-gan-shou-lang-man-le-pai-de-feng-pei-qing-gan.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=b2a2e07e-f3e0-4ce9-bb4b-4cd51a702d22&nocache=1662798190708&pubcid=ab91f60c-3741-44c6-a0a2-58038acc8062&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22api%22%3A%5B2%5D%2C%22playbackmethod%22%3A6%2C%22linearity%22%3A1%7D%7D%5D%7D&auid=545618481&vwd=728&vht=90&vos=101&vmimes=video%2Fmp4%2Cvideo%2Fwebm
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1662648504901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 10 Sep 2022 08:23:11 GMT
via
1.1 google
server
OXGW/0.0.0
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
avjp
adpushup-d.openx.net/v/1.0/ 		106 B
504 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Fqi-mei-yin-le-jie-ling-hun-de-yin-hen-gan-shou-lang-man-le-pai-de-feng-pei-qing-gan.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=fc6200d5-2e50-4410-bbbb-9ea392ce399c&nocache=1662798190708&pubcid=ab91f60c-3741-44c6-a0a2-58038acc8062&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A400%2C%22h%22%3A225%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22api%22%3A%5B2%5D%2C%22playbackmethod%22%3A6%2C%22linearity%22%3A1%7D%7D%5D%7D&auid=545618481&vwd=400&vht=225&vos=101&vmimes=video%2Fmp4%2Cvideo%2Fwebm
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1662648504901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 10 Sep 2022 08:23:11 GMT
via
1.1 google
server
OXGW/0.0.0
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		0
0
c
prebid.a-mo.net/a/ 		584 B
861 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1662648504901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.88.5 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
6558cd4781a302e56e5d98e926705759503490a6fb4f584ffa866f301e1016de

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 10 Sep 2022 08:23:10 GMT
content-encoding
gzip
server
envoy
vary
origin, accept-encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
106
content-length
300
auction
tlx.3lift.com/header/ 		19 B
504 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=6.19.0&referrer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fqi-mei-yin-le-jie-ling-hun-de-yin-hen-gan-shou-lang-man-le-pai-de-feng-pei-qing-gan.html&tmax=3000
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1662648504901.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.76.108.50 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-76-108-50.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 10 Sep 2022 08:23:11 GMT
accept-ch
sec-ch-viewport-width,sec-ch-ua-platform,sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua,sec-ch-ua-bitness,sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect,user-agent,sec-ch-downlink,sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		21 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1662648504901.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.151.120 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
908.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
eb4b12c0cb69834976c26e8f915a121982bd6a72af780109a93e160b6cd1b112
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 10 Sep 2022 08:23:11 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
173.245.209.165; 173.245.209.165; 908.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
424c34c5-2f58-4fb3-9ba1-4dfd0b694215
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
prebid.media.net/rtb/ 		1 KB
919 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUPEPKI9
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1662648504901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
7236bda38594c6432df8feca8746c6bbf6d59107637ad0db83d5d9edc1c0f42d

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 10 Sep 2022 08:23:11 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
97
alt-svc
clear
via
1.1 google
adreq
ads.servenobid.com/ 		818 B
635 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=9759
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1662648504901.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.53.23 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-53-23.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
f1e691269432cba8bed2110866d1a1a67546edcb41cb7e9f5e3fc9de6736a59e

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 10 Sep 2022 08:23:11 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
integrator.js
adservice.google.com.au/adsid/ Frame D98A 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 10 Sep 2022 08:23:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame D98A 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 10 Sep 2022 08:23:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame D98A 		492 B
264 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4041126369643702&correlator=2642961325709992&eid=31068458&output=ldjh&gdfp_req=1&vrg=2022090601&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=64515409&sfv=1-0-38&fsapi=false&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1662798190975&lmt=1644386353&dlt=1662798189396&idt=1536&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=4emhqw3okkay&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&frm=24&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=338661063.1662798191&ga_sid=1662798191&ga_hid=2091792793&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f156.1e100.net
Software
cafe /
Resource Hash
a0b902d4a1edda7fca6456bf3452909a328b134483e2124b1c0a030fddaf499b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 08:23:11 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
234
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cdn.aralego.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
fa1d6bc797a36a4e9c0566e7463c46a1.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 1F57 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://fa1d6bc797a36a4e9c0566e7463c46a1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 10 Sep 2022 08:23:11 GMT
expires
Sun, 10 Sep 2023 08:23:11 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
rules-p-54Nt-1NAaEEe0.js
rules.quantcount.com/ 		209 B
681 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-54Nt-1NAaEEe0.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.254.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-254-11.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
aa446b1f105b20f07c49f55c8ea00ef9bc42d7f0c5f747319823f00a480ff7f6

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 07:43:40 GMT
via
1.1 2ba2ffa46f6a4bf7dd5bd07c9a0879ce.cloudfront.net (CloudFront)
age
2372
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
209
last-modified
Fri, 26 Aug 2022 18:04:08 GMT
server
AmazonS3
etag
"f6459e80de21135a46e02ad9e79f6802"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-cf-pop
SIN52-C3
accept-ranges
bytes
x-amz-cf-id
a-OxupiNVaL6go6kddoRASACJQjuESFOPrASDCqPnKycOq3M-ZKfrg==
integrator.js
adservice.google.com.au/adsid/ Frame 7ADC 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 10 Sep 2022 08:23:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 7ADC 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 10 Sep 2022 08:23:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 7ADC 		492 B
263 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1799735398145126&correlator=2946913947691935&eid=31069183&output=ldjh&gdfp_req=1&vrg=2022090601&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=64515409&sfv=1-0-38&fsapi=false&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1662798191441&lmt=1644386353&dlt=1662798189409&idt=2022&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=oofqgci97nqu&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&frm=24&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=191003086.1662798191&ga_sid=1662798191&ga_hid=1976941614&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f156.1e100.net
Software
cafe /
Resource Hash
0442590cffbff81278fa733c7e2924fc2a6c54b60e97883b93efca348cd0b433
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 08:23:11 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
232
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cdn.aralego.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
2885cbeb76d22c3488fb9b4680f20941.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 5F25 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://2885cbeb76d22c3488fb9b4680f20941.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 10 Sep 2022 08:23:11 GMT
expires
Sun, 10 Sep 2023 08:23:11 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame D98A 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022090601&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
11bf2892c1e20eca7d4e8145fcbb273d64ca8ef59bfece04a4fa0b6cd59be00b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 10 Sep 2022 08:23:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11018
x-xss-protection
0
log
aplogger.adpushup.com/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://aplogger.adpushup.com/log?event=glimpse_pageView&data=eyJzZXNzaW9uSWQiOiIyODUwODRfMTY2Mjc5ODE5MTcyNiIsInVzZXJJZCI6IjQzOTk4M18xNjYyNzk4MTkxNzI2Iiwic2l0ZUlkIjo0Mjc1MywicGxhdGZvcm0iOiJERVNLVE9QIiwicGFnZUlkIjoiNjk3Nzk5XzE2NjI3OTgxOTE3MjYiLCJwYWdlUGF0aCI6IiUyRmElMkZxaS1tZWkteWluLWxlLWppZS1saW5nLWh1bi1kZS15aW4taGVuLWdhbi1zaG91LWxhbmctbWFuLWxlLXBhaS1kZS1mZW5nLXBlaS1xaW5nLWdhbi5odG1sIiwiaG9zdG5hbWUiOiJ3d3cuYmczLmNvIiwidXJsIjoiaHR0cHMlM0ElMkYlMkZ3d3cuYmczLmNvJTJGYSUyRnFpLW1laS15aW4tbGUtamllLWxpbmctaHVuLWRlLXlpbi1oZW4tZ2FuLXNob3UtbGFuZy1tYW4tbGUtcGFpLWRlLWZlbmctcGVpLXFpbmctZ2FuLmh0bWwiLCJwaGFzZSI6MCwidXNlclR5cGUiOiJORVciLCJwcmV2aWV3VmFyaWF0aW9uIjoibm9QcmV2aWV3UGFnZSIsImV4cGVyaW1lbnRQYWdlIjpmYWxzZSwidGltZXN0YW1wIjoxNjYyNzk4MTkxNzI2fQ==
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.211.156.162 Mumbai, India, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 08:23:13 GMT
server
nginx/1.14.0 (Ubuntu)
L2EvcWktbWVpLXlpbi1sZS1qaWUtbGluZy1odW4tZGUteWluLWhlbi1nYW4tc2hvdS1sYW5nLW1hbi1sZS1wYWktZGUtZmVuZy1wZWktcWluZy1nYW4uaHRtbA==.json
cdn.adpushup.com/42753/ 		555 B
818 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/L2EvcWktbWVpLXlpbi1sZS1qaWUtbGluZy1odW4tZGUteWluLWhlbi1nYW4tc2hvdS1sYW5nLW1hbi1sZS1wYWktZGUtZmVuZy1wZWktcWluZy1nYW4uaHRtbA==.json
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.161 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-161.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AU
date
Sat, 10 Sep 2022 08:23:12 GMT
server
nginx/1.18.0
vary
Accept-Encoding
x-akamai-device
mobile:false&tablet:false
access-control-allow-origin
*
cache-control
max-age=3600
server-timing
cdn-cache; desc=MISS, edge; dur=7, origin; dur=225
content-type
text/html
content-length
555
expires
Sat, 10 Sep 2022 09:23:12 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame B3E4 		116 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20220802/wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
02f2b141a82a6933f6d5313defb25a4b63ec629e6f0b168d56612597e513f839
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 08:23:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40162
x-xss-protection
0
server
cafe
etag
13618294711037505824
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 10 Sep 2022 08:23:12 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 14F2 		116 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20220802/wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
26463af484843e3259660c1101556a1d547e59993f9df86eb4825fdc22c33d77
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 08:23:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40164
x-xss-protection
0
server
cafe
etag
8531886169004573151
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 10 Sep 2022 08:23:12 GMT
pixel
pxl.qccerttest.com/ 		35 B
550 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pxl.qccerttest.com/pixel?r=1830988431;fpan=1;fpa=P0-1956325324-1662798191906;pbc=ab91f60c-3741-44c6-a0a2-58038acc8062;ns=0;ce=1;qjs=1;qv=087c24cc-20220902090643;ref=;cm=;gdpr=0;d=bg3.co;dst=0;et=1662798191906;tzo=0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fqi-mei-yin-le-jie-ling-hun-de-yin-hen-gan-shou-lang-man-le-pai-de-feng-pei-qing-gan.html;ogl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qi-mei-yin-le-jie-ling-hun-de-yin-hen-gan-shou-lang-man-le-pai-de-feng-pei-qing-gan.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.254.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-254-109.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Sep 2022 23:44:23 GMT
via
1.1 20bb709a751569d186bca51c132b4c86.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
31130
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000
content-length
35
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 04 Aug 2022 16:01:04 GMT
server
AmazonS3
x-frame-options
SAMEORIGIN
etag
"55d25e9dc950d5db4d53a3b195c046c6"
vary
Accept-Encoding, Origin
content-type
image/gif
x-amz-cf-pop
SIN52-C3
accept-ranges
bytes
x-amz-cf-id
wHKjCdY-6iX3D-KrQx2s_DR3WovQ2JErLu01LIsRjVMzRh7oXZZSkA==
pixel;r=1839270375;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fqi-mei-yin-le-jie-ling-hun-de-yin-hen-gan-shou-lang-man-le-pai-de-feng-pei-qing-gan.html;uh=e51ed67dfb8d91dc24b15e2ace0c...
pixel.quantserve.com/ 		35 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=1839270375;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fqi-mei-yin-le-jie-ling-hun-de-yin-hen-gan-shou-lang-man-le-pai-de-feng-pei-qing-gan.html;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=0;fpa=P0-1956325324-1662798191906;pbc=ab91f60c-3741-44c6-a0a2-58038acc8062;ns=0;ce=1;qjs=1;qv=087c24cc-20220902090643;cm=;gdpr=0;ref=;d=bg3.co;dst=0;et=1662798191908;tzo=0;ogl=;ses=f5b37dcc-5eb8-4a02-bff0-d8607f18f856
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qi-mei-yin-le-jie-ling-hun-de-yin-hen-gan-shou-lang-man-le-pai-de-feng-pei-qing-gan.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.229.10.247 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Sep 2022 08:23:12 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 7ADC 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022090601&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
bfc8ae749acf76a865a5cf8ea6da7d9ff6247d1dc1fec1477197f3603af80f89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 10 Sep 2022 08:23:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11087
x-xss-protection
0
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209060101/ Frame B3E4 		345 KB
121 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209060101/show_ads_impl_fy2021.js?bust=31069437
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
32a0bb127aad9a7b19061909d898721b6a4c22d4ae922ff303eeb77f1af4e118
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 08:23:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
124228
x-xss-protection
0
server
cafe
etag
13440094440735383159
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sat, 10 Sep 2022 08:23:12 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame D98A 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 08:23:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 10 Sep 2022 08:23:12 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209060101/ Frame 14F2 		345 KB
121 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209060101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
ea04bc7caf56a05b359e082b41eab2542ff2fa0c51666607daba81fe29eccbe9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 08:23:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
124235
x-xss-protection
0
server
cafe
etag
15349041886960100909
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sat, 10 Sep 2022 08:23:12 GMT
js
www.googletagmanager.com/gtag/ 		208 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
071b4bd6731dcdef0932c700227624f44bf95895c613074e3eef95a24bb0a15e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 08:23:12 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
74478
x-xss-protection
0
expires
Sat, 10 Sep 2022 08:23:12 GMT
log
aplogger.adpushup.com/ 		0
53 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://aplogger.adpushup.com/log?event=linkPreview_failed_JSONRequest&data=eyJzaXRlSWQiOjQyNzUzLCJ1cmwiOiIvYS9xaS1tZWkteWluLWxlLWppZS1saW5nLWh1bi1kZS15aW4taGVuLWdhbi1zaG91LWxhbmctbWFuLWxlLXBhaS1kZS1mZW5nLXBlaS1xaW5nLWdhbi5odG1sIiwidGltZSI6MTY2Mjc5ODE5MjE2N30=
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.211.156.162 Mumbai, India, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 08:23:13 GMT
server
nginx/1.14.0 (Ubuntu)
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 7ADC 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 08:23:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 10 Sep 2022 08:23:12 GMT
integrator.js
adservice.google.com.au/adsid/ Frame B3E4 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=adx.holmesmind.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209060101/show_ads_impl_fy2021.js?bust=31069437
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 10 Sep 2022 08:23:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame B3E4 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=adx.holmesmind.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209060101/show_ads_impl_fy2021.js?bust=31069437
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 10 Sep 2022 08:23:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame C174 		32 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662798192126&bpp=11&bdt=234&idt=319&shv=r20220907&mjsv=m202209060101&ptt=5&saldr=sa&correlator=1094902774847&frm=8&ife=1&pv=2&ga_vid=245469315.1662798192&ga_sid=1662798192&ga_hid=1104964764&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31069437%2C44772916%2C44769661&oid=2&pvsid=2709184894833235&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.p4r2luhaezh3&fsb=1&dtd=335
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209060101/show_ads_impl_fy2021.js?bust=31069437
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
cafe /
Resource Hash
2a88de3c2f922c361f8ef2dd11ed86cf766b6c3a18f9a604ba77bb6326d94aac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
14733
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 10 Sep 2022 08:23:13 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
integrator.js
adservice.google.com.au/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 10 Sep 2022 08:23:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 10 Sep 2022 08:23:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		77 KB
25 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=119427094685228&correlator=2855585454781883&eid=31069321&output=ldjh&gdfp_req=1&vrg=2022090601&ptt=17&impl=fifs&iu_parts=103512698%3A22574853003%2C22477626096%2C22479095528%2C22579309510&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3&prev_iu_szs=320x50%7C728x250%7C728x90%7C690x90%7C690x250%7C675x90%7C675x250%7C670x90%7C670x250%7C650x90%7C650x250%7C650x150%7C630x90%7C630x250%7C602x100%7C600x90%7C600x250%7C580x90%7C570x90%7C550x150%7C468x60%7C320x50%7C320x100%7C300x50%7C300x100%7C300x75%7C300x250%7C250x250%7C200x200%2C320x50%7C728x90%7C690x90%7C675x90%7C670x90%7C650x90%7C630x90%7C600x90%7C580x90%7C570x90%7C468x60%7C320x50%7C300x50%7C300x75%2C320x50%7C120x600&fluid=height%2Cheight%2Cheight&ifi=1&adks=1420297610%2C2857874404%2C4082231052&sfv=1-0-38&fsapi=false&prev_scp=adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26refreshcount%3D0%26refreshrate%3D30%26hb_ap_format%3Dbanner%26hb_ap_pb%3D0.10%26hb_ap_adid%3D8475fb048f1e839%26hb_ap_bidder%3Dteads%7Cadpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26refreshcount%3D0%26refreshrate%3D30%26hb_ap_format%3Dbanner%26hb_ap_pb%3D0.12%26hb_ap_adid%3D85b2eaf638a76c4%26hb_ap_bidder%3Dteads%7Cadpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26refreshcount%3D0%26refreshrate%3D30&eri=1&cust_params=da%3Dadx%26outbrain%3Dtrue&sc=1&cookie=ID%3De2bd7ee8e1ebbef5-2286b4c45fd6003a%3AT%3D1662798190%3ART%3D1662798190%3AS%3DALNI_MaUinBOu_X04VkgHjUpp-FS8nAsvg&gpic=UID%3D000009aa1788d601%3AT%3D1662798190%3ART%3D1662798190%3AS%3DALNI_MY7oNokjF5Zu3U1zrRu2TxNl8U5gQ&arp=1&abxe=1&dt=1662798192490&lmt=1662798192&dlt=1662798187383&idt=4034&adxs=236%2C436%2C5&adys=60%2C1110%2C300&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0&ucis=1%7C2%7C3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fqi-mei-yin-le-jie-ling-hun-de-yin-hen-gan-shou-lang-man-le-pai-de-feng-pei-qing-gan.html&frm=20&vis=1&psz=728x-1%7C728x-1%7C120x-1&msz=728x-1%7C728x-1%7C120x-1&fws=4%2C516%2C516&ohw=728%2C1600%2C1600&ga_vid=603661722.1662798192&ga_sid=1662798192&ga_hid=3513&ga_fc=false&ga_cid=amp-UJEBkswYDI3W72Ea826CEg
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f156.1e100.net
Software
cafe /
Resource Hash
e6c4445c817f91c6bb63c24449617a725313ca38bd562ddc5ebc3844e05f6baf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 08:23:12 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25194
x-xss-protection
0
google-lineitem-id
-1,-1,-1
pragma
no-cache
server
cafe
google-creative-id
-1,-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
a011a39eb7575a461d98b9823b03d532.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 154C 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a011a39eb7575a461d98b9823b03d532.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 10 Sep 2022 08:23:12 GMT
expires
Sun, 10 Sep 2023 08:23:12 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
integrator.js
adservice.google.com.au/adsid/ Frame 14F2 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=adx.holmesmind.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209060101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 10 Sep 2022 08:23:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 14F2 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=adx.holmesmind.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209060101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 10 Sep 2022 08:23:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
Jpdrj6FTFudMF9gFh20p69WOhIfPkDWiDdiuTHfZ.html
adx.holmesmind.com/adx-file/20220802/ Frame C5A6
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F...
  • https://adx.holmesmind.com/adx-file/20220802/Jpdrj6FTFudMF9gFh20p69WOhIfPkDWiDdiuTHfZ.html
801 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://adx.holmesmind.com/adx-file/20220802/Jpdrj6FTFudMF9gFh20p69WOhIfPkDWiDdiuTHfZ.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209060101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.251.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-251-114.sin5.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
da4085030009e98daf6eb2656f5fae35c7a3bb947e1a290ddbb20581cc2678b9

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
505
content-length
801
content-type
text/html
date
Sat, 10 Sep 2022 08:14:52 GMT
etag
"ecb9b362af60ffdbe438788aa8ca18e5"
last-modified
Tue, 02 Aug 2022 04:48:09 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 f448aba82e4fd70230de47f9a261511c.cloudfront.net (CloudFront)
x-amz-cf-id
VrgapTfrznnXS0Sh2CaIjiIWym1OC4e6W4zpwi1By7CqbBtGjYI6FQ==
x-amz-cf-pop
SIN5-C1
x-amz-version-id
KbMM.b5nTQFCq_iVT2XQPFDqHmRW1hjS
x-cache
Hit from cloudfront

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 10 Sep 2022 08:23:13 GMT
location
https://adx.holmesmind.com/adx-file/20220802/Jpdrj6FTFudMF9gFh20p69WOhIfPkDWiDdiuTHfZ.html
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame DD32 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
7284
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 10 Sep 2022 06:21:49 GMT
expires
Sun, 10 Sep 2023 06:21:49 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame B018 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f104.1e100.net
Software
GSE /
Resource Hash
6f555469d4995d756df1afa3818efd83899052c9ed812daf66ebe3fa97e91ed5
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-QcYjo3UICih1hzzAymv3TA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-QcYjo3UICih1hzzAymv3TA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 10 Sep 2022 08:23:13 GMT
expires
Sat, 10 Sep 2022 08:23:13 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6B3C 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
7284
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 10 Sep 2022 06:21:49 GMT
expires
Sun, 10 Sep 2023 06:21:49 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 272F 		783 B
744 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f104.1e100.net
Software
GSE /
Resource Hash
08f09a4d590f897f47dfc1225b7f235abb8ee7d9a2891130ef154c9e023cdae0
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-W1xc5XXAMQGlqIJ_WtJ3HQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
515
content-security-policy
script-src 'report-sample' 'nonce-W1xc5XXAMQGlqIJ_WtJ3HQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 10 Sep 2022 08:23:13 GMT
expires
Sat, 10 Sep 2022 08:23:13 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
collect
www.google-analytics.com/g/ 		0
106 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=2oe970&_p=3513&cid=603661722.1662798192&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_z=ccd.v9B&_s=1&sid=1662798193&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fqi-mei-yin-le-jie-ling-hun-de-yin-hen-gan-shou-lang-man-le-pai-de-feng-pei-qing-gan.html&dt=%E5%A5%87%E7%BE%8E%E9%9F%B3%E6%A8%82%E7%AF%80%E3%80%8C%E9%9D%88%E9%AD%82%E7%9A%84%E5%8D%B0%E7%97%95%E3%80%8D%20%E3%80%80%E6%84%9F%E5%8F%97%E6%B5%AA%E6%BC%AB%E6%A8%82%E6%B4%BE%E7%9A%84%E8%B1%90%E6%B2%9B%E6%83%85%E6%84%9F%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_fv=1&_ss=1&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_success
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f101.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Sep 2022 08:23:13 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
a011a39eb7575a461d98b9823b03d532.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame FAAE 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a011a39eb7575a461d98b9823b03d532.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 10 Sep 2022 08:23:12 GMT
expires
Sun, 10 Sep 2023 08:23:12 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
a011a39eb7575a461d98b9823b03d532.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame ED5D 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a011a39eb7575a461d98b9823b03d532.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 10 Sep 2022 08:23:12 GMT
expires
Sun, 10 Sep 2023 08:23:12 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012208121708000/ Frame DB38 		221 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012208121708000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
622cd4a2d30e2b367e91504a877c0284d39bf4ff04c3fdca849996e4df5553af
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
358432
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61526
x-xss-protection
0
server
sffe
date
Tue, 06 Sep 2022 04:49:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"b1753c5424806777"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 06 Sep 2023 04:49:21 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012208121708000/v0/ Frame DB38 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012208121708000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
2c6cd6437201b0cf35c1eccffc8e99291167d496c73ab43ecb3cfeec5a5dc28f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
313838
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5202
x-xss-protection
0
server
sffe
date
Tue, 06 Sep 2022 17:12:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"23fb7130d171a0c1"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 06 Sep 2023 17:12:35 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012208121708000/v0/ Frame DB38 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012208121708000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
3f2c0c4e4c89eae172edef7969867243fca9370249d772d7724ab3bca286e1e1
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
288536
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28840
x-xss-protection
0
server
sffe
date
Wed, 07 Sep 2022 00:14:17 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"bd6960dd2dd8774b"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 07 Sep 2023 00:14:17 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012208121708000/v0/ Frame DB38 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012208121708000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
8de5be317de0e910d5ccea3ce5a604f6fe59df71dfc30b8d7272bd1fab48617e
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
82868
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1914
x-xss-protection
0
server
sffe
date
Fri, 09 Sep 2022 09:22:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"6b6863aa0ddd5cf3"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 09 Sep 2023 09:22:05 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012208121708000/v0/ Frame DB38 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012208121708000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
c8356135a2910f429eaab41d100680627e417d126cbed99c410f0d5aad490ab2
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
484709
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12954
x-xss-protection
0
server
sffe
date
Sun, 04 Sep 2022 17:44:44 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"008ca125395468a7"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Mon, 04 Sep 2023 17:44:44 GMT
truncated
/ Frame DB38 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
018bffd7f81cd614c416e15fc498214f5b3f7525cb2c6935de62cb0990d4ffda

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
8219354039871549938
tpc.googlesyndication.com/simgad/ Frame DB38 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/8219354039871549938?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qmbiS0yhCPn_iK6tCQhwndzsbC2dg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qi-mei-yin-le-jie-ling-hun-de-yin-hen-gan-shou-lang-man-le-pai-de-feng-pei-qing-gan.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f132.1e100.net
Software
sffe /
Resource Hash
6cc8acd05cc0467f44ede1de8275f033c906f08c5fe77f756e74077ee88454c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 08:23:13 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33528
x-xss-protection
0
last-modified
Fri, 01 Jul 2022 06:53:23 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 10 Sep 2023 08:23:13 GMT
zh_tw.png
tpc.googlesyndication.com/pagead/images/abg/ Frame DB38 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/zh_tw.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qi-mei-yin-le-jie-ling-hun-de-yin-hen-gan-shou-lang-man-le-pai-de-feng-pei-qing-gan.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f132.1e100.net
Software
cafe /
Resource Hash
a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 01:11:40 GMT
x-content-type-options
nosniff
server
cafe
age
25893
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
7688947696963022458
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3430
x-xss-protection
0
expires
Sun, 11 Sep 2022 01:11:40 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame DB38 		344 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qi-mei-yin-le-jie-ling-hun-de-yin-hen-gan-shou-lang-man-le-pai-de-feng-pei-qing-gan.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f132.1e100.net
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Sep 2022 19:21:12 GMT
x-content-type-options
nosniff
server
cafe
age
46921
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
6766994032117382215
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Sat, 10 Sep 2022 19:21:12 GMT
l
www.google.com/ads/measurement/ Frame DB38 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSyILb6sqJ0AsTtbH79DIvdrlnyiPbyz1ww9iT-aNB_hTRPBZgULin-ANhq1BfR6Fu7GfZvcs1x9l0diXI0Bq1OzZW8hg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qi-mei-yin-le-jie-ling-hun-de-yin-hen-gan-shou-lang-man-le-pai-de-feng-pei-qing-gan.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f104.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame DB38 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CVKANcEkcY7_6JoPaz7sP5o2UmAmb1JaObP6o8LSoENfWor3AARABILqEwDNgpYCAgJABoAHhiunXAcgBAqkChr7End3YsD7gAgCoAwHIAwiqBLMCT9CIPVEAxXQzwjM1SdjtAXStPuhuT8NKPbKw9ZiEjn543rUtMhJKa3iprbAsDPXUL5NWgxk0pOmESRv-mGvmVUal8bo2fL0bxu2zg0BKIMGFmT2xojVIgaN_6ZYxsMXTqL-hzlddkgirqylhegaMYdOG-tkIe1FDR0aekvUMYgav6eBDvdLGHR5UfAxY_-uLxde_HJfC8mg4DRqd_V9ugWx9En5TT3M0gIfob-G16Bg99LBF_wsaS8dclWzOpKhshXLCf1HH_dDBvU5meERBGKWvzF9SRNfFRqowDD7m_ubEu7O5RfM1OFZV5NsziJDrHjf8AoNrcCSxSrXPqFL8QLkNrVcSBfrsnuFTJXxcaxKoXCsKZ6H7jMWSRFtMi_I2ruNGNf5-FUsmsGDz76GN2BXpNcAEyeGbyJcE4AQBkgUECAQYAZIFBAgFGASgBgKAB4f1lqgCqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQ0ZIC0ggPCIBhEAEYHTICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgwgAoDyAsB2BMC0BUBmBYBgBcBshceChwIABIUcHViLTg5MzMzMjk5OTkzOTExMDQYyqse&sigh=wTjPv8UbyI0&uach_m=[UACH]
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qi-mei-yin-le-jie-ling-hun-de-yin-hen-gan-shou-lang-man-le-pai-de-feng-pei-qing-gan.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f156.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
adview
googleads.g.doubleclick.net/pagead/ Frame C174 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C6Z6BcEkcY-TbNtOg8wPEmoqQBqzX_fBktPaok-ILwI23ARABIABgpYCAgJABggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODegAZX1m98DyAEJqAMBqgSuAU_QkYh0G6vv_S4u6Nz4bIFJk2_oNsptLizO-GwpBV0ulYx0Fybbsv3_cPUBOk-CnNHOHqswnPEN031ySAyyyAG0t0OiyeI3xH1tiTbohWF7mNsE8lsrtV9TaHqih3G4oNr7qkocC-e7deS61gCEEkBfWX-RtuZY7S86I14oobtsa3zm8WVqBjhr9Fcd0wSisqsv8pywmM7M1cFK7hvv-U4YD0OneQMJtYnmzhzsOoAG-_rsw6blhvQ5oAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgECACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItNDQ4NTIzOTQyNTkyNDc4NxjizBk&sigh=2gHrHixWHe8&uach_m=[UACH]&cid=CAQSKQCsnQUxRSVxIQv26Q6K-obfkCNv6Dt4JB5kBJy336JomCF0RDeR6H1kGAE
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662798192126&bpp=11&bdt=234&idt=319&shv=r20220907&mjsv=m202209060101&ptt=5&saldr=sa&correlator=1094902774847&frm=8&ife=1&pv=2&ga_vid=245469315.1662798192&ga_sid=1662798192&ga_hid=1104964764&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31069437%2C44772916%2C44769661&oid=2&pvsid=2709184894833235&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.p4r2luhaezh3&fsb=1&dtd=335
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662798192126&bpp=11&bdt=234&idt=319&shv=r20220907&mjsv=m202209060101&ptt=5&saldr=sa&correlator=1094902774847&frm=8&ife=1&pv=2&ga_vid=245469315.1662798192&ga_sid=1662798192&ga_hid=1104964764&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31069437%2C44772916%2C44769661&oid=2&pvsid=2709184894833235&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.p4r2luhaezh3&fsb=1&dtd=335
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Sat, 10 Sep 2022 08:23:13 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
log
hblg.media.net/ Frame C174 		35 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hblg.media.net/log?logid=kfk&evtid=l1log&app=0&cc=AU&ctr=4.0885925E-4&viewability=-1&device_id=4&cbdp=0.011&slotVisibility=2&dn=bg3.co&acid=497c40dca8f14bb3bef0dce419605f73&ugd=4&size=336x280&pvid=4&csip=rtb-common-istio-59f7fddfbb-x2mjx.SG&ogbdp=0.02&prvReqId=39933960903501_113547844_52982010441&itype=ADX&requrl=https%3A%2F%2Fwww.bg3.co&scrid=1700080807683300336028000000500&mang=1&bidrestime=1662798192985&cid=8CU3SX34C&rme=nurl
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662798192126&bpp=11&bdt=234&idt=319&shv=r20220907&mjsv=m202209060101&ptt=5&saldr=sa&correlator=1094902774847&frm=8&ife=1&pv=2&ga_vid=245469315.1662798192&ga_sid=1662798192&ga_hid=1104964764&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31069437%2C44772916%2C44769661&oid=2&pvsid=2709184894833235&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.p4r2luhaezh3&fsb=1&dtd=335
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.252.26 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-252-26.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Sep 2022 08:23:13 GMT
strict-transport-security
max-age=86400 ; includeSubDomains
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Sat, 10 Sep 2022 08:23:13 GMT
log
qsearch-a.akamaihd.net/ Frame C174 		35 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://qsearch-a.akamaihd.net/log?logid=kfk&evtid=dmmra&ckfl=0&lper=&app_type=adx_test&bdr_typ=1&ss_d1=0&ogerpm=0.0100&ss_d2=0&stid=&other_prv=4&jar_err=&current_day=6.0&adtyp=0&req_id=YxxJcAAOWNEF6YftqwGKGQ&bd_m3=0.0000&bidfp=0.0100&bd_m2=0.0000&pvag_id=&bd_m1=0.0000&ugd=4&dim10=false&predicted_wr=45.1245&exp=&fdbk_id=&second_bidder=*&search_res=87&floor_bucket=0.00&gpid_format=&seat=BID_API&size=336x280&f_seg=&prdp=0.0110&ogcbdp=0.0200&dfpbd=0.0110&server=1&ogerpm_wd_bkt=0-1&model_version=202209092227_generic_adx_1-cid_1&viewability=-0.0100&dmm_r=0.0000&cut=45&dmm_l=0.0000&as_cache=1&tcyerpm=&sc=AU-NSW&send_erpm=true&dmm_m9=0.0000&sd=1&hb_exp=&seg=&dmm_m4=1.1500&erpm_bucket=0.00&ugd_ver=&requrl=bg3.co%2F&bidrestime=1662798192985&cc=AU&strg=harmony&ss=&current_hour=7&time_stamp=2022-09-10+08%3A23%3A12&model_key=generic_adx_1-cid_1&rvshhon=&mul_ratio=0.0000&bdp=0.0200&ct=beaconsfield&akey=&mnckfl=0&bdp_bucket=0.00&algo=unison12&dc=apac_sg&splid=&dim4=ogerpm_multiplier_used&dn=bg3.co&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F89.0.4389.72+Safari%2F537.36&buyer_id=&bdp_wider_bucket=1&acid=497c40dca8f14bb3bef0dce419605f73&infl=flr&o_ver=NT+10.0&br_ver=89.0.4389.72&bdmm_m6=0.0000&bdmm_m7=0.0000&bdmm_m5=0.0000&ver=8.14.1&totalTimeBucket=2&visibility=2&totalTime=2930010&dmm_m1=2022-09-10+08%3A23%3A12.987410217&e_rpm=0.0000&dmm_m22=0.0100&gdpr=&vsid=&log_less=false&gpid_sent=false&ogerpm_used=false&bdmm_m12=0.0000&cid=8CU3SX34C&bcrid=1700080807683300336028000000500&rawbid=0.0200&seat_id=BID_API&sub_bidder=186&pst=EMS&pbshr=100.0000&dmm_d10=&o_id=101&clisp=rtb-common-istio-59f7fddfbb-x2mjx.SG&dfp_bucket=0.0&adblk=3314916115&itype=adx&pvid_seat=4_BID_API&cliIP=2918568192&advurl=topics.businessfocus.online%2F&level_base=0&crid=529820104&sat=1&br_id=265&cut_bkt=1&gpid=&iwb=1&second_bid=0.000000&sc_pvid=4&capd=0&other_bids=0.02
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662798192126&bpp=11&bdt=234&idt=319&shv=r20220907&mjsv=m202209060101&ptt=5&saldr=sa&correlator=1094902774847&frm=8&ife=1&pv=2&ga_vid=245469315.1662798192&ga_sid=1662798192&ga_hid=1104964764&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31069437%2C44772916%2C44769661&oid=2&pvsid=2709184894833235&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.p4r2luhaezh3&fsb=1&dtd=335
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
42.99.128.161 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-128-161.pacnet.net
Software
/
Resource Hash

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 10 Sep 2022 08:23:13 GMT
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Sat, 10 Sep 2022 08:23:13 GMT
JI0Pcydj_YJwFyiv8pAtPmsHnnPx6gDBxLt0n0XpIm8.js
pagead2.googlesyndication.com/bg/ Frame DD32 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/JI0Pcydj_YJwFyiv8pAtPmsHnnPx6gDBxLt0n0XpIm8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
sffe /
Resource Hash
248d0f732763fd82701728aff2902d3e6b079e73f1ea00c1c4bb749f45e9226f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 00:27:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
201316
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15957
x-xss-protection
0
last-modified
Mon, 29 Aug 2022 10:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 08 Sep 2023 00:27:57 GMT
nmedianet.js
contextual.media.net/ Frame C174 		162 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/nmedianet.js?cid=8CUABW64L
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662798192126&bpp=11&bdt=234&idt=319&shv=r20220907&mjsv=m202209060101&ptt=5&saldr=sa&correlator=1094902774847&frm=8&ife=1&pv=2&ga_vid=245469315.1662798192&ga_sid=1662798192&ga_hid=1104964764&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31069437%2C44772916%2C44769661&oid=2&pvsid=2709184894833235&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.p4r2luhaezh3&fsb=1&dtd=335
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.83.196.24 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
a690612af8983b689a75a9e58497bb45a06c2c09430f8c2308366ba77e09407b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
x-mnt-h
22-dgs7
content-encoding
gzip
server
Apache
etag
"75223ecf2ceea4007a28304a3f1fdfaf"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
max-age=300
date
Sat, 10 Sep 2022 08:23:14 GMT
strict-transport-security
max-age=31536000
x-mnt-w
8-8
expires
Sat, 10 Sep 2022 08:28:14 GMT
JI0Pcydj_YJwFyiv8pAtPmsHnnPx6gDBxLt0n0XpIm8.js
pagead2.googlesyndication.com/bg/ Frame 6B3C 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/JI0Pcydj_YJwFyiv8pAtPmsHnnPx6gDBxLt0n0XpIm8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
sffe /
Resource Hash
248d0f732763fd82701728aff2902d3e6b079e73f1ea00c1c4bb749f45e9226f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 00:27:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
201316
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15957
x-xss-protection
0
last-modified
Mon, 29 Aug 2022 10:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 08 Sep 2023 00:27:57 GMT
adperformance.js
warp.media.net/rtb/resource/ Frame C174 		61 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://warp.media.net/rtb/resource/adperformance.js?v=35e90bcdc8
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662798192126&bpp=11&bdt=234&idt=319&shv=r20220907&mjsv=m202209060101&ptt=5&saldr=sa&correlator=1094902774847&frm=8&ife=1&pv=2&ga_vid=245469315.1662798192&ga_sid=1662798192&ga_hid=1104964764&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31069437%2C44772916%2C44769661&oid=2&pvsid=2709184894833235&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.p4r2luhaezh3&fsb=1&dtd=335
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.252.26 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-252-26.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
3378135f525fc551ce49d2c117e9967735794757a4c71910d8c1b8fa38bf3f2c
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=604800
server
nginx
date
Sat, 10 Sep 2022 08:23:13 GMT
content-type
application/javascript;charset=ISO-8859-1
cache-control
max-age=66439
access-control-allow-credentials
true
content-length
62892
expires
Sun, 11 Sep 2022 02:50:32 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/ Frame C174 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662798192126&bpp=11&bdt=234&idt=319&shv=r20220907&mjsv=m202209060101&ptt=5&saldr=sa&correlator=1094902774847&frm=8&ife=1&pv=2&ga_vid=245469315.1662798192&ga_sid=1662798192&ga_hid=1104964764&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31069437%2C44772916%2C44769661&oid=2&pvsid=2709184894833235&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.p4r2luhaezh3&fsb=1&dtd=335
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f132.1e100.net
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 07:47:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2135
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 24 Sep 2022 07:47:38 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C174 		141 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662798192126&bpp=11&bdt=234&idt=319&shv=r20220907&mjsv=m202209060101&ptt=5&saldr=sa&correlator=1094902774847&frm=8&ife=1&pv=2&ga_vid=245469315.1662798192&ga_sid=1662798192&ga_hid=1104964764&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31069437%2C44772916%2C44769661&oid=2&pvsid=2709184894833235&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.p4r2luhaezh3&fsb=1&dtd=335
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f155.1e100.net
Software
sffe /
Resource Hash
50f77fa9d32c1323f7e50da8d807f556cdddaea2161de6cf84a0c8b4c1dd6f79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 08:23:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44740
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1662550240112033"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 10 Sep 2022 08:23:13 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/ Frame C174 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662798192126&bpp=11&bdt=234&idt=319&shv=r20220907&mjsv=m202209060101&ptt=5&saldr=sa&correlator=1094902774847&frm=8&ife=1&pv=2&ga_vid=245469315.1662798192&ga_sid=1662798192&ga_hid=1104964764&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31069437%2C44772916%2C44769661&oid=2&pvsid=2709184894833235&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.p4r2luhaezh3&fsb=1&dtd=335
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f132.1e100.net
Software
cafe /
Resource Hash
e368951bc5918b3d9fbc8205bfdf0d8be8b79da09b457bb113307063f3b1bc89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 07:51:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1881
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7592
x-xss-protection
0
server
cafe
etag
7248493764890666469
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 24 Sep 2022 07:51:52 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame B018 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022090601&jk=4041126369643702&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qi-mei-yin-le-jie-ling-hun-de-yin-hen-gan-shou-lang-man-le-pai-de-feng-pei-qing-gan.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 272F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022090601&jk=1799735398145126&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qi-mei-yin-le-jie-ling-hun-de-yin-hen-gan-shou-lang-man-le-pai-de-feng-pei-qing-gan.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame DD32 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?4ymAgQ
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qi-mei-yin-le-jie-ling-hun-de-yin-hen-gan-shou-lang-man-le-pai-de-feng-pei-qing-gan.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 08:23:13 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
generate_204
tpc.googlesyndication.com/ Frame 6B3C 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?8MC2yA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qi-mei-yin-le-jie-ling-hun-de-yin-hen-gan-shou-lang-man-le-pai-de-feng-pei-qing-gan.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 08:23:13 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame A7A3 		624 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CMy_WBDO5ZbtAxiwx-_QATAB&v=APEucNW0NALDJEVOD6qGQ8amyjsl1HaEXQlr39GMm4HBGTulhwGTuQi8-iDy8v6bKF1JTD454m9xhe3MXMdvvW53KrKAax9oDA
Requested by
Host: a011a39eb7575a461d98b9823b03d532.safeframe.googlesyndication.com
URL: https://a011a39eb7575a461d98b9823b03d532.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a011a39eb7575a461d98b9823b03d532.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
276
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 10 Sep 2022 08:23:13 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame FAAE 		68 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BAGeRltZCQ2h2o8WjYQBwwjlAnUdjCsn_qAZL9YXSZtyN82Xt-qJ9wX2HqzH2zjBnmBsi9wqL9RRGxXy5PeQnM4gf63A&cry=1&dbm_d=AKAmf-Bqey4ufO7ozakeoaYnLAmGmHM4yrmro_bkvPNZGtdVXyJoyR9wDFvr6DdA8Q60IUj5vAzmD4CVbfXV0Z7wOr8KVXVvMagmnLNM2mSu141icQHvpLnVSta59VBnm2UHd0kDuiavBZSNaE6g1xPrJPAtbVz4D_tTemZ9K5uBH29COPf94CAhVcMv8o8Z6LRm4KTjsVC3KZrlKNMasu_tZyA1lsw9-vF3_AO-JJQPXRTl4om6jYxgrCFDMbrpgz9-LkrWYo01fEIr1bFB1P4Jx2YhZSU9OXyxbGOYFrsVrNv_2l4DV_N-BDIYtJZvU2wEvpamDE0a9D9jrVIMuYqIoLBXLxE4nUB6epqcylMuVkOx3yii1rbyUA5Hy5xofpggQpaYU2Ls_655peg36PZh0rml3_ZxlTep7hCH2zMs1vaToeNiKxOAan_kmgfkrrvl02AvYcxdgrs6K_Zdaml-4BO6kb8h7ShZrzETIn5Sl_sMXjJsHLYi4AMmTip5-SZE72T4EVkgDLaaHd-H1_1jCb7F_4VPDGMtc5oh4Wk9x9mOXHpi7paeyxQHLxc1e-ramR1vYAH9pwk0wsCc3QgJ1ggl49dEuy3h5kNm_wsOjcQb0wJMNXAZTBlk-0bW4rUFk6_5114QFoDu3bGj_xG4ykJ9zqhN-HlC7ekOYV1O8XwuN9OMeJMa5_xhlCElQX0ORyJMYd5k80ZCOO8ysm8-cGf3q4Mbo0Xz_O3teL0dvHrA9LU6DyqaDjijP-0hd0rOJ_aVtYuNJmTxsFfGT-7NbH9HJ0RV3Q8dNftVyarEBCeoehG_a9XE2yhB7JeG5EQner9GdUGPH7_kBA_Yrb13MU9BbjDT1M_tMbhAOEy9KnPqO1TL9i5O0aGmOqlN7dj5Qk0AsvYqXvQLqeGVko6ZLj8lsjBd251k92dpYGrckyMnbayhafZ41KU-pdmGUcoIw5Vp8xEqGDfn3-Dq5nI3k4W8894TSNDJ4RKpPx_GTOBn92oi822dojGeQgMhYQ9lUjTfyMk795FXUycut4wmwgbAw1zrVqJoB5OGJmtt_raHFpfccXrmq7dTQOUA3_cHADUHPDrMf0oSZul2qhTjAQHU56vD3Fi2Q9pe8WVHkLeBSfDwM7zq_QPwg3dgyUEsjHUcgUAq04vm0P4pyJtv5pjICwGRFs7jl_tiX1hPX_RnZNqIsEOjrADWwaCc_HlgLKh3BzPqOHzjJZibEF7cN0jiXp0LfWrTmRgpP9Oq98h9o5pFHV1QOJxnJ3HNmEbrvgPsT71ozqpxWrtYatRJnbFgeil41CnhZTgHJxe1QOUqd0wW5tVPSz7UyZH-U4C-FkXNOZiOC6LY2H9T7i_FOlrtyWQb3vbnGA_g6rEmGXZxK47G1xM_4CnJEq86WOioeUhjqRXDAVy2pIGfVKXQzBsYH6Ajvrh7hUw_ASK_HfB9nqQHXeUeuE9N2YpAtVrVA4zB5jRdzK3nNK2faFtj79vltcOkLYNmnesqZNSXq3uZg6hlfPZZXVlY39EA60cmD8AD5_Syk0EZP4M7fJdGJKT8iKxkK7u4SMsLfT0-HthZSFhDl3xR_eRF3jNb_fUKC9eFA-Mf0C38QNRZTJMv_NEVADDwEcFKO8VrNd7tz9TVwrA9gQSRYiGYQGb6bo84K3hkHrdnAeYBWsADvHIFyD047lJEdRZQYl0iLGx92NF86YDIaCjse3vVFMqAoDDRCnZKub-MyiI_a8nRcueebHBZBPy71t6RZc3Z7cemDLUVljvTWOUamgAoOec6kDtl7Bsbw0zqqdiBz-0U2i_Rj8cx4aPb7SbvT4qAFaZ-_sL9q5GPlIvRwopLHEvO5UjA6puE3N7-fnGq3a5UYKDk_3k3G8vwlsLRfra-Sz_iMzFXltIOIG7w2xWEROUk97sYLIn4tUfp4xVBGMy7wAcuCRpkjPIhKnlROjP5eFYDJ1RGZtWYbDS_zeYotwkGbFslug5eiNQXuDlIA0tWs992b9XEzT_VVoz5vtguvz6timtET4Gsaxd66SiMGmy5jxl31WDg34Gx1lnvJioi_hGtWX0be2n3esM885RNRlvylQD_66M8Nrl66XYfUDlxMwLab22jnfafTmc-zY-1RG6ChnxyeSt8pCw8CBWPeX5XlkD2rnslrlwB-5McTIFps5okw77EF1ajR9_FUVrRdB4pNE2j5OOb5nq-LtT-qOUgFKEPHfJojP3F4o31hNv9cx-amg_niGv5hfAEzjVChfO-3eoXI6EzVz4lY-28HTQLx5nw5TKSj6jFwJNYP37Qs9QTlAOJe5wGeMeUyWGZcrPKi1q8BOW2H3QNcfPJmtdoJf7QD9FJZeAKVAZ7cN0-C7rfUMnQ-cuIlhfJhhdvOdp_Rk6fCBs2fGk-y9eRN7ATudwYD5gu8kM3SFzisWDe5sV-baMVu376Z3FUoiQQxjWyg27zWRqnNYx2G242EG-bN1Wi3uLN3eLLUqQgrOMbB9xBFZTCG3Dj4LUj09A8c8MC01A9RNEhDHVyIYQ7QyYboxMTae5fHddHVBLyf9-G7tXXF_ntL-RBLiTd_UE0cv3fri6cA6S11m7y68vck6rK-MkguyA7v0WtW4ZVcgtfdi7CQ0_rmykOd-3NkrLnW-SM6ZPQnDlt4vEEeKIq-05GQjV5slQ0Tjk8ViiCcJwSlWfmdXQL4HFGiG-u7VT1vNi8cwJ-NhO3gFtOxNrT8KlRR124mtIxBH5OgrPmMDJiTEzc6dm-vfS9STB-w3EO4ocCIW5wvYSTO6MhtWLVC7mOl2jJ-cDDUH7NuHIGsGU_Hl479sswlEeQL76f8F-ZapwlKLjEmNjpQckdLhLr_vep9XJfQN88v_B4CeJqTJVYbtOXW9DPNhwT15V5hv_CYkM5SRtkXoW801gwCLa3LeyKcyXJKhoSEgY-R1P7R56HS8dqtHlGyFNDtBeoEWT-e8Naen_tXX1NVdH6JDFhjKxyIiDN3jMQdDMmqWeAU2W-ktKbZygHBeBoDk4OEm_eaApRf8g0exzEDKglmXFRLgXgDAh8RYRiMt0FqlS-W0dh0FW80T1w91E-0e86xh0Ejfh1q6PZKun8iZ7CpVhOfDIlvLCzYvzobR6LJwcIhfLVaUTbg5fwP5XTEoZBA65u2et3c0PIgjVnr2GcAUY6cnrWvx_8vFpIcGN4CgE4EYQoG4iwVRPPWG7CryXNxu4PMfwaaJCn2TAkA_a79h6JFYNzFv9c-9eRw1Bl-USnZ_Ni3BfYqCORPK86DiuHNtkUi7vLqp4VuvXle_1VyShE-SHaL-HfdLZAtIIajWp9E9Po6SVwipP_amPLv8dFh68SpaHakWvOpdz8PXNoTtmTL44bwznkj_6MiMQ&cid=CAASJeRomO8ARMmjsTJrHBJC2w45S5XjUvsgrtacucEWyJcgSWgv3O0&rfl=1%2Chttps%253A%252F%252Fwww.bg3.co%252F%240
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qi-mei-yin-le-jie-ling-hun-de-yin-hen-gan-shou-lang-man-le-pai-de-feng-pei-qing-gan.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
cafe /
Resource Hash
95b36712b7bffac10ed074568f56edd9feb10625a19396c38ed047d16ed2c5ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://a011a39eb7575a461d98b9823b03d532.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Sep 2022 08:23:13 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30673
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame FAAE 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BexZqt6UM-bbrCfnDGhC3Yv2YKkfcUIn9_XA5JRbl2V31cwRq8YcV3pNqZvGZdic_WY98oQuE4aU6IMj1iXi1pyjVk3ocs_To9V7Og-rNGfidQn1s
Requested by
Host: a011a39eb7575a461d98b9823b03d532.safeframe.googlesyndication.com
URL: https://a011a39eb7575a461d98b9823b03d532.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://a011a39eb7575a461d98b9823b03d532.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Sep 2022 08:23:13 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/ Frame FAAE 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/window_focus_fy2021.js
Requested by
Host: a011a39eb7575a461d98b9823b03d532.safeframe.googlesyndication.com
URL: https://a011a39eb7575a461d98b9823b03d532.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f132.1e100.net
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://a011a39eb7575a461d98b9823b03d532.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 07:47:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2135
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 24 Sep 2022 07:47:38 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame FAAE 		141 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: a011a39eb7575a461d98b9823b03d532.safeframe.googlesyndication.com
URL: https://a011a39eb7575a461d98b9823b03d532.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f155.1e100.net
Software
sffe /
Resource Hash
50f77fa9d32c1323f7e50da8d807f556cdddaea2161de6cf84a0c8b4c1dd6f79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://a011a39eb7575a461d98b9823b03d532.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 08:23:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44740
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1662550240112033"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 10 Sep 2022 08:23:13 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/ Frame FAAE 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: a011a39eb7575a461d98b9823b03d532.safeframe.googlesyndication.com
URL: https://a011a39eb7575a461d98b9823b03d532.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f132.1e100.net
Software
cafe /
Resource Hash
e368951bc5918b3d9fbc8205bfdf0d8be8b79da09b457bb113307063f3b1bc89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://a011a39eb7575a461d98b9823b03d532.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 07:51:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1881
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7592
x-xss-protection
0
server
cafe
etag
7248493764890666469
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 24 Sep 2022 07:51:52 GMT
l
www.google.com/ads/measurement/ Frame FAAE 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSLT1B4uEIY_rdeRbnmu7qt58EsCkTufUg4aoov9ny0FEUsmHUgJDE038wOZObl6TnmZCDv7TNpLPjqZdCYPABg7al0rg
Requested by
Host: a011a39eb7575a461d98b9823b03d532.safeframe.googlesyndication.com
URL: https://a011a39eb7575a461d98b9823b03d532.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f104.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://a011a39eb7575a461d98b9823b03d532.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
pixel
googleads.g.doubleclick.net/xbbe/ Frame F337 		640 B
316 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CMy_WBDO5ZbtAxiuye_QATAB&v=APEucNVjzyZhNJIiyQmGVnDL8rg_cJh6OCJ33D8HOIbKxo53V6_O4ph7xesHLQXhYZDjA40I8FixkomldBD1XNlyuokFUznEcg
Requested by
Host: a011a39eb7575a461d98b9823b03d532.safeframe.googlesyndication.com
URL: https://a011a39eb7575a461d98b9823b03d532.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a011a39eb7575a461d98b9823b03d532.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
295
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 10 Sep 2022 08:23:13 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame ED5D 		68 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A8evtrw_ERKHddzZOLN7vJ3Nd3pdVpHM2fyS0D8-RzrnB24-DcdaixrtvxzGCHSEmLPyxoZiQhCBZxDFp6XY0nXsEFjQ&cry=1&dbm_d=AKAmf-DWG7wfscyRYEDLKjNV7A3u0IExRijEgpo92zX0xNKJdKYcKtpDWkUTTc--oqu3ul5HKES9REbpJBEARjrsOLOB9V8vm6i8i4I6oiCLAN2L4uoG6_t8JPQxYj8Je95jeqmarqZDQtM7XCvj0EnmAQnjLQvi8oxDMjZ8EUI1Ts7E3qVL8wpT77ENBhk6SbUStzhoHU8hi_GyDpp9_CIoApXJhW10KCns7WGhsUcCdGS3hZLVr0yrXOoRE9OOseXoNIw4bmSB0Vss-aex1gbHBcpCL0vGNLvZKzGm5Oxm7w1jD_-gURoji8CBxMHnl7ZQSH3C-8dbsABlEGDKPXQisBt6aXeMrPSO72Zqs1MXcP1KFZ8v6ENF446KD3AijZdcCXFDEp3dxuDAB5AvQOLutr01N7Z_PqXWI1OcKk6bV5o4v3QoQZWnDADhB6BkMuFy6gbd1ZUJyMHbsvv3yomSUskFKgNmagIvUOJJxlBqck8rIhtKcBMWn8GHB0C3TD6QmL4S5iwCVaBOuymhIz_rDgw4EaFtiDr2AWWq9h5yLdGqf-pkusJ5et-cboneBLJ4EYHuoYuBqTYGCCrLDITC7PHiyVNW9gkYnpxbdQNhZpjvL998CWKhGvLzG2739jbJPWiKgC5pS0zuPuJpxvVbZnEdSFpP3wucIajRneNj0CuH67ySxrRyKyfYSFo11JyzAnsz52l6illa9nIFop_bSvkrMwmSTwFrJOXapvRMmDbx6McIdyj22kX-HTV8jfoCGvKSkzqS2vYjQw4I7T1JHbTmNAuskjLTJ3wIe_A_XehlZ9OSPhpc_DjlgvFxumSnfWrwjcHEG57jn_-985m5KM4FqcwvLfMDf4rmvcrPtpz0hRLQV_VA9B_joF4L_gJs6WqR_bc6hOGFPRd_2ajzeng2VlG07DaS-ypSQfRNFVdcdifwRKJL0VWJk56tQLYpKijSQK4hiUUMWleo44_P3e2VbgeEHrx41i4kSp_okZ3dZ1gS82iYH5LwE58gzj-ZIyL1hI7MPbhiHakuOYwKcFhz4ZD8kiYiXsJWXMeO2fgXrm8nv-DHKZOdLiCose8qYOyqq3K1AqFtQWFsBay0gxK6C-NhhT77Rc-P_88-8mb2ZWJgi8ZG-TZ1Uu1cfXAx07l8L2fsgJG40s8Q2YwWbFMByXmO44CcxrhYcxOD-qmoW8KRR-d_vobGH4-lLUHq3ln41kj_9FXxDpALkbufNv85SmtofLAdypPSRfwaEaWDN8ghIkQYPRUzPy2JMqsF6Ey775mwjFpKn1PAaSKMuo4c0hMdvKj-C5Pe7ArMh0eQ8eAJdPnXntwh0JeO9nu4lIXP6y7Kfrsu4FpnEHBM_3zjf0a-DhSajxOS5muKu3Y1Jl16S0L5XmVAbVTQAvYt2aKAS8q53y3_Cd1Z7RjIFaVxKMGVLo9lgxG7ogTNhMDcwpkiSsEpyFnCNK5nCNpMo6UWCKrm95i6mYb3QB_if0GsGUQ71UJ6S3k4ZqEn28IWRlpxGTeNCkwruiRc_vsHgqF5TnvyuWPKSE3P6dsQzfMTQh2_0i2nXXKPegOthy96_M5biQvkSm1B7cvwtYFF2o4sk1Ie1ENclzXGexlvLHsRtILLwvds1Ck97qpANyqUofMlI2K2735l30Yggkzh8_ELhl77HXg8ZDlQjkGsRPrNnBUYg11zl8iK2IExVIitjrSDbUulFWNMJOZ658M9Z-vvYi1D10yg83Hc5-53LNMJVljX4yrhym2VbqgmBAOJcFAJ-xKdtgVCqlYyKodRzpCV39VUprkjbQBcWP-5KX2NY-hCZsX9NYgIJ1U8JCURcB3Z5l-r4T9BvMm0eqUn-onMmeOvYiq-fsWGJUEKXZ8dkpAh5FD-gWTa57Poqd0mG0UwQcZ-PlQQhPb0Kv0alqQJ0lBoTviIlHthY6Ygiwi5bP-1SlTbE701hGzFyVnWIp03U1D6TDuSuSLRiPBb0LgMnKUBzJxDhVWc50noHD5_V3rd5coTdtH6J9qbDGDiGYSMeLyXf8CH-O2GYcTwxlg0q_nLBEn-YuLkuNQLWQx0hIk-7HVcXPL-agI5SyBB8gc21BAGHNi7Dz7HmGXLdvwiDy8paY_RJ59i3_z-6jv6qfvAe6-ifEzHef9vraviZrzsAcPh75QcBCd6nWjH6NpU-Ds3YaD2Et5Vi4C1KwnRLsaX8OxiCdp6G615IJc5DilmS2Ixrf4Hp1QNdfsHH-oTWybP8uUnLOEgxVjUHUaGbIwSz8fB2vGCiBoZJHpFz2xHde8K65hzdoge-lYZgs416WGQ6WLjRCZlNSM9e8-psbAac1GrekxM6UBBjzG3X5JjAPkP6z8I9BnweL47rC_K0NfcuXBDARRyki2HHqsHY3-raMEjUTKPz6rRzpLbD8ZisbuO5lmcikXS73E5WtGqOErd3l6Ce8Pc1l3wxkY0cMG9T-LMMJ6KxtdbUa9rArIEi_pbQFni1mZ69yN8eU4MB1sx0ZDhfutUjq5cYisR84KB3QhAR-dF4Xjkt8qt0O9XT1ODTrtVvJmfJ--K9bGsKcl8pCCGjWTcvSLE0LZAQzjUc_Nf2lwbtr9l1NxcfRLMPfNDcRCvENR9DL0pjGfM_Q1ro26wc0uS0cJiRfe4wDNoz3mAy-rrRB3w7CkHZ4FUiHbylKIH4YyEbPQir2sDlSuws_UjnOA_UWxP9kHsbNJuDFFc6upfgzBeX7tStzSPndecwqkiO7Ayce58mW3sK51sv95JhHxPfYKlzYXs4p8raVGWRo8nNd_46YUIYPibAy0x6alDH-I42cArz8y-VX3z2GmPXEZAjsBFs3piGRXEgj6NbITqNn3cibDdwES5yrIRrgkGzRMXvVmGc_aiSia4CevUfDwm1wVyAju2Dn1gzzV_rSBS9m6nMcdxVtRGIARJF6ZSu2H6l31vDwdd9--7FfSPzV1zrakH0654MY9tZ09XChO16DU1T_oGeTX-wMwWv-ReJPVmAZZVeYWqpqswgF4jhch0i-2qATAoYDFXO55oTetrGnPrRL_6lZGgGnnoHtAnu2mPdvOxT8Eq8huI1MbACUW2PHRdehOa0UhNM1r9aMzm51HXlBBqEKe_DwLq2GZJ5yEMVnlrtkkR92wlmJaqfCHH3piDgnIpV-1_JxaV3Yy6abyhEClSdgawkQcoO8_lBp-B-ilKDldHWPMeyqvSeJxB6UdHMgPn39eACluM-VeNMSTFy6nGFb1FDn5Gye8U6E19ZQr-vCEWS27q_Ime_pEppGmMlLZQjKeS_0w-pcX2Ff776a4M8ivkpWgyBuvmYFgVnA3GlS7GCcjiAAe0reNgO7dhJT8JS8EtsuQirAoKdnutUrbQRjBDdUKf6ox2duuDhirSgTZn9rMz&cid=CAASJeRorQtp0SavqwEd3dNv5srfJDv8ddVEbRW-uXXqi7u2AhdpgEU&rfl=1%2Chttps%253A%252F%252Fwww.bg3.co%252F%240
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qi-mei-yin-le-jie-ling-hun-de-yin-hen-gan-shou-lang-man-le-pai-de-feng-pei-qing-gan.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
cafe /
Resource Hash
f5d10b88f7de829571588813ed51636bfdf0e0c651362e5c5d20762cb07dfe34
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://a011a39eb7575a461d98b9823b03d532.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Sep 2022 08:23:13 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30662
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame ED5D 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BeIRDz58ChnL_sWfWvRq3_73zlTefM91mcAywH06ugAzu1LS1j-PKJkRTXF52OQnJW2oKTAIK03doUCwJJh-7lTLhY6S1g5-c-Tv6QQLOsfElAM-8
Requested by
Host: a011a39eb7575a461d98b9823b03d532.safeframe.googlesyndication.com
URL: https://a011a39eb7575a461d98b9823b03d532.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://a011a39eb7575a461d98b9823b03d532.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Sep 2022 08:23:13 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/ Frame ED5D 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/window_focus_fy2021.js
Requested by
Host: a011a39eb7575a461d98b9823b03d532.safeframe.googlesyndication.com
URL: https://a011a39eb7575a461d98b9823b03d532.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f132.1e100.net
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://a011a39eb7575a461d98b9823b03d532.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 07:47:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2135
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 24 Sep 2022 07:47:38 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame ED5D 		141 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: a011a39eb7575a461d98b9823b03d532.safeframe.googlesyndication.com
URL: https://a011a39eb7575a461d98b9823b03d532.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f155.1e100.net
Software
sffe /
Resource Hash
50f77fa9d32c1323f7e50da8d807f556cdddaea2161de6cf84a0c8b4c1dd6f79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://a011a39eb7575a461d98b9823b03d532.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 08:23:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44740
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1662550240112033"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 10 Sep 2022 08:23:13 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/ Frame ED5D 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: a011a39eb7575a461d98b9823b03d532.safeframe.googlesyndication.com
URL: https://a011a39eb7575a461d98b9823b03d532.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f132.1e100.net
Software
cafe /
Resource Hash
e368951bc5918b3d9fbc8205bfdf0d8be8b79da09b457bb113307063f3b1bc89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://a011a39eb7575a461d98b9823b03d532.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 07:51:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1881
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7592
x-xss-protection
0
server
cafe
etag
7248493764890666469
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 24 Sep 2022 07:51:52 GMT
l
www.google.com/ads/measurement/ Frame ED5D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaS_hK1XOzugmJl9ABRMd8bvBUcXkSEH1rdaZhM8qj_CYz-oc2WQOsRBDWUBGVcuEk8eRa751Fk4L62jaR_WmMUBAYjTig
Requested by
Host: a011a39eb7575a461d98b9823b03d532.safeframe.googlesyndication.com
URL: https://a011a39eb7575a461d98b9823b03d532.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f104.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://a011a39eb7575a461d98b9823b03d532.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame C5A6 		164 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4126554779393986
Requested by
Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20220802/Jpdrj6FTFudMF9gFh20p69WOhIfPkDWiDdiuTHfZ.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
19f633019dee3ab7f838be4c3a9480c9799ddc02fabe5ddd86a3c57f6dee645d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adx.holmesmind.com/
Origin
https://adx.holmesmind.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 08:23:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
57401
x-xss-protection
0
server
cafe
etag
3928431244036703802
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 10 Sep 2022 08:23:13 GMT
publishertag.prebid.117.js
static.criteo.net/js/ld/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1662648504901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 08:23:14 GMT
content-encoding
gzip
last-modified
Wed, 29 Dec 2021 12:30:46 GMT
server
nginx
etag
W/"61cc54f6-15c19"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 11 Sep 2022 08:23:14 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame DB38
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qi-mei-yin-le-jie-ling-hun-de-yin-hen-gan-shou-lang-man-le-pai-de-feng-pei-qing-gan.html
Protocol
H3
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date
Sat, 10 Sep 2022 08:23:14 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
rum
dsum-sec.casalemedia.com/ Frame A7A3
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEONdxVO51RQYt-e_4aOhwo4&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEONdxVO51RQYt-e_4aOhwo4&google_cver=1&C=1
43 B
840 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEONdxVO51RQYt-e_4aOhwo4&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMy_WBDO5ZbtAxiwx-_QATAB&v=APEucNW0NALDJEVOD6qGQ8amyjsl1HaEXQlr39GMm4HBGTulhwGTuQi8-iDy8v6bKF1JTD454m9xhe3MXMdvvW53KrKAax9oDA
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
7486c2ab5b815575-SYD
pragma
no-cache
date
Sat, 10 Sep 2022 08:23:14 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MO82rOxBR7FVdMRt3vferDfShiWC1%2B7B2PJvWfTDwiZ7Hu4cTO1j6olQ4V9im8EqDxA4TkzzVIGdlg81pbmilJl3TBj1wuDdk3eYI0PxdeTXGi3g2avDN2SWt%2FlCwzXLVq5wGNjF4T1ncA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 10 Sep 2022 08:23:14 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CuqLvkH1eFtypHKZpS7YbcuC0XGI1O1pIP0pb%2FJcPVBxI198cgOlVZLOOCJycjO%2BEQPfM9i1dN29dJCzIRNVkKODyTx1c2PaaM%2FIwhZAT3s81BBfCzAjEJbQJfS4PAtHz4C%2FPhE6EPzD2w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
/rum?cm_dsp_id=45&external_user_id=CAESEONdxVO51RQYt-e_4aOhwo4&google_cver=1&C=1
cache-control
no-cache
cf-ray
7486c2a93dbca820-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
rum
dsum-sec.casalemedia.com/ Frame A7A3
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YxxJcleRX--WhDr2FRISFgAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEONdxVO51RQYt-e_4aOhwo4&google_cver=1
43 B
845 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEONdxVO51RQYt-e_4aOhwo4&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMy_WBDO5ZbtAxiwx-_QATAB&v=APEucNW0NALDJEVOD6qGQ8amyjsl1HaEXQlr39GMm4HBGTulhwGTuQi8-iDy8v6bKF1JTD454m9xhe3MXMdvvW53KrKAax9oDA
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
7486c2ae7df05575-SYD
pragma
no-cache
date
Sat, 10 Sep 2022 08:23:15 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YJ6Mxd1%2FlIXPwqx5xr0HL12qCtS4eW5abE%2BCCOJIzW23ohsAYPGOkof1buHZ6LRiQRNM9Ojt74y2Ukl6%2Fuhb6vdfPZO%2BzXH7X7mQANWBKvQNZAxTZ5igqQrdYAbAKKhVhnUJtAZ87dptgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 10 Sep 2022 08:23:14 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEONdxVO51RQYt-e_4aOhwo4&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame A7A3
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEO4Fl3dxBiN1UaeGhwcLqac&google_cver=1
43 B
1020 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEO4Fl3dxBiN1UaeGhwcLqac&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMy_WBDO5ZbtAxiwx-_QATAB&v=APEucNW0NALDJEVOD6qGQ8amyjsl1HaEXQlr39GMm4HBGTulhwGTuQi8-iDy8v6bKF1JTD454m9xhe3MXMdvvW53KrKAax9oDA
Protocol
HTTP/1.1
Server
104.254.151.120 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
908.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 10 Sep 2022 08:23:14 GMT
X-Proxy-Origin
173.245.209.165; 173.245.209.165; 908.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid
b559cefc-8303-4cd7-af4d-2b32a90b8916
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 10 Sep 2022 08:23:13 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEO4Fl3dxBiN1UaeGhwcLqac&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame A7A3
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODU3NjY1ODUxODE2MTcxNzIwMA%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODU3NjY1ODUxODE2MTcxNzIwMA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMy_WBDO5ZbtAxiwx-_QATAB&v=APEucNW0NALDJEVOD6qGQ8amyjsl1HaEXQlr39GMm4HBGTulhwGTuQi8-iDy8v6bKF1JTD454m9xhe3MXMdvvW53KrKAax9oDA
Protocol
H3
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Sep 2022 08:23:14 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 10 Sep 2022 08:23:13 GMT
X-Proxy-Origin
173.245.209.165; 173.245.209.165; 908.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid
40670a22-75da-40e3-afe4-d9192ff2a516
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODU3NjY1ODUxODE2MTcxNzIwMA%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame F337
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEkKv0okHYYlLhNADXCmLXw&google_cver=1
43 B
114 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEkKv0okHYYlLhNADXCmLXw&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMy_WBDO5ZbtAxiuye_QATAB&v=APEucNVjzyZhNJIiyQmGVnDL8rg_cJh6OCJ33D8HOIbKxo53V6_O4ph7xesHLQXhYZDjA40I8FixkomldBD1XNlyuokFUznEcg
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Sep 2022 08:23:14 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 10 Sep 2022 08:23:13 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEkKv0okHYYlLhNADXCmLXw&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame F337
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NTQ1MjFhOWYtNTdiMS0yNTk1LWVmOTQtY2E1MjI0MDk3ZGZm
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NTQ1MjFhOWYtNTdiMS0yNTk1LWVmOTQtY2E1MjI0MDk3ZGZm
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMy_WBDO5ZbtAxiuye_QATAB&v=APEucNVjzyZhNJIiyQmGVnDL8rg_cJh6OCJ33D8HOIbKxo53V6_O4ph7xesHLQXhYZDjA40I8FixkomldBD1XNlyuokFUznEcg
Protocol
H3
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Sep 2022 08:23:14 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 10 Sep 2022 08:23:13 GMT
content-encoding
gzip
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NTQ1MjFhOWYtNTdiMS0yNTk1LWVmOTQtY2E1MjI0MDk3ZGZm
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
um
sync.teads.tv/ Frame F337
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEFDaRfMdTOzbnDPF4CDDxKU&google_cver=1
23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEFDaRfMdTOzbnDPF4CDDxKU&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMy_WBDO5ZbtAxiuye_QATAB&v=APEucNVjzyZhNJIiyQmGVnDL8rg_cJh6OCJ33D8HOIbKxo53V6_O4ph7xesHLQXhYZDjA40I8FixkomldBD1XNlyuokFUznEcg
Protocol
H2
Server
104.83.197.63 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-197-63.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.8 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Sep 2022 08:23:14 GMT
cache-control
max-age=0, no-cache, no-store
expires
Sat, 10 Sep 2022 08:23:14 GMT
server
akka-http/10.2.8
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sat, 10 Sep 2022 08:23:13 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync.teads.tv/um?eid=3&uid=CAESEFDaRfMdTOzbnDPF4CDDxKU&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame F337
Redirect Chain
  • https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=YmFlNDc5ZDAtODk2MS00ZTQ5LWFiYjctMTUyY2Q5NTlkMGY0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=YmFlNDc5ZDAtODk2MS00ZTQ5LWFiYjctMTUyY2Q5NTlkMGY0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMy_WBDO5ZbtAxiuye_QATAB&v=APEucNVjzyZhNJIiyQmGVnDL8rg_cJh6OCJ33D8HOIbKxo53V6_O4ph7xesHLQXhYZDjA40I8FixkomldBD1XNlyuokFUznEcg
Protocol
H3
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Sep 2022 08:23:14 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 10 Sep 2022 08:23:14 GMT
server
akka-http/10.2.8
content-type
text/html; charset=UTF-8
location
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=YmFlNDc5ZDAtODk2MS00ZTQ5LWFiYjctMTUyY2Q5NTlkMGY0
cache-control
max-age=0, no-cache, no-store
content-length
189
expires
Sat, 10 Sep 2022 08:23:14 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220907/r20110914/ Frame FAAE 		30 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220907/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BAGeRltZCQ2h2o8WjYQBwwjlAnUdjCsn_qAZL9YXSZtyN82Xt-qJ9wX2HqzH2zjBnmBsi9wqL9RRGxXy5PeQnM4gf63A&cry=1&dbm_d=AKAmf-Bqey4ufO7ozakeoaYnLAmGmHM4yrmro_bkvPNZGtdVXyJoyR9wDFvr6DdA8Q60IUj5vAzmD4CVbfXV0Z7wOr8KVXVvMagmnLNM2mSu141icQHvpLnVSta59VBnm2UHd0kDuiavBZSNaE6g1xPrJPAtbVz4D_tTemZ9K5uBH29COPf94CAhVcMv8o8Z6LRm4KTjsVC3KZrlKNMasu_tZyA1lsw9-vF3_AO-JJQPXRTl4om6jYxgrCFDMbrpgz9-LkrWYo01fEIr1bFB1P4Jx2YhZSU9OXyxbGOYFrsVrNv_2l4DV_N-BDIYtJZvU2wEvpamDE0a9D9jrVIMuYqIoLBXLxE4nUB6epqcylMuVkOx3yii1rbyUA5Hy5xofpggQpaYU2Ls_655peg36PZh0rml3_ZxlTep7hCH2zMs1vaToeNiKxOAan_kmgfkrrvl02AvYcxdgrs6K_Zdaml-4BO6kb8h7ShZrzETIn5Sl_sMXjJsHLYi4AMmTip5-SZE72T4EVkgDLaaHd-H1_1jCb7F_4VPDGMtc5oh4Wk9x9mOXHpi7paeyxQHLxc1e-ramR1vYAH9pwk0wsCc3QgJ1ggl49dEuy3h5kNm_wsOjcQb0wJMNXAZTBlk-0bW4rUFk6_5114QFoDu3bGj_xG4ykJ9zqhN-HlC7ekOYV1O8XwuN9OMeJMa5_xhlCElQX0ORyJMYd5k80ZCOO8ysm8-cGf3q4Mbo0Xz_O3teL0dvHrA9LU6DyqaDjijP-0hd0rOJ_aVtYuNJmTxsFfGT-7NbH9HJ0RV3Q8dNftVyarEBCeoehG_a9XE2yhB7JeG5EQner9GdUGPH7_kBA_Yrb13MU9BbjDT1M_tMbhAOEy9KnPqO1TL9i5O0aGmOqlN7dj5Qk0AsvYqXvQLqeGVko6ZLj8lsjBd251k92dpYGrckyMnbayhafZ41KU-pdmGUcoIw5Vp8xEqGDfn3-Dq5nI3k4W8894TSNDJ4RKpPx_GTOBn92oi822dojGeQgMhYQ9lUjTfyMk795FXUycut4wmwgbAw1zrVqJoB5OGJmtt_raHFpfccXrmq7dTQOUA3_cHADUHPDrMf0oSZul2qhTjAQHU56vD3Fi2Q9pe8WVHkLeBSfDwM7zq_QPwg3dgyUEsjHUcgUAq04vm0P4pyJtv5pjICwGRFs7jl_tiX1hPX_RnZNqIsEOjrADWwaCc_HlgLKh3BzPqOHzjJZibEF7cN0jiXp0LfWrTmRgpP9Oq98h9o5pFHV1QOJxnJ3HNmEbrvgPsT71ozqpxWrtYatRJnbFgeil41CnhZTgHJxe1QOUqd0wW5tVPSz7UyZH-U4C-FkXNOZiOC6LY2H9T7i_FOlrtyWQb3vbnGA_g6rEmGXZxK47G1xM_4CnJEq86WOioeUhjqRXDAVy2pIGfVKXQzBsYH6Ajvrh7hUw_ASK_HfB9nqQHXeUeuE9N2YpAtVrVA4zB5jRdzK3nNK2faFtj79vltcOkLYNmnesqZNSXq3uZg6hlfPZZXVlY39EA60cmD8AD5_Syk0EZP4M7fJdGJKT8iKxkK7u4SMsLfT0-HthZSFhDl3xR_eRF3jNb_fUKC9eFA-Mf0C38QNRZTJMv_NEVADDwEcFKO8VrNd7tz9TVwrA9gQSRYiGYQGb6bo84K3hkHrdnAeYBWsADvHIFyD047lJEdRZQYl0iLGx92NF86YDIaCjse3vVFMqAoDDRCnZKub-MyiI_a8nRcueebHBZBPy71t6RZc3Z7cemDLUVljvTWOUamgAoOec6kDtl7Bsbw0zqqdiBz-0U2i_Rj8cx4aPb7SbvT4qAFaZ-_sL9q5GPlIvRwopLHEvO5UjA6puE3N7-fnGq3a5UYKDk_3k3G8vwlsLRfra-Sz_iMzFXltIOIG7w2xWEROUk97sYLIn4tUfp4xVBGMy7wAcuCRpkjPIhKnlROjP5eFYDJ1RGZtWYbDS_zeYotwkGbFslug5eiNQXuDlIA0tWs992b9XEzT_VVoz5vtguvz6timtET4Gsaxd66SiMGmy5jxl31WDg34Gx1lnvJioi_hGtWX0be2n3esM885RNRlvylQD_66M8Nrl66XYfUDlxMwLab22jnfafTmc-zY-1RG6ChnxyeSt8pCw8CBWPeX5XlkD2rnslrlwB-5McTIFps5okw77EF1ajR9_FUVrRdB4pNE2j5OOb5nq-LtT-qOUgFKEPHfJojP3F4o31hNv9cx-amg_niGv5hfAEzjVChfO-3eoXI6EzVz4lY-28HTQLx5nw5TKSj6jFwJNYP37Qs9QTlAOJe5wGeMeUyWGZcrPKi1q8BOW2H3QNcfPJmtdoJf7QD9FJZeAKVAZ7cN0-C7rfUMnQ-cuIlhfJhhdvOdp_Rk6fCBs2fGk-y9eRN7ATudwYD5gu8kM3SFzisWDe5sV-baMVu376Z3FUoiQQxjWyg27zWRqnNYx2G242EG-bN1Wi3uLN3eLLUqQgrOMbB9xBFZTCG3Dj4LUj09A8c8MC01A9RNEhDHVyIYQ7QyYboxMTae5fHddHVBLyf9-G7tXXF_ntL-RBLiTd_UE0cv3fri6cA6S11m7y68vck6rK-MkguyA7v0WtW4ZVcgtfdi7CQ0_rmykOd-3NkrLnW-SM6ZPQnDlt4vEEeKIq-05GQjV5slQ0Tjk8ViiCcJwSlWfmdXQL4HFGiG-u7VT1vNi8cwJ-NhO3gFtOxNrT8KlRR124mtIxBH5OgrPmMDJiTEzc6dm-vfS9STB-w3EO4ocCIW5wvYSTO6MhtWLVC7mOl2jJ-cDDUH7NuHIGsGU_Hl479sswlEeQL76f8F-ZapwlKLjEmNjpQckdLhLr_vep9XJfQN88v_B4CeJqTJVYbtOXW9DPNhwT15V5hv_CYkM5SRtkXoW801gwCLa3LeyKcyXJKhoSEgY-R1P7R56HS8dqtHlGyFNDtBeoEWT-e8Naen_tXX1NVdH6JDFhjKxyIiDN3jMQdDMmqWeAU2W-ktKbZygHBeBoDk4OEm_eaApRf8g0exzEDKglmXFRLgXgDAh8RYRiMt0FqlS-W0dh0FW80T1w91E-0e86xh0Ejfh1q6PZKun8iZ7CpVhOfDIlvLCzYvzobR6LJwcIhfLVaUTbg5fwP5XTEoZBA65u2et3c0PIgjVnr2GcAUY6cnrWvx_8vFpIcGN4CgE4EYQoG4iwVRPPWG7CryXNxu4PMfwaaJCn2TAkA_a79h6JFYNzFv9c-9eRw1Bl-USnZ_Ni3BfYqCORPK86DiuHNtkUi7vLqp4VuvXle_1VyShE-SHaL-HfdLZAtIIajWp9E9Po6SVwipP_amPLv8dFh68SpaHakWvOpdz8PXNoTtmTL44bwznkj_6MiMQ&cid=CAASJeRomO8ARMmjsTJrHBJC2w45S5XjUvsgrtacucEWyJcgSWgv3O0&rfl=1%2Chttps%253A%252F%252Fwww.bg3.co%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
efa230a3973395419cb2746d720c89db14d28401636f48514642360656c172ce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://a011a39eb7575a461d98b9823b03d532.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 08:18:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
283
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11782
x-xss-protection
0
server
cafe
etag
11425859616848618248
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 24 Sep 2022 08:18:31 GMT
15072109310655081747
s0.2mdn.net/simgad/ Frame FAAE 		115 KB
115 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/15072109310655081747
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BAGeRltZCQ2h2o8WjYQBwwjlAnUdjCsn_qAZL9YXSZtyN82Xt-qJ9wX2HqzH2zjBnmBsi9wqL9RRGxXy5PeQnM4gf63A&cry=1&dbm_d=AKAmf-Bqey4ufO7ozakeoaYnLAmGmHM4yrmro_bkvPNZGtdVXyJoyR9wDFvr6DdA8Q60IUj5vAzmD4CVbfXV0Z7wOr8KVXVvMagmnLNM2mSu141icQHvpLnVSta59VBnm2UHd0kDuiavBZSNaE6g1xPrJPAtbVz4D_tTemZ9K5uBH29COPf94CAhVcMv8o8Z6LRm4KTjsVC3KZrlKNMasu_tZyA1lsw9-vF3_AO-JJQPXRTl4om6jYxgrCFDMbrpgz9-LkrWYo01fEIr1bFB1P4Jx2YhZSU9OXyxbGOYFrsVrNv_2l4DV_N-BDIYtJZvU2wEvpamDE0a9D9jrVIMuYqIoLBXLxE4nUB6epqcylMuVkOx3yii1rbyUA5Hy5xofpggQpaYU2Ls_655peg36PZh0rml3_ZxlTep7hCH2zMs1vaToeNiKxOAan_kmgfkrrvl02AvYcxdgrs6K_Zdaml-4BO6kb8h7ShZrzETIn5Sl_sMXjJsHLYi4AMmTip5-SZE72T4EVkgDLaaHd-H1_1jCb7F_4VPDGMtc5oh4Wk9x9mOXHpi7paeyxQHLxc1e-ramR1vYAH9pwk0wsCc3QgJ1ggl49dEuy3h5kNm_wsOjcQb0wJMNXAZTBlk-0bW4rUFk6_5114QFoDu3bGj_xG4ykJ9zqhN-HlC7ekOYV1O8XwuN9OMeJMa5_xhlCElQX0ORyJMYd5k80ZCOO8ysm8-cGf3q4Mbo0Xz_O3teL0dvHrA9LU6DyqaDjijP-0hd0rOJ_aVtYuNJmTxsFfGT-7NbH9HJ0RV3Q8dNftVyarEBCeoehG_a9XE2yhB7JeG5EQner9GdUGPH7_kBA_Yrb13MU9BbjDT1M_tMbhAOEy9KnPqO1TL9i5O0aGmOqlN7dj5Qk0AsvYqXvQLqeGVko6ZLj8lsjBd251k92dpYGrckyMnbayhafZ41KU-pdmGUcoIw5Vp8xEqGDfn3-Dq5nI3k4W8894TSNDJ4RKpPx_GTOBn92oi822dojGeQgMhYQ9lUjTfyMk795FXUycut4wmwgbAw1zrVqJoB5OGJmtt_raHFpfccXrmq7dTQOUA3_cHADUHPDrMf0oSZul2qhTjAQHU56vD3Fi2Q9pe8WVHkLeBSfDwM7zq_QPwg3dgyUEsjHUcgUAq04vm0P4pyJtv5pjICwGRFs7jl_tiX1hPX_RnZNqIsEOjrADWwaCc_HlgLKh3BzPqOHzjJZibEF7cN0jiXp0LfWrTmRgpP9Oq98h9o5pFHV1QOJxnJ3HNmEbrvgPsT71ozqpxWrtYatRJnbFgeil41CnhZTgHJxe1QOUqd0wW5tVPSz7UyZH-U4C-FkXNOZiOC6LY2H9T7i_FOlrtyWQb3vbnGA_g6rEmGXZxK47G1xM_4CnJEq86WOioeUhjqRXDAVy2pIGfVKXQzBsYH6Ajvrh7hUw_ASK_HfB9nqQHXeUeuE9N2YpAtVrVA4zB5jRdzK3nNK2faFtj79vltcOkLYNmnesqZNSXq3uZg6hlfPZZXVlY39EA60cmD8AD5_Syk0EZP4M7fJdGJKT8iKxkK7u4SMsLfT0-HthZSFhDl3xR_eRF3jNb_fUKC9eFA-Mf0C38QNRZTJMv_NEVADDwEcFKO8VrNd7tz9TVwrA9gQSRYiGYQGb6bo84K3hkHrdnAeYBWsADvHIFyD047lJEdRZQYl0iLGx92NF86YDIaCjse3vVFMqAoDDRCnZKub-MyiI_a8nRcueebHBZBPy71t6RZc3Z7cemDLUVljvTWOUamgAoOec6kDtl7Bsbw0zqqdiBz-0U2i_Rj8cx4aPb7SbvT4qAFaZ-_sL9q5GPlIvRwopLHEvO5UjA6puE3N7-fnGq3a5UYKDk_3k3G8vwlsLRfra-Sz_iMzFXltIOIG7w2xWEROUk97sYLIn4tUfp4xVBGMy7wAcuCRpkjPIhKnlROjP5eFYDJ1RGZtWYbDS_zeYotwkGbFslug5eiNQXuDlIA0tWs992b9XEzT_VVoz5vtguvz6timtET4Gsaxd66SiMGmy5jxl31WDg34Gx1lnvJioi_hGtWX0be2n3esM885RNRlvylQD_66M8Nrl66XYfUDlxMwLab22jnfafTmc-zY-1RG6ChnxyeSt8pCw8CBWPeX5XlkD2rnslrlwB-5McTIFps5okw77EF1ajR9_FUVrRdB4pNE2j5OOb5nq-LtT-qOUgFKEPHfJojP3F4o31hNv9cx-amg_niGv5hfAEzjVChfO-3eoXI6EzVz4lY-28HTQLx5nw5TKSj6jFwJNYP37Qs9QTlAOJe5wGeMeUyWGZcrPKi1q8BOW2H3QNcfPJmtdoJf7QD9FJZeAKVAZ7cN0-C7rfUMnQ-cuIlhfJhhdvOdp_Rk6fCBs2fGk-y9eRN7ATudwYD5gu8kM3SFzisWDe5sV-baMVu376Z3FUoiQQxjWyg27zWRqnNYx2G242EG-bN1Wi3uLN3eLLUqQgrOMbB9xBFZTCG3Dj4LUj09A8c8MC01A9RNEhDHVyIYQ7QyYboxMTae5fHddHVBLyf9-G7tXXF_ntL-RBLiTd_UE0cv3fri6cA6S11m7y68vck6rK-MkguyA7v0WtW4ZVcgtfdi7CQ0_rmykOd-3NkrLnW-SM6ZPQnDlt4vEEeKIq-05GQjV5slQ0Tjk8ViiCcJwSlWfmdXQL4HFGiG-u7VT1vNi8cwJ-NhO3gFtOxNrT8KlRR124mtIxBH5OgrPmMDJiTEzc6dm-vfS9STB-w3EO4ocCIW5wvYSTO6MhtWLVC7mOl2jJ-cDDUH7NuHIGsGU_Hl479sswlEeQL76f8F-ZapwlKLjEmNjpQckdLhLr_vep9XJfQN88v_B4CeJqTJVYbtOXW9DPNhwT15V5hv_CYkM5SRtkXoW801gwCLa3LeyKcyXJKhoSEgY-R1P7R56HS8dqtHlGyFNDtBeoEWT-e8Naen_tXX1NVdH6JDFhjKxyIiDN3jMQdDMmqWeAU2W-ktKbZygHBeBoDk4OEm_eaApRf8g0exzEDKglmXFRLgXgDAh8RYRiMt0FqlS-W0dh0FW80T1w91E-0e86xh0Ejfh1q6PZKun8iZ7CpVhOfDIlvLCzYvzobR6LJwcIhfLVaUTbg5fwP5XTEoZBA65u2et3c0PIgjVnr2GcAUY6cnrWvx_8vFpIcGN4CgE4EYQoG4iwVRPPWG7CryXNxu4PMfwaaJCn2TAkA_a79h6JFYNzFv9c-9eRw1Bl-USnZ_Ni3BfYqCORPK86DiuHNtkUi7vLqp4VuvXle_1VyShE-SHaL-HfdLZAtIIajWp9E9Po6SVwipP_amPLv8dFh68SpaHakWvOpdz8PXNoTtmTL44bwznkj_6MiMQ&cid=CAASJeRomO8ARMmjsTJrHBJC2w45S5XjUvsgrtacucEWyJcgSWgv3O0&rfl=1%2Chttps%253A%252F%252Fwww.bg3.co%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f148.1e100.net
Software
sffe /
Resource Hash
0eb3f65506e9dd4ffe7e17304a2f8172dfbfee8e377dac317eee96d4541210ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://a011a39eb7575a461d98b9823b03d532.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 16:13:56 GMT
x-content-type-options
nosniff
age
144558
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
117961
x-xss-protection
0
last-modified
Tue, 09 Aug 2022 04:51:27 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 08 Sep 2023 16:13:56 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220907/r20110914/elements/html/ Frame FAAE 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220907/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BAGeRltZCQ2h2o8WjYQBwwjlAnUdjCsn_qAZL9YXSZtyN82Xt-qJ9wX2HqzH2zjBnmBsi9wqL9RRGxXy5PeQnM4gf63A&cry=1&dbm_d=AKAmf-Bqey4ufO7ozakeoaYnLAmGmHM4yrmro_bkvPNZGtdVXyJoyR9wDFvr6DdA8Q60IUj5vAzmD4CVbfXV0Z7wOr8KVXVvMagmnLNM2mSu141icQHvpLnVSta59VBnm2UHd0kDuiavBZSNaE6g1xPrJPAtbVz4D_tTemZ9K5uBH29COPf94CAhVcMv8o8Z6LRm4KTjsVC3KZrlKNMasu_tZyA1lsw9-vF3_AO-JJQPXRTl4om6jYxgrCFDMbrpgz9-LkrWYo01fEIr1bFB1P4Jx2YhZSU9OXyxbGOYFrsVrNv_2l4DV_N-BDIYtJZvU2wEvpamDE0a9D9jrVIMuYqIoLBXLxE4nUB6epqcylMuVkOx3yii1rbyUA5Hy5xofpggQpaYU2Ls_655peg36PZh0rml3_ZxlTep7hCH2zMs1vaToeNiKxOAan_kmgfkrrvl02AvYcxdgrs6K_Zdaml-4BO6kb8h7ShZrzETIn5Sl_sMXjJsHLYi4AMmTip5-SZE72T4EVkgDLaaHd-H1_1jCb7F_4VPDGMtc5oh4Wk9x9mOXHpi7paeyxQHLxc1e-ramR1vYAH9pwk0wsCc3QgJ1ggl49dEuy3h5kNm_wsOjcQb0wJMNXAZTBlk-0bW4rUFk6_5114QFoDu3bGj_xG4ykJ9zqhN-HlC7ekOYV1O8XwuN9OMeJMa5_xhlCElQX0ORyJMYd5k80ZCOO8ysm8-cGf3q4Mbo0Xz_O3teL0dvHrA9LU6DyqaDjijP-0hd0rOJ_aVtYuNJmTxsFfGT-7NbH9HJ0RV3Q8dNftVyarEBCeoehG_a9XE2yhB7JeG5EQner9GdUGPH7_kBA_Yrb13MU9BbjDT1M_tMbhAOEy9KnPqO1TL9i5O0aGmOqlN7dj5Qk0AsvYqXvQLqeGVko6ZLj8lsjBd251k92dpYGrckyMnbayhafZ41KU-pdmGUcoIw5Vp8xEqGDfn3-Dq5nI3k4W8894TSNDJ4RKpPx_GTOBn92oi822dojGeQgMhYQ9lUjTfyMk795FXUycut4wmwgbAw1zrVqJoB5OGJmtt_raHFpfccXrmq7dTQOUA3_cHADUHPDrMf0oSZul2qhTjAQHU56vD3Fi2Q9pe8WVHkLeBSfDwM7zq_QPwg3dgyUEsjHUcgUAq04vm0P4pyJtv5pjICwGRFs7jl_tiX1hPX_RnZNqIsEOjrADWwaCc_HlgLKh3BzPqOHzjJZibEF7cN0jiXp0LfWrTmRgpP9Oq98h9o5pFHV1QOJxnJ3HNmEbrvgPsT71ozqpxWrtYatRJnbFgeil41CnhZTgHJxe1QOUqd0wW5tVPSz7UyZH-U4C-FkXNOZiOC6LY2H9T7i_FOlrtyWQb3vbnGA_g6rEmGXZxK47G1xM_4CnJEq86WOioeUhjqRXDAVy2pIGfVKXQzBsYH6Ajvrh7hUw_ASK_HfB9nqQHXeUeuE9N2YpAtVrVA4zB5jRdzK3nNK2faFtj79vltcOkLYNmnesqZNSXq3uZg6hlfPZZXVlY39EA60cmD8AD5_Syk0EZP4M7fJdGJKT8iKxkK7u4SMsLfT0-HthZSFhDl3xR_eRF3jNb_fUKC9eFA-Mf0C38QNRZTJMv_NEVADDwEcFKO8VrNd7tz9TVwrA9gQSRYiGYQGb6bo84K3hkHrdnAeYBWsADvHIFyD047lJEdRZQYl0iLGx92NF86YDIaCjse3vVFMqAoDDRCnZKub-MyiI_a8nRcueebHBZBPy71t6RZc3Z7cemDLUVljvTWOUamgAoOec6kDtl7Bsbw0zqqdiBz-0U2i_Rj8cx4aPb7SbvT4qAFaZ-_sL9q5GPlIvRwopLHEvO5UjA6puE3N7-fnGq3a5UYKDk_3k3G8vwlsLRfra-Sz_iMzFXltIOIG7w2xWEROUk97sYLIn4tUfp4xVBGMy7wAcuCRpkjPIhKnlROjP5eFYDJ1RGZtWYbDS_zeYotwkGbFslug5eiNQXuDlIA0tWs992b9XEzT_VVoz5vtguvz6timtET4Gsaxd66SiMGmy5jxl31WDg34Gx1lnvJioi_hGtWX0be2n3esM885RNRlvylQD_66M8Nrl66XYfUDlxMwLab22jnfafTmc-zY-1RG6ChnxyeSt8pCw8CBWPeX5XlkD2rnslrlwB-5McTIFps5okw77EF1ajR9_FUVrRdB4pNE2j5OOb5nq-LtT-qOUgFKEPHfJojP3F4o31hNv9cx-amg_niGv5hfAEzjVChfO-3eoXI6EzVz4lY-28HTQLx5nw5TKSj6jFwJNYP37Qs9QTlAOJe5wGeMeUyWGZcrPKi1q8BOW2H3QNcfPJmtdoJf7QD9FJZeAKVAZ7cN0-C7rfUMnQ-cuIlhfJhhdvOdp_Rk6fCBs2fGk-y9eRN7ATudwYD5gu8kM3SFzisWDe5sV-baMVu376Z3FUoiQQxjWyg27zWRqnNYx2G242EG-bN1Wi3uLN3eLLUqQgrOMbB9xBFZTCG3Dj4LUj09A8c8MC01A9RNEhDHVyIYQ7QyYboxMTae5fHddHVBLyf9-G7tXXF_ntL-RBLiTd_UE0cv3fri6cA6S11m7y68vck6rK-MkguyA7v0WtW4ZVcgtfdi7CQ0_rmykOd-3NkrLnW-SM6ZPQnDlt4vEEeKIq-05GQjV5slQ0Tjk8ViiCcJwSlWfmdXQL4HFGiG-u7VT1vNi8cwJ-NhO3gFtOxNrT8KlRR124mtIxBH5OgrPmMDJiTEzc6dm-vfS9STB-w3EO4ocCIW5wvYSTO6MhtWLVC7mOl2jJ-cDDUH7NuHIGsGU_Hl479sswlEeQL76f8F-ZapwlKLjEmNjpQckdLhLr_vep9XJfQN88v_B4CeJqTJVYbtOXW9DPNhwT15V5hv_CYkM5SRtkXoW801gwCLa3LeyKcyXJKhoSEgY-R1P7R56HS8dqtHlGyFNDtBeoEWT-e8Naen_tXX1NVdH6JDFhjKxyIiDN3jMQdDMmqWeAU2W-ktKbZygHBeBoDk4OEm_eaApRf8g0exzEDKglmXFRLgXgDAh8RYRiMt0FqlS-W0dh0FW80T1w91E-0e86xh0Ejfh1q6PZKun8iZ7CpVhOfDIlvLCzYvzobR6LJwcIhfLVaUTbg5fwP5XTEoZBA65u2et3c0PIgjVnr2GcAUY6cnrWvx_8vFpIcGN4CgE4EYQoG4iwVRPPWG7CryXNxu4PMfwaaJCn2TAkA_a79h6JFYNzFv9c-9eRw1Bl-USnZ_Ni3BfYqCORPK86DiuHNtkUi7vLqp4VuvXle_1VyShE-SHaL-HfdLZAtIIajWp9E9Po6SVwipP_amPLv8dFh68SpaHakWvOpdz8PXNoTtmTL44bwznkj_6MiMQ&cid=CAASJeRomO8ARMmjsTJrHBJC2w45S5XjUvsgrtacucEWyJcgSWgv3O0&rfl=1%2Chttps%253A%252F%252Fwww.bg3.co%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://a011a39eb7575a461d98b9823b03d532.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 07:59:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1407
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3181
x-xss-protection
0
server
cafe
etag
10699485926258732851
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 24 Sep 2022 07:59:47 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame FAAE 		0
622 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstdsG-PadEA0_aW9p-uAPaADxoIvCgRsF8kKrMdnuqrWj7ds4F7Qz6sl_ThJq4ax4Er8r6PI9JnRpsDGiiZbxE9f4M8xbOz9c3jGXP_kA5qhwB13ORMELwX65bqpaZD4Z7CTLJI_ujYd77SBOaS89BKo80HkuWFMPbcwyH4qPfJT6opwKDvsPNt0W7K6Gp1xqZ_JG7wYBDteGMuIF6Pgn_1zKSesfy1UXpysJmEsYU16afCSuwFGhTUg_P9fPvN6v22I56lkR6MMz5_sKPGSZarmb1M0MbNJho-UdOS7p0yIjPUGdD0PD2-21K7__8Nat1zuxI3JaGkyFOq7ZKlYwkXID4r8ddYgvUpG1xbuBsWGCCgD7I-yVJCZ4vMK39x2gqWUF3_6AtE-4rQX3AFuh6dqYui-sKxvvJJHJGeCJTss_r0Le8rLuc9M0yq8FgQ3QEHspkcGbIcjTJDSVfNhbRvdY80rAe3zDUq3fTSNG8P8nj65HqKUaeCJ1FMc-4cX6Ccnf2pu74hncfq1e9baQc7GCFvtAXPWGL1O36jtfoqRa0o_9T324r88n645zCua4CSXM_Nme4uXktnxYr686Zmp8f5_UZIYG3hM9nB6CPUGJP_IJe8OMVR-SOzhFaMPJ5Q_DWc-fx4_q9oJJhxbZdU0_z7gY1PddsRkG0d7b-J47fnudX2QXAw5CV8dOWaG735wBBWtVYWHiJuB9BhjMgJ2_RgSw7vcwzNHbby1L08liGDio2tjBfOYlbjiztS7OZco0sOlI0BstK5VCEeZHAthVfPTgYDzVqjo6Fao9ywIUYb0ITYnc-PH1AZeKwE4d5MuHb36p7eOAVQlKQYtBmRfOK4edtaVQ2hKBNnR_Lgxg3eGfC5Lz_QneWI3uHnllJY4ZF6APSaZl5MX_YOu-wkL3CVuaZqScids5_WPMomvYpVOQmpYHsR15Snc-O36X1MpxMGLjwZ6jn4xlomVu2Nl-A2opn47aYSExxQaUjv8O84sPy-sipd_pvorAspqwowPB_OENKvQGFOmP2PVzOg93IrovauC1rGHu3y1-TI0Tws2ZD8-uQOvJzVctK0jMvU_aUrGeSaZU576c0FMJ9QtZu9dq711WBFtFL4e_ImCuMUpBhcxgi5JfJAruU8k1yRH6yI1NNqKaj_Oo1OPAu5KFa4ASJcbf3fBKvwsJoEXGjVIC62YTHI9732qeIuEySrEw&sai=AMfl-YTNQFYuCYUUmBIZsEGh1ixcw6nyRKnmE-NcaYsoQ4zLVd_rjKbTd6c8ukdPw9JTKfY7KT7U-iXFqd-DFp_52F_XaXDRUUL03hUzSV5LjdRtAtLU1MojzxmTMlMlYnaZlm0MgRXARsw_8QzwtVUIRGNxEu1yJiKBuTIRpRfLiw9Fuo7WojQFEpcDbvhK-OQ7glqu5rNeQX_IQjMyEwF20-Y160s&sig=Cg0ArKJSzKmBGY0oWwSZEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=1&cisv=r20220907.93771&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BAGeRltZCQ2h2o8WjYQBwwjlAnUdjCsn_qAZL9YXSZtyN82Xt-qJ9wX2HqzH2zjBnmBsi9wqL9RRGxXy5PeQnM4gf63A&cry=1&dbm_d=AKAmf-Bqey4ufO7ozakeoaYnLAmGmHM4yrmro_bkvPNZGtdVXyJoyR9wDFvr6DdA8Q60IUj5vAzmD4CVbfXV0Z7wOr8KVXVvMagmnLNM2mSu141icQHvpLnVSta59VBnm2UHd0kDuiavBZSNaE6g1xPrJPAtbVz4D_tTemZ9K5uBH29COPf94CAhVcMv8o8Z6LRm4KTjsVC3KZrlKNMasu_tZyA1lsw9-vF3_AO-JJQPXRTl4om6jYxgrCFDMbrpgz9-LkrWYo01fEIr1bFB1P4Jx2YhZSU9OXyxbGOYFrsVrNv_2l4DV_N-BDIYtJZvU2wEvpamDE0a9D9jrVIMuYqIoLBXLxE4nUB6epqcylMuVkOx3yii1rbyUA5Hy5xofpggQpaYU2Ls_655peg36PZh0rml3_ZxlTep7hCH2zMs1vaToeNiKxOAan_kmgfkrrvl02AvYcxdgrs6K_Zdaml-4BO6kb8h7ShZrzETIn5Sl_sMXjJsHLYi4AMmTip5-SZE72T4EVkgDLaaHd-H1_1jCb7F_4VPDGMtc5oh4Wk9x9mOXHpi7paeyxQHLxc1e-ramR1vYAH9pwk0wsCc3QgJ1ggl49dEuy3h5kNm_wsOjcQb0wJMNXAZTBlk-0bW4rUFk6_5114QFoDu3bGj_xG4ykJ9zqhN-HlC7ekOYV1O8XwuN9OMeJMa5_xhlCElQX0ORyJMYd5k80ZCOO8ysm8-cGf3q4Mbo0Xz_O3teL0dvHrA9LU6DyqaDjijP-0hd0rOJ_aVtYuNJmTxsFfGT-7NbH9HJ0RV3Q8dNftVyarEBCeoehG_a9XE2yhB7JeG5EQner9GdUGPH7_kBA_Yrb13MU9BbjDT1M_tMbhAOEy9KnPqO1TL9i5O0aGmOqlN7dj5Qk0AsvYqXvQLqeGVko6ZLj8lsjBd251k92dpYGrckyMnbayhafZ41KU-pdmGUcoIw5Vp8xEqGDfn3-Dq5nI3k4W8894TSNDJ4RKpPx_GTOBn92oi822dojGeQgMhYQ9lUjTfyMk795FXUycut4wmwgbAw1zrVqJoB5OGJmtt_raHFpfccXrmq7dTQOUA3_cHADUHPDrMf0oSZul2qhTjAQHU56vD3Fi2Q9pe8WVHkLeBSfDwM7zq_QPwg3dgyUEsjHUcgUAq04vm0P4pyJtv5pjICwGRFs7jl_tiX1hPX_RnZNqIsEOjrADWwaCc_HlgLKh3BzPqOHzjJZibEF7cN0jiXp0LfWrTmRgpP9Oq98h9o5pFHV1QOJxnJ3HNmEbrvgPsT71ozqpxWrtYatRJnbFgeil41CnhZTgHJxe1QOUqd0wW5tVPSz7UyZH-U4C-FkXNOZiOC6LY2H9T7i_FOlrtyWQb3vbnGA_g6rEmGXZxK47G1xM_4CnJEq86WOioeUhjqRXDAVy2pIGfVKXQzBsYH6Ajvrh7hUw_ASK_HfB9nqQHXeUeuE9N2YpAtVrVA4zB5jRdzK3nNK2faFtj79vltcOkLYNmnesqZNSXq3uZg6hlfPZZXVlY39EA60cmD8AD5_Syk0EZP4M7fJdGJKT8iKxkK7u4SMsLfT0-HthZSFhDl3xR_eRF3jNb_fUKC9eFA-Mf0C38QNRZTJMv_NEVADDwEcFKO8VrNd7tz9TVwrA9gQSRYiGYQGb6bo84K3hkHrdnAeYBWsADvHIFyD047lJEdRZQYl0iLGx92NF86YDIaCjse3vVFMqAoDDRCnZKub-MyiI_a8nRcueebHBZBPy71t6RZc3Z7cemDLUVljvTWOUamgAoOec6kDtl7Bsbw0zqqdiBz-0U2i_Rj8cx4aPb7SbvT4qAFaZ-_sL9q5GPlIvRwopLHEvO5UjA6puE3N7-fnGq3a5UYKDk_3k3G8vwlsLRfra-Sz_iMzFXltIOIG7w2xWEROUk97sYLIn4tUfp4xVBGMy7wAcuCRpkjPIhKnlROjP5eFYDJ1RGZtWYbDS_zeYotwkGbFslug5eiNQXuDlIA0tWs992b9XEzT_VVoz5vtguvz6timtET4Gsaxd66SiMGmy5jxl31WDg34Gx1lnvJioi_hGtWX0be2n3esM885RNRlvylQD_66M8Nrl66XYfUDlxMwLab22jnfafTmc-zY-1RG6ChnxyeSt8pCw8CBWPeX5XlkD2rnslrlwB-5McTIFps5okw77EF1ajR9_FUVrRdB4pNE2j5OOb5nq-LtT-qOUgFKEPHfJojP3F4o31hNv9cx-amg_niGv5hfAEzjVChfO-3eoXI6EzVz4lY-28HTQLx5nw5TKSj6jFwJNYP37Qs9QTlAOJe5wGeMeUyWGZcrPKi1q8BOW2H3QNcfPJmtdoJf7QD9FJZeAKVAZ7cN0-C7rfUMnQ-cuIlhfJhhdvOdp_Rk6fCBs2fGk-y9eRN7ATudwYD5gu8kM3SFzisWDe5sV-baMVu376Z3FUoiQQxjWyg27zWRqnNYx2G242EG-bN1Wi3uLN3eLLUqQgrOMbB9xBFZTCG3Dj4LUj09A8c8MC01A9RNEhDHVyIYQ7QyYboxMTae5fHddHVBLyf9-G7tXXF_ntL-RBLiTd_UE0cv3fri6cA6S11m7y68vck6rK-MkguyA7v0WtW4ZVcgtfdi7CQ0_rmykOd-3NkrLnW-SM6ZPQnDlt4vEEeKIq-05GQjV5slQ0Tjk8ViiCcJwSlWfmdXQL4HFGiG-u7VT1vNi8cwJ-NhO3gFtOxNrT8KlRR124mtIxBH5OgrPmMDJiTEzc6dm-vfS9STB-w3EO4ocCIW5wvYSTO6MhtWLVC7mOl2jJ-cDDUH7NuHIGsGU_Hl479sswlEeQL76f8F-ZapwlKLjEmNjpQckdLhLr_vep9XJfQN88v_B4CeJqTJVYbtOXW9DPNhwT15V5hv_CYkM5SRtkXoW801gwCLa3LeyKcyXJKhoSEgY-R1P7R56HS8dqtHlGyFNDtBeoEWT-e8Naen_tXX1NVdH6JDFhjKxyIiDN3jMQdDMmqWeAU2W-ktKbZygHBeBoDk4OEm_eaApRf8g0exzEDKglmXFRLgXgDAh8RYRiMt0FqlS-W0dh0FW80T1w91E-0e86xh0Ejfh1q6PZKun8iZ7CpVhOfDIlvLCzYvzobR6LJwcIhfLVaUTbg5fwP5XTEoZBA65u2et3c0PIgjVnr2GcAUY6cnrWvx_8vFpIcGN4CgE4EYQoG4iwVRPPWG7CryXNxu4PMfwaaJCn2TAkA_a79h6JFYNzFv9c-9eRw1Bl-USnZ_Ni3BfYqCORPK86DiuHNtkUi7vLqp4VuvXle_1VyShE-SHaL-HfdLZAtIIajWp9E9Po6SVwipP_amPLv8dFh68SpaHakWvOpdz8PXNoTtmTL44bwznkj_6MiMQ&cid=CAASJeRomO8ARMmjsTJrHBJC2w45S5XjUvsgrtacucEWyJcgSWgv3O0&rfl=1%2Chttps%253A%252F%252Fwww.bg3.co%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://a011a39eb7575a461d98b9823b03d532.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Sat, 10 Sep 2022 08:23:14 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame FAAE 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BAGeRltZCQ2h2o8WjYQBwwjlAnUdjCsn_qAZL9YXSZtyN82Xt-qJ9wX2HqzH2zjBnmBsi9wqL9RRGxXy5PeQnM4gf63A&cry=1&dbm_d=AKAmf-Bqey4ufO7ozakeoaYnLAmGmHM4yrmro_bkvPNZGtdVXyJoyR9wDFvr6DdA8Q60IUj5vAzmD4CVbfXV0Z7wOr8KVXVvMagmnLNM2mSu141icQHvpLnVSta59VBnm2UHd0kDuiavBZSNaE6g1xPrJPAtbVz4D_tTemZ9K5uBH29COPf94CAhVcMv8o8Z6LRm4KTjsVC3KZrlKNMasu_tZyA1lsw9-vF3_AO-JJQPXRTl4om6jYxgrCFDMbrpgz9-LkrWYo01fEIr1bFB1P4Jx2YhZSU9OXyxbGOYFrsVrNv_2l4DV_N-BDIYtJZvU2wEvpamDE0a9D9jrVIMuYqIoLBXLxE4nUB6epqcylMuVkOx3yii1rbyUA5Hy5xofpggQpaYU2Ls_655peg36PZh0rml3_ZxlTep7hCH2zMs1vaToeNiKxOAan_kmgfkrrvl02AvYcxdgrs6K_Zdaml-4BO6kb8h7ShZrzETIn5Sl_sMXjJsHLYi4AMmTip5-SZE72T4EVkgDLaaHd-H1_1jCb7F_4VPDGMtc5oh4Wk9x9mOXHpi7paeyxQHLxc1e-ramR1vYAH9pwk0wsCc3QgJ1ggl49dEuy3h5kNm_wsOjcQb0wJMNXAZTBlk-0bW4rUFk6_5114QFoDu3bGj_xG4ykJ9zqhN-HlC7ekOYV1O8XwuN9OMeJMa5_xhlCElQX0ORyJMYd5k80ZCOO8ysm8-cGf3q4Mbo0Xz_O3teL0dvHrA9LU6DyqaDjijP-0hd0rOJ_aVtYuNJmTxsFfGT-7NbH9HJ0RV3Q8dNftVyarEBCeoehG_a9XE2yhB7JeG5EQner9GdUGPH7_kBA_Yrb13MU9BbjDT1M_tMbhAOEy9KnPqO1TL9i5O0aGmOqlN7dj5Qk0AsvYqXvQLqeGVko6ZLj8lsjBd251k92dpYGrckyMnbayhafZ41KU-pdmGUcoIw5Vp8xEqGDfn3-Dq5nI3k4W8894TSNDJ4RKpPx_GTOBn92oi822dojGeQgMhYQ9lUjTfyMk795FXUycut4wmwgbAw1zrVqJoB5OGJmtt_raHFpfccXrmq7dTQOUA3_cHADUHPDrMf0oSZul2qhTjAQHU56vD3Fi2Q9pe8WVHkLeBSfDwM7zq_QPwg3dgyUEsjHUcgUAq04vm0P4pyJtv5pjICwGRFs7jl_tiX1hPX_RnZNqIsEOjrADWwaCc_HlgLKh3BzPqOHzjJZibEF7cN0jiXp0LfWrTmRgpP9Oq98h9o5pFHV1QOJxnJ3HNmEbrvgPsT71ozqpxWrtYatRJnbFgeil41CnhZTgHJxe1QOUqd0wW5tVPSz7UyZH-U4C-FkXNOZiOC6LY2H9T7i_FOlrtyWQb3vbnGA_g6rEmGXZxK47G1xM_4CnJEq86WOioeUhjqRXDAVy2pIGfVKXQzBsYH6Ajvrh7hUw_ASK_HfB9nqQHXeUeuE9N2YpAtVrVA4zB5jRdzK3nNK2faFtj79vltcOkLYNmnesqZNSXq3uZg6hlfPZZXVlY39EA60cmD8AD5_Syk0EZP4M7fJdGJKT8iKxkK7u4SMsLfT0-HthZSFhDl3xR_eRF3jNb_fUKC9eFA-Mf0C38QNRZTJMv_NEVADDwEcFKO8VrNd7tz9TVwrA9gQSRYiGYQGb6bo84K3hkHrdnAeYBWsADvHIFyD047lJEdRZQYl0iLGx92NF86YDIaCjse3vVFMqAoDDRCnZKub-MyiI_a8nRcueebHBZBPy71t6RZc3Z7cemDLUVljvTWOUamgAoOec6kDtl7Bsbw0zqqdiBz-0U2i_Rj8cx4aPb7SbvT4qAFaZ-_sL9q5GPlIvRwopLHEvO5UjA6puE3N7-fnGq3a5UYKDk_3k3G8vwlsLRfra-Sz_iMzFXltIOIG7w2xWEROUk97sYLIn4tUfp4xVBGMy7wAcuCRpkjPIhKnlROjP5eFYDJ1RGZtWYbDS_zeYotwkGbFslug5eiNQXuDlIA0tWs992b9XEzT_VVoz5vtguvz6timtET4Gsaxd66SiMGmy5jxl31WDg34Gx1lnvJioi_hGtWX0be2n3esM885RNRlvylQD_66M8Nrl66XYfUDlxMwLab22jnfafTmc-zY-1RG6ChnxyeSt8pCw8CBWPeX5XlkD2rnslrlwB-5McTIFps5okw77EF1ajR9_FUVrRdB4pNE2j5OOb5nq-LtT-qOUgFKEPHfJojP3F4o31hNv9cx-amg_niGv5hfAEzjVChfO-3eoXI6EzVz4lY-28HTQLx5nw5TKSj6jFwJNYP37Qs9QTlAOJe5wGeMeUyWGZcrPKi1q8BOW2H3QNcfPJmtdoJf7QD9FJZeAKVAZ7cN0-C7rfUMnQ-cuIlhfJhhdvOdp_Rk6fCBs2fGk-y9eRN7ATudwYD5gu8kM3SFzisWDe5sV-baMVu376Z3FUoiQQxjWyg27zWRqnNYx2G242EG-bN1Wi3uLN3eLLUqQgrOMbB9xBFZTCG3Dj4LUj09A8c8MC01A9RNEhDHVyIYQ7QyYboxMTae5fHddHVBLyf9-G7tXXF_ntL-RBLiTd_UE0cv3fri6cA6S11m7y68vck6rK-MkguyA7v0WtW4ZVcgtfdi7CQ0_rmykOd-3NkrLnW-SM6ZPQnDlt4vEEeKIq-05GQjV5slQ0Tjk8ViiCcJwSlWfmdXQL4HFGiG-u7VT1vNi8cwJ-NhO3gFtOxNrT8KlRR124mtIxBH5OgrPmMDJiTEzc6dm-vfS9STB-w3EO4ocCIW5wvYSTO6MhtWLVC7mOl2jJ-cDDUH7NuHIGsGU_Hl479sswlEeQL76f8F-ZapwlKLjEmNjpQckdLhLr_vep9XJfQN88v_B4CeJqTJVYbtOXW9DPNhwT15V5hv_CYkM5SRtkXoW801gwCLa3LeyKcyXJKhoSEgY-R1P7R56HS8dqtHlGyFNDtBeoEWT-e8Naen_tXX1NVdH6JDFhjKxyIiDN3jMQdDMmqWeAU2W-ktKbZygHBeBoDk4OEm_eaApRf8g0exzEDKglmXFRLgXgDAh8RYRiMt0FqlS-W0dh0FW80T1w91E-0e86xh0Ejfh1q6PZKun8iZ7CpVhOfDIlvLCzYvzobR6LJwcIhfLVaUTbg5fwP5XTEoZBA65u2et3c0PIgjVnr2GcAUY6cnrWvx_8vFpIcGN4CgE4EYQoG4iwVRPPWG7CryXNxu4PMfwaaJCn2TAkA_a79h6JFYNzFv9c-9eRw1Bl-USnZ_Ni3BfYqCORPK86DiuHNtkUi7vLqp4VuvXle_1VyShE-SHaL-HfdLZAtIIajWp9E9Po6SVwipP_amPLv8dFh68SpaHakWvOpdz8PXNoTtmTL44bwznkj_6MiMQ&cid=CAASJeRomO8ARMmjsTJrHBJC2w45S5XjUvsgrtacucEWyJcgSWgv3O0&rfl=1%2Chttps%253A%252F%252Fwww.bg3.co%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f132.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://a011a39eb7575a461d98b9823b03d532.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 13:40:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
153739
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 08 Sep 2023 13:40:55 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/ Frame C5A6 		346 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_fy2021.js?bust=31069448
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4126554779393986
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
68ab8e9f6986b266d2e11b9e6e1720f94bde721686a3dfc3d88f04c90793e954
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 08:23:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
124739
x-xss-protection
0
server
cafe
etag
6398320999790593747
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sat, 10 Sep 2022 08:23:14 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220907/r20190131/ Frame 8F4C 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220907/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4126554779393986
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
cafe /
Resource Hash
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
17488
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4412
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 10 Sep 2022 03:31:46 GMT
etag
8616628553774171045
expires
Sat, 24 Sep 2022 03:31:46 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220907/r20110914/ Frame ED5D 		30 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220907/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A8evtrw_ERKHddzZOLN7vJ3Nd3pdVpHM2fyS0D8-RzrnB24-DcdaixrtvxzGCHSEmLPyxoZiQhCBZxDFp6XY0nXsEFjQ&cry=1&dbm_d=AKAmf-DWG7wfscyRYEDLKjNV7A3u0IExRijEgpo92zX0xNKJdKYcKtpDWkUTTc--oqu3ul5HKES9REbpJBEARjrsOLOB9V8vm6i8i4I6oiCLAN2L4uoG6_t8JPQxYj8Je95jeqmarqZDQtM7XCvj0EnmAQnjLQvi8oxDMjZ8EUI1Ts7E3qVL8wpT77ENBhk6SbUStzhoHU8hi_GyDpp9_CIoApXJhW10KCns7WGhsUcCdGS3hZLVr0yrXOoRE9OOseXoNIw4bmSB0Vss-aex1gbHBcpCL0vGNLvZKzGm5Oxm7w1jD_-gURoji8CBxMHnl7ZQSH3C-8dbsABlEGDKPXQisBt6aXeMrPSO72Zqs1MXcP1KFZ8v6ENF446KD3AijZdcCXFDEp3dxuDAB5AvQOLutr01N7Z_PqXWI1OcKk6bV5o4v3QoQZWnDADhB6BkMuFy6gbd1ZUJyMHbsvv3yomSUskFKgNmagIvUOJJxlBqck8rIhtKcBMWn8GHB0C3TD6QmL4S5iwCVaBOuymhIz_rDgw4EaFtiDr2AWWq9h5yLdGqf-pkusJ5et-cboneBLJ4EYHuoYuBqTYGCCrLDITC7PHiyVNW9gkYnpxbdQNhZpjvL998CWKhGvLzG2739jbJPWiKgC5pS0zuPuJpxvVbZnEdSFpP3wucIajRneNj0CuH67ySxrRyKyfYSFo11JyzAnsz52l6illa9nIFop_bSvkrMwmSTwFrJOXapvRMmDbx6McIdyj22kX-HTV8jfoCGvKSkzqS2vYjQw4I7T1JHbTmNAuskjLTJ3wIe_A_XehlZ9OSPhpc_DjlgvFxumSnfWrwjcHEG57jn_-985m5KM4FqcwvLfMDf4rmvcrPtpz0hRLQV_VA9B_joF4L_gJs6WqR_bc6hOGFPRd_2ajzeng2VlG07DaS-ypSQfRNFVdcdifwRKJL0VWJk56tQLYpKijSQK4hiUUMWleo44_P3e2VbgeEHrx41i4kSp_okZ3dZ1gS82iYH5LwE58gzj-ZIyL1hI7MPbhiHakuOYwKcFhz4ZD8kiYiXsJWXMeO2fgXrm8nv-DHKZOdLiCose8qYOyqq3K1AqFtQWFsBay0gxK6C-NhhT77Rc-P_88-8mb2ZWJgi8ZG-TZ1Uu1cfXAx07l8L2fsgJG40s8Q2YwWbFMByXmO44CcxrhYcxOD-qmoW8KRR-d_vobGH4-lLUHq3ln41kj_9FXxDpALkbufNv85SmtofLAdypPSRfwaEaWDN8ghIkQYPRUzPy2JMqsF6Ey775mwjFpKn1PAaSKMuo4c0hMdvKj-C5Pe7ArMh0eQ8eAJdPnXntwh0JeO9nu4lIXP6y7Kfrsu4FpnEHBM_3zjf0a-DhSajxOS5muKu3Y1Jl16S0L5XmVAbVTQAvYt2aKAS8q53y3_Cd1Z7RjIFaVxKMGVLo9lgxG7ogTNhMDcwpkiSsEpyFnCNK5nCNpMo6UWCKrm95i6mYb3QB_if0GsGUQ71UJ6S3k4ZqEn28IWRlpxGTeNCkwruiRc_vsHgqF5TnvyuWPKSE3P6dsQzfMTQh2_0i2nXXKPegOthy96_M5biQvkSm1B7cvwtYFF2o4sk1Ie1ENclzXGexlvLHsRtILLwvds1Ck97qpANyqUofMlI2K2735l30Yggkzh8_ELhl77HXg8ZDlQjkGsRPrNnBUYg11zl8iK2IExVIitjrSDbUulFWNMJOZ658M9Z-vvYi1D10yg83Hc5-53LNMJVljX4yrhym2VbqgmBAOJcFAJ-xKdtgVCqlYyKodRzpCV39VUprkjbQBcWP-5KX2NY-hCZsX9NYgIJ1U8JCURcB3Z5l-r4T9BvMm0eqUn-onMmeOvYiq-fsWGJUEKXZ8dkpAh5FD-gWTa57Poqd0mG0UwQcZ-PlQQhPb0Kv0alqQJ0lBoTviIlHthY6Ygiwi5bP-1SlTbE701hGzFyVnWIp03U1D6TDuSuSLRiPBb0LgMnKUBzJxDhVWc50noHD5_V3rd5coTdtH6J9qbDGDiGYSMeLyXf8CH-O2GYcTwxlg0q_nLBEn-YuLkuNQLWQx0hIk-7HVcXPL-agI5SyBB8gc21BAGHNi7Dz7HmGXLdvwiDy8paY_RJ59i3_z-6jv6qfvAe6-ifEzHef9vraviZrzsAcPh75QcBCd6nWjH6NpU-Ds3YaD2Et5Vi4C1KwnRLsaX8OxiCdp6G615IJc5DilmS2Ixrf4Hp1QNdfsHH-oTWybP8uUnLOEgxVjUHUaGbIwSz8fB2vGCiBoZJHpFz2xHde8K65hzdoge-lYZgs416WGQ6WLjRCZlNSM9e8-psbAac1GrekxM6UBBjzG3X5JjAPkP6z8I9BnweL47rC_K0NfcuXBDARRyki2HHqsHY3-raMEjUTKPz6rRzpLbD8ZisbuO5lmcikXS73E5WtGqOErd3l6Ce8Pc1l3wxkY0cMG9T-LMMJ6KxtdbUa9rArIEi_pbQFni1mZ69yN8eU4MB1sx0ZDhfutUjq5cYisR84KB3QhAR-dF4Xjkt8qt0O9XT1ODTrtVvJmfJ--K9bGsKcl8pCCGjWTcvSLE0LZAQzjUc_Nf2lwbtr9l1NxcfRLMPfNDcRCvENR9DL0pjGfM_Q1ro26wc0uS0cJiRfe4wDNoz3mAy-rrRB3w7CkHZ4FUiHbylKIH4YyEbPQir2sDlSuws_UjnOA_UWxP9kHsbNJuDFFc6upfgzBeX7tStzSPndecwqkiO7Ayce58mW3sK51sv95JhHxPfYKlzYXs4p8raVGWRo8nNd_46YUIYPibAy0x6alDH-I42cArz8y-VX3z2GmPXEZAjsBFs3piGRXEgj6NbITqNn3cibDdwES5yrIRrgkGzRMXvVmGc_aiSia4CevUfDwm1wVyAju2Dn1gzzV_rSBS9m6nMcdxVtRGIARJF6ZSu2H6l31vDwdd9--7FfSPzV1zrakH0654MY9tZ09XChO16DU1T_oGeTX-wMwWv-ReJPVmAZZVeYWqpqswgF4jhch0i-2qATAoYDFXO55oTetrGnPrRL_6lZGgGnnoHtAnu2mPdvOxT8Eq8huI1MbACUW2PHRdehOa0UhNM1r9aMzm51HXlBBqEKe_DwLq2GZJ5yEMVnlrtkkR92wlmJaqfCHH3piDgnIpV-1_JxaV3Yy6abyhEClSdgawkQcoO8_lBp-B-ilKDldHWPMeyqvSeJxB6UdHMgPn39eACluM-VeNMSTFy6nGFb1FDn5Gye8U6E19ZQr-vCEWS27q_Ime_pEppGmMlLZQjKeS_0w-pcX2Ff776a4M8ivkpWgyBuvmYFgVnA3GlS7GCcjiAAe0reNgO7dhJT8JS8EtsuQirAoKdnutUrbQRjBDdUKf6ox2duuDhirSgTZn9rMz&cid=CAASJeRorQtp0SavqwEd3dNv5srfJDv8ddVEbRW-uXXqi7u2AhdpgEU&rfl=1%2Chttps%253A%252F%252Fwww.bg3.co%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
efa230a3973395419cb2746d720c89db14d28401636f48514642360656c172ce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://a011a39eb7575a461d98b9823b03d532.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 08:18:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
283
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11782
x-xss-protection
0
server
cafe
etag
11425859616848618248
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 24 Sep 2022 08:18:31 GMT
14333434246235194825
s0.2mdn.net/simgad/ Frame ED5D 		111 KB
112 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/14333434246235194825
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A8evtrw_ERKHddzZOLN7vJ3Nd3pdVpHM2fyS0D8-RzrnB24-DcdaixrtvxzGCHSEmLPyxoZiQhCBZxDFp6XY0nXsEFjQ&cry=1&dbm_d=AKAmf-DWG7wfscyRYEDLKjNV7A3u0IExRijEgpo92zX0xNKJdKYcKtpDWkUTTc--oqu3ul5HKES9REbpJBEARjrsOLOB9V8vm6i8i4I6oiCLAN2L4uoG6_t8JPQxYj8Je95jeqmarqZDQtM7XCvj0EnmAQnjLQvi8oxDMjZ8EUI1Ts7E3qVL8wpT77ENBhk6SbUStzhoHU8hi_GyDpp9_CIoApXJhW10KCns7WGhsUcCdGS3hZLVr0yrXOoRE9OOseXoNIw4bmSB0Vss-aex1gbHBcpCL0vGNLvZKzGm5Oxm7w1jD_-gURoji8CBxMHnl7ZQSH3C-8dbsABlEGDKPXQisBt6aXeMrPSO72Zqs1MXcP1KFZ8v6ENF446KD3AijZdcCXFDEp3dxuDAB5AvQOLutr01N7Z_PqXWI1OcKk6bV5o4v3QoQZWnDADhB6BkMuFy6gbd1ZUJyMHbsvv3yomSUskFKgNmagIvUOJJxlBqck8rIhtKcBMWn8GHB0C3TD6QmL4S5iwCVaBOuymhIz_rDgw4EaFtiDr2AWWq9h5yLdGqf-pkusJ5et-cboneBLJ4EYHuoYuBqTYGCCrLDITC7PHiyVNW9gkYnpxbdQNhZpjvL998CWKhGvLzG2739jbJPWiKgC5pS0zuPuJpxvVbZnEdSFpP3wucIajRneNj0CuH67ySxrRyKyfYSFo11JyzAnsz52l6illa9nIFop_bSvkrMwmSTwFrJOXapvRMmDbx6McIdyj22kX-HTV8jfoCGvKSkzqS2vYjQw4I7T1JHbTmNAuskjLTJ3wIe_A_XehlZ9OSPhpc_DjlgvFxumSnfWrwjcHEG57jn_-985m5KM4FqcwvLfMDf4rmvcrPtpz0hRLQV_VA9B_joF4L_gJs6WqR_bc6hOGFPRd_2ajzeng2VlG07DaS-ypSQfRNFVdcdifwRKJL0VWJk56tQLYpKijSQK4hiUUMWleo44_P3e2VbgeEHrx41i4kSp_okZ3dZ1gS82iYH5LwE58gzj-ZIyL1hI7MPbhiHakuOYwKcFhz4ZD8kiYiXsJWXMeO2fgXrm8nv-DHKZOdLiCose8qYOyqq3K1AqFtQWFsBay0gxK6C-NhhT77Rc-P_88-8mb2ZWJgi8ZG-TZ1Uu1cfXAx07l8L2fsgJG40s8Q2YwWbFMByXmO44CcxrhYcxOD-qmoW8KRR-d_vobGH4-lLUHq3ln41kj_9FXxDpALkbufNv85SmtofLAdypPSRfwaEaWDN8ghIkQYPRUzPy2JMqsF6Ey775mwjFpKn1PAaSKMuo4c0hMdvKj-C5Pe7ArMh0eQ8eAJdPnXntwh0JeO9nu4lIXP6y7Kfrsu4FpnEHBM_3zjf0a-DhSajxOS5muKu3Y1Jl16S0L5XmVAbVTQAvYt2aKAS8q53y3_Cd1Z7RjIFaVxKMGVLo9lgxG7ogTNhMDcwpkiSsEpyFnCNK5nCNpMo6UWCKrm95i6mYb3QB_if0GsGUQ71UJ6S3k4ZqEn28IWRlpxGTeNCkwruiRc_vsHgqF5TnvyuWPKSE3P6dsQzfMTQh2_0i2nXXKPegOthy96_M5biQvkSm1B7cvwtYFF2o4sk1Ie1ENclzXGexlvLHsRtILLwvds1Ck97qpANyqUofMlI2K2735l30Yggkzh8_ELhl77HXg8ZDlQjkGsRPrNnBUYg11zl8iK2IExVIitjrSDbUulFWNMJOZ658M9Z-vvYi1D10yg83Hc5-53LNMJVljX4yrhym2VbqgmBAOJcFAJ-xKdtgVCqlYyKodRzpCV39VUprkjbQBcWP-5KX2NY-hCZsX9NYgIJ1U8JCURcB3Z5l-r4T9BvMm0eqUn-onMmeOvYiq-fsWGJUEKXZ8dkpAh5FD-gWTa57Poqd0mG0UwQcZ-PlQQhPb0Kv0alqQJ0lBoTviIlHthY6Ygiwi5bP-1SlTbE701hGzFyVnWIp03U1D6TDuSuSLRiPBb0LgMnKUBzJxDhVWc50noHD5_V3rd5coTdtH6J9qbDGDiGYSMeLyXf8CH-O2GYcTwxlg0q_nLBEn-YuLkuNQLWQx0hIk-7HVcXPL-agI5SyBB8gc21BAGHNi7Dz7HmGXLdvwiDy8paY_RJ59i3_z-6jv6qfvAe6-ifEzHef9vraviZrzsAcPh75QcBCd6nWjH6NpU-Ds3YaD2Et5Vi4C1KwnRLsaX8OxiCdp6G615IJc5DilmS2Ixrf4Hp1QNdfsHH-oTWybP8uUnLOEgxVjUHUaGbIwSz8fB2vGCiBoZJHpFz2xHde8K65hzdoge-lYZgs416WGQ6WLjRCZlNSM9e8-psbAac1GrekxM6UBBjzG3X5JjAPkP6z8I9BnweL47rC_K0NfcuXBDARRyki2HHqsHY3-raMEjUTKPz6rRzpLbD8ZisbuO5lmcikXS73E5WtGqOErd3l6Ce8Pc1l3wxkY0cMG9T-LMMJ6KxtdbUa9rArIEi_pbQFni1mZ69yN8eU4MB1sx0ZDhfutUjq5cYisR84KB3QhAR-dF4Xjkt8qt0O9XT1ODTrtVvJmfJ--K9bGsKcl8pCCGjWTcvSLE0LZAQzjUc_Nf2lwbtr9l1NxcfRLMPfNDcRCvENR9DL0pjGfM_Q1ro26wc0uS0cJiRfe4wDNoz3mAy-rrRB3w7CkHZ4FUiHbylKIH4YyEbPQir2sDlSuws_UjnOA_UWxP9kHsbNJuDFFc6upfgzBeX7tStzSPndecwqkiO7Ayce58mW3sK51sv95JhHxPfYKlzYXs4p8raVGWRo8nNd_46YUIYPibAy0x6alDH-I42cArz8y-VX3z2GmPXEZAjsBFs3piGRXEgj6NbITqNn3cibDdwES5yrIRrgkGzRMXvVmGc_aiSia4CevUfDwm1wVyAju2Dn1gzzV_rSBS9m6nMcdxVtRGIARJF6ZSu2H6l31vDwdd9--7FfSPzV1zrakH0654MY9tZ09XChO16DU1T_oGeTX-wMwWv-ReJPVmAZZVeYWqpqswgF4jhch0i-2qATAoYDFXO55oTetrGnPrRL_6lZGgGnnoHtAnu2mPdvOxT8Eq8huI1MbACUW2PHRdehOa0UhNM1r9aMzm51HXlBBqEKe_DwLq2GZJ5yEMVnlrtkkR92wlmJaqfCHH3piDgnIpV-1_JxaV3Yy6abyhEClSdgawkQcoO8_lBp-B-ilKDldHWPMeyqvSeJxB6UdHMgPn39eACluM-VeNMSTFy6nGFb1FDn5Gye8U6E19ZQr-vCEWS27q_Ime_pEppGmMlLZQjKeS_0w-pcX2Ff776a4M8ivkpWgyBuvmYFgVnA3GlS7GCcjiAAe0reNgO7dhJT8JS8EtsuQirAoKdnutUrbQRjBDdUKf6ox2duuDhirSgTZn9rMz&cid=CAASJeRorQtp0SavqwEd3dNv5srfJDv8ddVEbRW-uXXqi7u2AhdpgEU&rfl=1%2Chttps%253A%252F%252Fwww.bg3.co%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f148.1e100.net
Software
sffe /
Resource Hash
1436a0a1c6a1129bbe815f0f17e403a1ccdb6017fde89933ae1e676fac48edf8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://a011a39eb7575a461d98b9823b03d532.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 02:17:07 GMT
x-content-type-options
nosniff
age
21967
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113894
x-xss-protection
0
last-modified
Tue, 09 Aug 2022 04:51:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 10 Sep 2023 02:17:07 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220907/r20110914/elements/html/ Frame ED5D 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220907/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A8evtrw_ERKHddzZOLN7vJ3Nd3pdVpHM2fyS0D8-RzrnB24-DcdaixrtvxzGCHSEmLPyxoZiQhCBZxDFp6XY0nXsEFjQ&cry=1&dbm_d=AKAmf-DWG7wfscyRYEDLKjNV7A3u0IExRijEgpo92zX0xNKJdKYcKtpDWkUTTc--oqu3ul5HKES9REbpJBEARjrsOLOB9V8vm6i8i4I6oiCLAN2L4uoG6_t8JPQxYj8Je95jeqmarqZDQtM7XCvj0EnmAQnjLQvi8oxDMjZ8EUI1Ts7E3qVL8wpT77ENBhk6SbUStzhoHU8hi_GyDpp9_CIoApXJhW10KCns7WGhsUcCdGS3hZLVr0yrXOoRE9OOseXoNIw4bmSB0Vss-aex1gbHBcpCL0vGNLvZKzGm5Oxm7w1jD_-gURoji8CBxMHnl7ZQSH3C-8dbsABlEGDKPXQisBt6aXeMrPSO72Zqs1MXcP1KFZ8v6ENF446KD3AijZdcCXFDEp3dxuDAB5AvQOLutr01N7Z_PqXWI1OcKk6bV5o4v3QoQZWnDADhB6BkMuFy6gbd1ZUJyMHbsvv3yomSUskFKgNmagIvUOJJxlBqck8rIhtKcBMWn8GHB0C3TD6QmL4S5iwCVaBOuymhIz_rDgw4EaFtiDr2AWWq9h5yLdGqf-pkusJ5et-cboneBLJ4EYHuoYuBqTYGCCrLDITC7PHiyVNW9gkYnpxbdQNhZpjvL998CWKhGvLzG2739jbJPWiKgC5pS0zuPuJpxvVbZnEdSFpP3wucIajRneNj0CuH67ySxrRyKyfYSFo11JyzAnsz52l6illa9nIFop_bSvkrMwmSTwFrJOXapvRMmDbx6McIdyj22kX-HTV8jfoCGvKSkzqS2vYjQw4I7T1JHbTmNAuskjLTJ3wIe_A_XehlZ9OSPhpc_DjlgvFxumSnfWrwjcHEG57jn_-985m5KM4FqcwvLfMDf4rmvcrPtpz0hRLQV_VA9B_joF4L_gJs6WqR_bc6hOGFPRd_2ajzeng2VlG07DaS-ypSQfRNFVdcdifwRKJL0VWJk56tQLYpKijSQK4hiUUMWleo44_P3e2VbgeEHrx41i4kSp_okZ3dZ1gS82iYH5LwE58gzj-ZIyL1hI7MPbhiHakuOYwKcFhz4ZD8kiYiXsJWXMeO2fgXrm8nv-DHKZOdLiCose8qYOyqq3K1AqFtQWFsBay0gxK6C-NhhT77Rc-P_88-8mb2ZWJgi8ZG-TZ1Uu1cfXAx07l8L2fsgJG40s8Q2YwWbFMByXmO44CcxrhYcxOD-qmoW8KRR-d_vobGH4-lLUHq3ln41kj_9FXxDpALkbufNv85SmtofLAdypPSRfwaEaWDN8ghIkQYPRUzPy2JMqsF6Ey775mwjFpKn1PAaSKMuo4c0hMdvKj-C5Pe7ArMh0eQ8eAJdPnXntwh0JeO9nu4lIXP6y7Kfrsu4FpnEHBM_3zjf0a-DhSajxOS5muKu3Y1Jl16S0L5XmVAbVTQAvYt2aKAS8q53y3_Cd1Z7RjIFaVxKMGVLo9lgxG7ogTNhMDcwpkiSsEpyFnCNK5nCNpMo6UWCKrm95i6mYb3QB_if0GsGUQ71UJ6S3k4ZqEn28IWRlpxGTeNCkwruiRc_vsHgqF5TnvyuWPKSE3P6dsQzfMTQh2_0i2nXXKPegOthy96_M5biQvkSm1B7cvwtYFF2o4sk1Ie1ENclzXGexlvLHsRtILLwvds1Ck97qpANyqUofMlI2K2735l30Yggkzh8_ELhl77HXg8ZDlQjkGsRPrNnBUYg11zl8iK2IExVIitjrSDbUulFWNMJOZ658M9Z-vvYi1D10yg83Hc5-53LNMJVljX4yrhym2VbqgmBAOJcFAJ-xKdtgVCqlYyKodRzpCV39VUprkjbQBcWP-5KX2NY-hCZsX9NYgIJ1U8JCURcB3Z5l-r4T9BvMm0eqUn-onMmeOvYiq-fsWGJUEKXZ8dkpAh5FD-gWTa57Poqd0mG0UwQcZ-PlQQhPb0Kv0alqQJ0lBoTviIlHthY6Ygiwi5bP-1SlTbE701hGzFyVnWIp03U1D6TDuSuSLRiPBb0LgMnKUBzJxDhVWc50noHD5_V3rd5coTdtH6J9qbDGDiGYSMeLyXf8CH-O2GYcTwxlg0q_nLBEn-YuLkuNQLWQx0hIk-7HVcXPL-agI5SyBB8gc21BAGHNi7Dz7HmGXLdvwiDy8paY_RJ59i3_z-6jv6qfvAe6-ifEzHef9vraviZrzsAcPh75QcBCd6nWjH6NpU-Ds3YaD2Et5Vi4C1KwnRLsaX8OxiCdp6G615IJc5DilmS2Ixrf4Hp1QNdfsHH-oTWybP8uUnLOEgxVjUHUaGbIwSz8fB2vGCiBoZJHpFz2xHde8K65hzdoge-lYZgs416WGQ6WLjRCZlNSM9e8-psbAac1GrekxM6UBBjzG3X5JjAPkP6z8I9BnweL47rC_K0NfcuXBDARRyki2HHqsHY3-raMEjUTKPz6rRzpLbD8ZisbuO5lmcikXS73E5WtGqOErd3l6Ce8Pc1l3wxkY0cMG9T-LMMJ6KxtdbUa9rArIEi_pbQFni1mZ69yN8eU4MB1sx0ZDhfutUjq5cYisR84KB3QhAR-dF4Xjkt8qt0O9XT1ODTrtVvJmfJ--K9bGsKcl8pCCGjWTcvSLE0LZAQzjUc_Nf2lwbtr9l1NxcfRLMPfNDcRCvENR9DL0pjGfM_Q1ro26wc0uS0cJiRfe4wDNoz3mAy-rrRB3w7CkHZ4FUiHbylKIH4YyEbPQir2sDlSuws_UjnOA_UWxP9kHsbNJuDFFc6upfgzBeX7tStzSPndecwqkiO7Ayce58mW3sK51sv95JhHxPfYKlzYXs4p8raVGWRo8nNd_46YUIYPibAy0x6alDH-I42cArz8y-VX3z2GmPXEZAjsBFs3piGRXEgj6NbITqNn3cibDdwES5yrIRrgkGzRMXvVmGc_aiSia4CevUfDwm1wVyAju2Dn1gzzV_rSBS9m6nMcdxVtRGIARJF6ZSu2H6l31vDwdd9--7FfSPzV1zrakH0654MY9tZ09XChO16DU1T_oGeTX-wMwWv-ReJPVmAZZVeYWqpqswgF4jhch0i-2qATAoYDFXO55oTetrGnPrRL_6lZGgGnnoHtAnu2mPdvOxT8Eq8huI1MbACUW2PHRdehOa0UhNM1r9aMzm51HXlBBqEKe_DwLq2GZJ5yEMVnlrtkkR92wlmJaqfCHH3piDgnIpV-1_JxaV3Yy6abyhEClSdgawkQcoO8_lBp-B-ilKDldHWPMeyqvSeJxB6UdHMgPn39eACluM-VeNMSTFy6nGFb1FDn5Gye8U6E19ZQr-vCEWS27q_Ime_pEppGmMlLZQjKeS_0w-pcX2Ff776a4M8ivkpWgyBuvmYFgVnA3GlS7GCcjiAAe0reNgO7dhJT8JS8EtsuQirAoKdnutUrbQRjBDdUKf6ox2duuDhirSgTZn9rMz&cid=CAASJeRorQtp0SavqwEd3dNv5srfJDv8ddVEbRW-uXXqi7u2AhdpgEU&rfl=1%2Chttps%253A%252F%252Fwww.bg3.co%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://a011a39eb7575a461d98b9823b03d532.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 07:59:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1407
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3181
x-xss-protection
0
server
cafe
etag
10699485926258732851
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 24 Sep 2022 07:59:47 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame ED5D 		0
64 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstfswapFYuvFfLjMk9IBndh15vu_wb1n_FvUanBJR-tNBjUS13DaMMdbPYb7gnbJRmBCdLPNhOwC-wdE3Nm2KGeq2F6QL1NCiJXK3YzA6jwJrNGKixrSjhd4FMdjjLjUD7LKn_WmqeBUvZqjCrphRWa-1okTAqhCNZGDeGJeWMXixe7X9TZy0XXRCjcP7rOoLk3fZ6e7uvazfvS4XaOMwBrFvpp_r2NLEGutqNZHFd5ka3AWHtmK-jCmo3xsqJum-yYfPpPNenIMhkO9wZAHsOp2WA_xWYy8t7-cfAVulGC2xbnei2IFkdlR0stKxoH56YIC71J71HJcSCHt9I9ZuqcvWHjT_H2ZIg_d009ujCOUi-v2j-nzIGUnGZ7ozpuALTmGq142y642Ubuo3JJ5rY9t2a7epBnleCMI9rhpi30tUD_zrUAO0Pcu6Yj3iukK6IOnkeYWhdhaEwfb0Bvakch62NmEpahqKIKdGEk71R_PTmsc4cECRIDsv8o27ez6QoqtDKVibs6l9I-xGM0rr6HUXIjKsepGmouZTLFceip2-NihupslqdiD-a_BIKSPJkVepgZ9TkWfMtUwm3KolpwSHpstdI1FYz_vZAZ7TBXYmRtAY3GUXOuLg8ad5GrODgugEEjY6God54GWX_fAoHyvIzsurkQkG1RRBmshll2grSUt_YE4i0I9OzVUTW2Dnu_JRioYZadV7QKM3mmXCFo8Shmt95twSzkkW3mN1CrE_xGcI4FvmOK6qaCx_1pCCeTXsUIpWaACDiSbYEdaR7l93VOtKUqR9ArN6XzL-gNA_XrikgyGD3xvjeecZbh9ILBlZrg3nus0XgDYInxKJpPJeGgD1ClPhQ1BC0WsjjN7QxaE4viYYEgGUjujQ40DxeYkmyibzN4B3ZF-RE3fymd3YdqychuJZ8F_yMOQVV65Hh4BJs2Dgije4hJi9JrHvrvidD5JRROR61MmOYpoD_FB2X6JAjSQsbQrGirIq-nciynI2V19SES-UXbySGgvP-uEbd46csGX2FpkE5mdZ6i6d19rL37Flxsea0_wd8JeQAlbE66vWtrwvwDJxUroYb3wteRvSJ7lkSlqXHwi1B8LPwsxcLwdxlk6SknTq2pm9-3pHY7K-dA-w1yHReXholDGNIYVsY7RWjzPxRYmjxnlFaKOmfuOvPFCFA3pUG_l7xV10JPKmLjCzdHv3U0IUze_zH7_w&sai=AMfl-YSEP_T6iAlX1N8ymUBBAOHoU48-V9CeTBADx8gVguAyaW67_A0TB386As-ahkBadsV1yIOXn4ATU820I0qraACFYFOmGJ-q1FEoUTZHO1AvrRKBudk7QlGeYJ-y9MTiT2HPk9an3BpPb7FRLPMRJ_Y1ZhT7XxDItGbUHTaUFdTDi8v8DXQ3TFsNZAnhyjFb9dG_jYT_JNvDUuyyNdMXmHi52Dk&sig=Cg0ArKJSzKLHKVycZw0eEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20220907.18257&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A8evtrw_ERKHddzZOLN7vJ3Nd3pdVpHM2fyS0D8-RzrnB24-DcdaixrtvxzGCHSEmLPyxoZiQhCBZxDFp6XY0nXsEFjQ&cry=1&dbm_d=AKAmf-DWG7wfscyRYEDLKjNV7A3u0IExRijEgpo92zX0xNKJdKYcKtpDWkUTTc--oqu3ul5HKES9REbpJBEARjrsOLOB9V8vm6i8i4I6oiCLAN2L4uoG6_t8JPQxYj8Je95jeqmarqZDQtM7XCvj0EnmAQnjLQvi8oxDMjZ8EUI1Ts7E3qVL8wpT77ENBhk6SbUStzhoHU8hi_GyDpp9_CIoApXJhW10KCns7WGhsUcCdGS3hZLVr0yrXOoRE9OOseXoNIw4bmSB0Vss-aex1gbHBcpCL0vGNLvZKzGm5Oxm7w1jD_-gURoji8CBxMHnl7ZQSH3C-8dbsABlEGDKPXQisBt6aXeMrPSO72Zqs1MXcP1KFZ8v6ENF446KD3AijZdcCXFDEp3dxuDAB5AvQOLutr01N7Z_PqXWI1OcKk6bV5o4v3QoQZWnDADhB6BkMuFy6gbd1ZUJyMHbsvv3yomSUskFKgNmagIvUOJJxlBqck8rIhtKcBMWn8GHB0C3TD6QmL4S5iwCVaBOuymhIz_rDgw4EaFtiDr2AWWq9h5yLdGqf-pkusJ5et-cboneBLJ4EYHuoYuBqTYGCCrLDITC7PHiyVNW9gkYnpxbdQNhZpjvL998CWKhGvLzG2739jbJPWiKgC5pS0zuPuJpxvVbZnEdSFpP3wucIajRneNj0CuH67ySxrRyKyfYSFo11JyzAnsz52l6illa9nIFop_bSvkrMwmSTwFrJOXapvRMmDbx6McIdyj22kX-HTV8jfoCGvKSkzqS2vYjQw4I7T1JHbTmNAuskjLTJ3wIe_A_XehlZ9OSPhpc_DjlgvFxumSnfWrwjcHEG57jn_-985m5KM4FqcwvLfMDf4rmvcrPtpz0hRLQV_VA9B_joF4L_gJs6WqR_bc6hOGFPRd_2ajzeng2VlG07DaS-ypSQfRNFVdcdifwRKJL0VWJk56tQLYpKijSQK4hiUUMWleo44_P3e2VbgeEHrx41i4kSp_okZ3dZ1gS82iYH5LwE58gzj-ZIyL1hI7MPbhiHakuOYwKcFhz4ZD8kiYiXsJWXMeO2fgXrm8nv-DHKZOdLiCose8qYOyqq3K1AqFtQWFsBay0gxK6C-NhhT77Rc-P_88-8mb2ZWJgi8ZG-TZ1Uu1cfXAx07l8L2fsgJG40s8Q2YwWbFMByXmO44CcxrhYcxOD-qmoW8KRR-d_vobGH4-lLUHq3ln41kj_9FXxDpALkbufNv85SmtofLAdypPSRfwaEaWDN8ghIkQYPRUzPy2JMqsF6Ey775mwjFpKn1PAaSKMuo4c0hMdvKj-C5Pe7ArMh0eQ8eAJdPnXntwh0JeO9nu4lIXP6y7Kfrsu4FpnEHBM_3zjf0a-DhSajxOS5muKu3Y1Jl16S0L5XmVAbVTQAvYt2aKAS8q53y3_Cd1Z7RjIFaVxKMGVLo9lgxG7ogTNhMDcwpkiSsEpyFnCNK5nCNpMo6UWCKrm95i6mYb3QB_if0GsGUQ71UJ6S3k4ZqEn28IWRlpxGTeNCkwruiRc_vsHgqF5TnvyuWPKSE3P6dsQzfMTQh2_0i2nXXKPegOthy96_M5biQvkSm1B7cvwtYFF2o4sk1Ie1ENclzXGexlvLHsRtILLwvds1Ck97qpANyqUofMlI2K2735l30Yggkzh8_ELhl77HXg8ZDlQjkGsRPrNnBUYg11zl8iK2IExVIitjrSDbUulFWNMJOZ658M9Z-vvYi1D10yg83Hc5-53LNMJVljX4yrhym2VbqgmBAOJcFAJ-xKdtgVCqlYyKodRzpCV39VUprkjbQBcWP-5KX2NY-hCZsX9NYgIJ1U8JCURcB3Z5l-r4T9BvMm0eqUn-onMmeOvYiq-fsWGJUEKXZ8dkpAh5FD-gWTa57Poqd0mG0UwQcZ-PlQQhPb0Kv0alqQJ0lBoTviIlHthY6Ygiwi5bP-1SlTbE701hGzFyVnWIp03U1D6TDuSuSLRiPBb0LgMnKUBzJxDhVWc50noHD5_V3rd5coTdtH6J9qbDGDiGYSMeLyXf8CH-O2GYcTwxlg0q_nLBEn-YuLkuNQLWQx0hIk-7HVcXPL-agI5SyBB8gc21BAGHNi7Dz7HmGXLdvwiDy8paY_RJ59i3_z-6jv6qfvAe6-ifEzHef9vraviZrzsAcPh75QcBCd6nWjH6NpU-Ds3YaD2Et5Vi4C1KwnRLsaX8OxiCdp6G615IJc5DilmS2Ixrf4Hp1QNdfsHH-oTWybP8uUnLOEgxVjUHUaGbIwSz8fB2vGCiBoZJHpFz2xHde8K65hzdoge-lYZgs416WGQ6WLjRCZlNSM9e8-psbAac1GrekxM6UBBjzG3X5JjAPkP6z8I9BnweL47rC_K0NfcuXBDARRyki2HHqsHY3-raMEjUTKPz6rRzpLbD8ZisbuO5lmcikXS73E5WtGqOErd3l6Ce8Pc1l3wxkY0cMG9T-LMMJ6KxtdbUa9rArIEi_pbQFni1mZ69yN8eU4MB1sx0ZDhfutUjq5cYisR84KB3QhAR-dF4Xjkt8qt0O9XT1ODTrtVvJmfJ--K9bGsKcl8pCCGjWTcvSLE0LZAQzjUc_Nf2lwbtr9l1NxcfRLMPfNDcRCvENR9DL0pjGfM_Q1ro26wc0uS0cJiRfe4wDNoz3mAy-rrRB3w7CkHZ4FUiHbylKIH4YyEbPQir2sDlSuws_UjnOA_UWxP9kHsbNJuDFFc6upfgzBeX7tStzSPndecwqkiO7Ayce58mW3sK51sv95JhHxPfYKlzYXs4p8raVGWRo8nNd_46YUIYPibAy0x6alDH-I42cArz8y-VX3z2GmPXEZAjsBFs3piGRXEgj6NbITqNn3cibDdwES5yrIRrgkGzRMXvVmGc_aiSia4CevUfDwm1wVyAju2Dn1gzzV_rSBS9m6nMcdxVtRGIARJF6ZSu2H6l31vDwdd9--7FfSPzV1zrakH0654MY9tZ09XChO16DU1T_oGeTX-wMwWv-ReJPVmAZZVeYWqpqswgF4jhch0i-2qATAoYDFXO55oTetrGnPrRL_6lZGgGnnoHtAnu2mPdvOxT8Eq8huI1MbACUW2PHRdehOa0UhNM1r9aMzm51HXlBBqEKe_DwLq2GZJ5yEMVnlrtkkR92wlmJaqfCHH3piDgnIpV-1_JxaV3Yy6abyhEClSdgawkQcoO8_lBp-B-ilKDldHWPMeyqvSeJxB6UdHMgPn39eACluM-VeNMSTFy6nGFb1FDn5Gye8U6E19ZQr-vCEWS27q_Ime_pEppGmMlLZQjKeS_0w-pcX2Ff776a4M8ivkpWgyBuvmYFgVnA3GlS7GCcjiAAe0reNgO7dhJT8JS8EtsuQirAoKdnutUrbQRjBDdUKf6ox2duuDhirSgTZn9rMz&cid=CAASJeRorQtp0SavqwEd3dNv5srfJDv8ddVEbRW-uXXqi7u2AhdpgEU&rfl=1%2Chttps%253A%252F%252Fwww.bg3.co%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://a011a39eb7575a461d98b9823b03d532.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Sat, 10 Sep 2022 08:23:14 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame ED5D 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A8evtrw_ERKHddzZOLN7vJ3Nd3pdVpHM2fyS0D8-RzrnB24-DcdaixrtvxzGCHSEmLPyxoZiQhCBZxDFp6XY0nXsEFjQ&cry=1&dbm_d=AKAmf-DWG7wfscyRYEDLKjNV7A3u0IExRijEgpo92zX0xNKJdKYcKtpDWkUTTc--oqu3ul5HKES9REbpJBEARjrsOLOB9V8vm6i8i4I6oiCLAN2L4uoG6_t8JPQxYj8Je95jeqmarqZDQtM7XCvj0EnmAQnjLQvi8oxDMjZ8EUI1Ts7E3qVL8wpT77ENBhk6SbUStzhoHU8hi_GyDpp9_CIoApXJhW10KCns7WGhsUcCdGS3hZLVr0yrXOoRE9OOseXoNIw4bmSB0Vss-aex1gbHBcpCL0vGNLvZKzGm5Oxm7w1jD_-gURoji8CBxMHnl7ZQSH3C-8dbsABlEGDKPXQisBt6aXeMrPSO72Zqs1MXcP1KFZ8v6ENF446KD3AijZdcCXFDEp3dxuDAB5AvQOLutr01N7Z_PqXWI1OcKk6bV5o4v3QoQZWnDADhB6BkMuFy6gbd1ZUJyMHbsvv3yomSUskFKgNmagIvUOJJxlBqck8rIhtKcBMWn8GHB0C3TD6QmL4S5iwCVaBOuymhIz_rDgw4EaFtiDr2AWWq9h5yLdGqf-pkusJ5et-cboneBLJ4EYHuoYuBqTYGCCrLDITC7PHiyVNW9gkYnpxbdQNhZpjvL998CWKhGvLzG2739jbJPWiKgC5pS0zuPuJpxvVbZnEdSFpP3wucIajRneNj0CuH67ySxrRyKyfYSFo11JyzAnsz52l6illa9nIFop_bSvkrMwmSTwFrJOXapvRMmDbx6McIdyj22kX-HTV8jfoCGvKSkzqS2vYjQw4I7T1JHbTmNAuskjLTJ3wIe_A_XehlZ9OSPhpc_DjlgvFxumSnfWrwjcHEG57jn_-985m5KM4FqcwvLfMDf4rmvcrPtpz0hRLQV_VA9B_joF4L_gJs6WqR_bc6hOGFPRd_2ajzeng2VlG07DaS-ypSQfRNFVdcdifwRKJL0VWJk56tQLYpKijSQK4hiUUMWleo44_P3e2VbgeEHrx41i4kSp_okZ3dZ1gS82iYH5LwE58gzj-ZIyL1hI7MPbhiHakuOYwKcFhz4ZD8kiYiXsJWXMeO2fgXrm8nv-DHKZOdLiCose8qYOyqq3K1AqFtQWFsBay0gxK6C-NhhT77Rc-P_88-8mb2ZWJgi8ZG-TZ1Uu1cfXAx07l8L2fsgJG40s8Q2YwWbFMByXmO44CcxrhYcxOD-qmoW8KRR-d_vobGH4-lLUHq3ln41kj_9FXxDpALkbufNv85SmtofLAdypPSRfwaEaWDN8ghIkQYPRUzPy2JMqsF6Ey775mwjFpKn1PAaSKMuo4c0hMdvKj-C5Pe7ArMh0eQ8eAJdPnXntwh0JeO9nu4lIXP6y7Kfrsu4FpnEHBM_3zjf0a-DhSajxOS5muKu3Y1Jl16S0L5XmVAbVTQAvYt2aKAS8q53y3_Cd1Z7RjIFaVxKMGVLo9lgxG7ogTNhMDcwpkiSsEpyFnCNK5nCNpMo6UWCKrm95i6mYb3QB_if0GsGUQ71UJ6S3k4ZqEn28IWRlpxGTeNCkwruiRc_vsHgqF5TnvyuWPKSE3P6dsQzfMTQh2_0i2nXXKPegOthy96_M5biQvkSm1B7cvwtYFF2o4sk1Ie1ENclzXGexlvLHsRtILLwvds1Ck97qpANyqUofMlI2K2735l30Yggkzh8_ELhl77HXg8ZDlQjkGsRPrNnBUYg11zl8iK2IExVIitjrSDbUulFWNMJOZ658M9Z-vvYi1D10yg83Hc5-53LNMJVljX4yrhym2VbqgmBAOJcFAJ-xKdtgVCqlYyKodRzpCV39VUprkjbQBcWP-5KX2NY-hCZsX9NYgIJ1U8JCURcB3Z5l-r4T9BvMm0eqUn-onMmeOvYiq-fsWGJUEKXZ8dkpAh5FD-gWTa57Poqd0mG0UwQcZ-PlQQhPb0Kv0alqQJ0lBoTviIlHthY6Ygiwi5bP-1SlTbE701hGzFyVnWIp03U1D6TDuSuSLRiPBb0LgMnKUBzJxDhVWc50noHD5_V3rd5coTdtH6J9qbDGDiGYSMeLyXf8CH-O2GYcTwxlg0q_nLBEn-YuLkuNQLWQx0hIk-7HVcXPL-agI5SyBB8gc21BAGHNi7Dz7HmGXLdvwiDy8paY_RJ59i3_z-6jv6qfvAe6-ifEzHef9vraviZrzsAcPh75QcBCd6nWjH6NpU-Ds3YaD2Et5Vi4C1KwnRLsaX8OxiCdp6G615IJc5DilmS2Ixrf4Hp1QNdfsHH-oTWybP8uUnLOEgxVjUHUaGbIwSz8fB2vGCiBoZJHpFz2xHde8K65hzdoge-lYZgs416WGQ6WLjRCZlNSM9e8-psbAac1GrekxM6UBBjzG3X5JjAPkP6z8I9BnweL47rC_K0NfcuXBDARRyki2HHqsHY3-raMEjUTKPz6rRzpLbD8ZisbuO5lmcikXS73E5WtGqOErd3l6Ce8Pc1l3wxkY0cMG9T-LMMJ6KxtdbUa9rArIEi_pbQFni1mZ69yN8eU4MB1sx0ZDhfutUjq5cYisR84KB3QhAR-dF4Xjkt8qt0O9XT1ODTrtVvJmfJ--K9bGsKcl8pCCGjWTcvSLE0LZAQzjUc_Nf2lwbtr9l1NxcfRLMPfNDcRCvENR9DL0pjGfM_Q1ro26wc0uS0cJiRfe4wDNoz3mAy-rrRB3w7CkHZ4FUiHbylKIH4YyEbPQir2sDlSuws_UjnOA_UWxP9kHsbNJuDFFc6upfgzBeX7tStzSPndecwqkiO7Ayce58mW3sK51sv95JhHxPfYKlzYXs4p8raVGWRo8nNd_46YUIYPibAy0x6alDH-I42cArz8y-VX3z2GmPXEZAjsBFs3piGRXEgj6NbITqNn3cibDdwES5yrIRrgkGzRMXvVmGc_aiSia4CevUfDwm1wVyAju2Dn1gzzV_rSBS9m6nMcdxVtRGIARJF6ZSu2H6l31vDwdd9--7FfSPzV1zrakH0654MY9tZ09XChO16DU1T_oGeTX-wMwWv-ReJPVmAZZVeYWqpqswgF4jhch0i-2qATAoYDFXO55oTetrGnPrRL_6lZGgGnnoHtAnu2mPdvOxT8Eq8huI1MbACUW2PHRdehOa0UhNM1r9aMzm51HXlBBqEKe_DwLq2GZJ5yEMVnlrtkkR92wlmJaqfCHH3piDgnIpV-1_JxaV3Yy6abyhEClSdgawkQcoO8_lBp-B-ilKDldHWPMeyqvSeJxB6UdHMgPn39eACluM-VeNMSTFy6nGFb1FDn5Gye8U6E19ZQr-vCEWS27q_Ime_pEppGmMlLZQjKeS_0w-pcX2Ff776a4M8ivkpWgyBuvmYFgVnA3GlS7GCcjiAAe0reNgO7dhJT8JS8EtsuQirAoKdnutUrbQRjBDdUKf6ox2duuDhirSgTZn9rMz&cid=CAASJeRorQtp0SavqwEd3dNv5srfJDv8ddVEbRW-uXXqi7u2AhdpgEU&rfl=1%2Chttps%253A%252F%252Fwww.bg3.co%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f132.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://a011a39eb7575a461d98b9823b03d532.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 13:40:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
153739
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 08 Sep 2023 13:40:55 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame D98A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022090601&jk=4041126369643702&bg=!MTKlMnbNAAZTikH4c4o7ACkAdvg8Wk7WJFvScSWt06HswoVGT3F0iemn6IdYbOzynMTE4-DF8xzQkAIAAACOUgAAAAJoAQcKAG5EWldsw6fmfhDxxJnB2dKQvcBOw-sfKuro-4-HSL67eJN9t3tWv4VxIue7rGhZ4KEY8ypWFc5R7dkXsEHWokatfB0Y3-LeuAnEcQgLDUQgyutxj9L0zz8aZDhKFl8V1MK4j5avzG8mXSYnnQC0FpkCtzVjDfl2LyBHHbmzGpm2phTerjSqBCSK9DU5_4DsK9NNpkkJ4ifsbW0KH34VQupQtHTAScyCccPYt-bRzvirvq7jgafoP1lNhBv9ZT7O6VFPGEAI1Yff6f87cF1bJazyPigXL7p0gvLBd7IZmF8BRSzjbZ57SCXhSFgcicuooW6eBDgtEnVD9Hypsgk0IZSVb-YpuMATVAwJvVYwosj_xWkS-rfYM70z5F58jbj1EhpSfNVWrKa6ljDWLUaKH_Oifr8X2ers33XfDbA-dX9FXf8eu0T7v6wjuHRT1TP4M5c86QdehZ5-hRAe-9yhxz61PqFHC_OPG2UoR9m62beu3vvehNG1KAhvtjKbB_N6r0oZ5M_eWs6qW3Oib83Q-7JHUGu9I7FhzuJt3zNO8EO3gOhPqNWVbd2ChFtwjGjTw0vBtq9GP_OvVgJCvDqBl0UyAZ9ACyLGZpjWeS_ln9vCICadWtcw0NUcf6ML-Qjaf5LNF7EIHya8pg9E3We5h05Vgb8Mdz_T6vAsG7K3FP5cG1nhzOBlZClyGsWUdzxGtNKNRdlUVhTc4rYekAC86NXosYKdOz9zrV9vcA8Pty4KmgrtgsIayLXo7kECxqbHDEdyfV4owXaonLLNghh6J2HXTx4m3cH4_qb8yvHvGaxpLnoRXnVrfRwS7uLPFLDZGXbPOnfx4iUVhrOPkc2ty-CP95GhCZFjU1XuQXoHc_IgCCAtK8cl5S_ZLo72bkQDN3mOwobaxuVHT6AqTFbfXQAu4k6r0o410hxxZsiXeQsBdx6s2G65pyVWmQk_lncbu7AXUqvrkWSMARt3E82gsEwxS6d-k0rQI5xYXEOXsKiYZj5EZB2tguyWlq3zIWdwy6ZtGGfSDN4-iLerJZ1vboQZYyrFdxNhjmDcSqpRun92Nh58ngNnv73M
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qi-mei-yin-le-jie-ling-hun-de-yin-hen-gan-shou-lang-man-le-pai-de-feng-pei-qing-gan.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 7ADC 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022090601&jk=1799735398145126&bg=!Z2SlZCDNAAZTikH4c4o7ACkAdvg8Wiz5pRM-QSEJ0UnHMY9LwFSEOf8wjZTdvpamYGjiHpKxbhiMzwIAAACMUgAAAAFoAQcKAG3TaziGZRRKd-hNV-KKjWjuQAprefjngJpL2Om-qZ2TMgKH6A2Dg4OSbp7KKWLxuaOkHyHy1jKABC27VESpkv0Sn0H1eciNL3GBDo-IxgSvSZAkmiLVDcE7zFtEjQiw3y9I_iCiBKQCPHZbACEPmQKt7_Z2KDufYqBWHPhrfYo9WWBhqNAE0Y4kxivIHEQeY-1C2K-deg5Xnd1XkXJjAdhEMoDRUounOnG2-SjG8t-SfYTpI_th8M09hqYQ2cddOg6MtKtwc1-MepJhvoGIvkybAgDXyvVLBSYDUDWA6-UnTESOnIYNWBV9ZTrHkvmG85CCM2-sYb6i0dBoWPhAa_s7ZghTGNyToxR8MNyfniUmDFuRIfnShD-6pvuCJ8vD9-MfCfhEKVDNNzBnhqdA50eUAp40L9U_u1ul_W7Qj3cCf-RHFVb4RabfrG2OuBmtvYAN7QwgTS9wUTdxAb3xcTLKs07cXRsJCWUD4KYMM4hMtZaMdxqYMuccpmxhEpJvjrD4tId_bfBgMsnlArGmzQHLazk6ozJQWdOnwCQY__1UJtQd4N5j9wbcTNNT6IMq0T89SHDYKThqFq-EEhIyXQdArAX8UyULgXc6Xruw-cAiEOWPUXbTOHU5Wbvk0oNGD4kbCBDJdYsxNj8Wo9-tOBUjac_99-EDj1Hce4brcbvQsMnttsGmlLWgVB6vhWgtGNU-YVTLB4LBjKKgjS2hLajtUiok7cfpZShtehWqOLTssr7XQLj6Dx-qlk92Pj3o9PNhiuoUeUu9T0lUUr3d3G91GzfN7Pj0iWdFPFbFTPEtYH8Io8K-DnfCsyhOO8IXfQDUIl8KZmiHAOEP4tZ4Z8G68OQhvpYSLjOuGTEWaqX41r-txQ1mUHuMmcjdEOfYCmaXVHm4OaNFMV0aD3wW1g9neq8MMDpjZ-ovnqiFDYd0QRy4WzhrA4Stea75WFtyldObam9AcUW8Y9w2ep2timB9hJNfOhWa5OJrwvFNELYbzrcsv2-of45n3YuQBqiH5IBxgpkL8KKsU9werx84Z1KwxgW9QY5gGvTo9l3fDA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qi-mei-yin-le-jie-ling-hun-de-yin-hen-gan-shou-lang-man-le-pai-de-feng-pei-qing-gan.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 3959 		1 KB
752 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: a011a39eb7575a461d98b9823b03d532.safeframe.googlesyndication.com
URL: https://a011a39eb7575a461d98b9823b03d532.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a011a39eb7575a461d98b9823b03d532.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
8482
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 10 Sep 2022 06:01:52 GMT
etag
48472445140208031
expires
Sun, 11 Sep 2022 06:01:52 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 5189 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f132.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a011a39eb7575a461d98b9823b03d532.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
242109
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 07 Sep 2022 13:08:05 GMT
expires
Thu, 07 Sep 2023 13:08:05 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame E01A 		1 KB
752 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: a011a39eb7575a461d98b9823b03d532.safeframe.googlesyndication.com
URL: https://a011a39eb7575a461d98b9823b03d532.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a011a39eb7575a461d98b9823b03d532.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
8482
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 10 Sep 2022 06:01:52 GMT
etag
48472445140208031
expires
Sun, 11 Sep 2022 06:01:52 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame ED5D 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
06584301c5b2bd55c199306a76b39a58efaafe348370265942c6ecee5ebe0cc6

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame A27C 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f132.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a011a39eb7575a461d98b9823b03d532.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
242109
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 07 Sep 2022 13:08:05 GMT
expires
Thu, 07 Sep 2023 13:08:05 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
integrator.js
adservice.google.com.au/adsid/ Frame C5A6 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=adx.holmesmind.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_fy2021.js?bust=31069448
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 10 Sep 2022 08:23:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame C5A6 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=adx.holmesmind.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_fy2021.js?bust=31069448
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 10 Sep 2022 08:23:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame D306 		603 B
66 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4126554779393986&output=html&adk=1812271804&adf=2253520748&plat=1%3A520%2C2%3A520%2C8%3A512%2C9%3A520%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1049088%2C32%3A32&format=0x0&url=https%3A%2F%2Fadx.holmesmind.com%2F&ea=0&pra=5&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662798194081&bpp=3&bdt=418&idt=301&shv=r20220907&mjsv=m202209080101&ptt=9&saldr=aa&nras=1&correlator=1336011910620&frm=8&ife=1&pv=2&ga_vid=623293740.1662798194&ga_sid=1662798194&ga_hid=1300708309&ga_fc=0&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=713434785&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31069448&oid=2&pvsid=1759535697485998&tmod=1688359005&uas=0&nvt=1&top=https%3A%2F%2Fwww.bg3.co%2F&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=4&bc=31&ifi=1&uci=1.nj8ribgm1a6b&fsb=1&dtd=319
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_fy2021.js?bust=31069448
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 10 Sep 2022 08:23:14 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 0972 		603 B
66 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4126554779393986&output=html&h=280&slotname=4923695364&adk=3446667921&adf=552093736&pi=t.ma~as.4923695364&w=336&fwrn=16&psa=0&format=336x280&url=https%3A%2F%2Fadx.holmesmind.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662798194085&bpp=1&bdt=421&idt=324&shv=r20220907&mjsv=m202209080101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=1336011910620&frm=8&ife=1&pv=1&ga_vid=623293740.1662798194&ga_sid=1662798194&ga_hid=1300708309&ga_fc=0&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=713434785&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31069448&oid=2&pvsid=1759535697485998&tmod=1688359005&uas=0&nvt=1&top=https%3A%2F%2Fwww.bg3.co%2F&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.o6by91gtoczp&fsb=1&dtd=329
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_fy2021.js?bust=31069448
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 10 Sep 2022 08:23:14 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame FAAE 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7ccb44159d19e7b63b19c59a2019adb3a661b2189b0b4d923df39d2d0b3369c6

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
pixel
cm.g.doubleclick.net/ Frame 3959
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEHBL9TXb3XinmYkHoRlp2So&google_cver=1&google_push=AehlK4Dxk6Qf9BKA86NLII3EJeISmJo71a11_xDY8ozzBmJkhA0i_j90iQ7XhtjUBGIvSR7cyh0fu_VEGvBbVnB8E0vSg_NZgPCjxO...
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=A7FECE5223934D0E9780D1E84F40E738&google_push=AehlK4Dxk6Qf9BKA86NLII3EJeISmJo71a11_xDY8ozzBmJkhA0i_j90iQ7XhtjUBGIvSR7cyh0fu_VEGvBbVnB...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=A7FECE5223934D0E9780D1E84F40E738&google_push=AehlK4Dxk6Qf9BKA86NLII3EJeISmJo71a11_xDY8ozzBmJkhA0i_j90iQ7XhtjUBGIvSR7cyh0fu_VEGvBbVnB8E0vSg_NZgPCjxOKAvpr51ih9-eAQ2Mpu4_cV3h30CGtnoeEctmx2iss
Requested by
Host: a011a39eb7575a461d98b9823b03d532.safeframe.googlesyndication.com
URL: https://a011a39eb7575a461d98b9823b03d532.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Sep 2022 08:23:15 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 10 Sep 2022 08:23:15 GMT
x-content-type-options
nosniff
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=A7FECE5223934D0E9780D1E84F40E738&google_push=AehlK4Dxk6Qf9BKA86NLII3EJeISmJo71a11_xDY8ozzBmJkhA0i_j90iQ7XhtjUBGIvSR7cyh0fu_VEGvBbVnB8E0vSg_NZgPCjxOKAvpr51ih9-eAQ2Mpu4_cV3h30CGtnoeEctmx2iss
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
138
expires
Fri, 09 Sep 2022 08:23:15 GMT
pixel
cm.g.doubleclick.net/ Frame 3959
Redirect Chain
  • https://ipac.ctnsnet.com/int/cm?exc=1&acc=crimtan_au&google_gid=CAESEP9Ad2gsO9v3ADF6KyHADIo&google_cver=1&google_push=AehlK4BSvZikavMBtOqULR5dNEGL8dvBHUCjXrrroyb8Fym486bQsuMSnZFlWDNEZuBWV8W5bUaxKIi...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AehlK4BSvZikavMBtOqULR5dNEGL8dvBHUCjXrrroyb8Fym486bQsuMSnZFlWDNEZuBWV8W5bUaxKIiSEJgA2g9qVVrHP9jKYzMBX0G0duc-F4GACaMBk-Bz626IqamF...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AehlK4BSvZikavMBtOqULR5dNEGL8dvBHUCjXrrroyb8Fym486bQsuMSnZFlWDNEZuBWV8W5bUaxKIiSEJgA2g9qVVrHP9jKYzMBX0G0duc-F4GACaMBk-Bz626IqamFc7-uexBYafo8OuE&google_hm=0LtNleLoSuWOHuRx0ITBVqU
Requested by
Host: a011a39eb7575a461d98b9823b03d532.safeframe.googlesyndication.com
URL: https://a011a39eb7575a461d98b9823b03d532.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Sep 2022 08:23:15 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 10 Sep 2022 08:23:14 GMT
via
1.1 google
server
Apache-Coyote/1.1
status
302
p3p
CP="NOI DSP COR NID CUR OUR NOR"
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AehlK4BSvZikavMBtOqULR5dNEGL8dvBHUCjXrrroyb8Fym486bQsuMSnZFlWDNEZuBWV8W5bUaxKIiSEJgA2g9qVVrHP9jKYzMBX0G0duc-F4GACaMBk-Bz626IqamFc7-uexBYafo8OuE&google_hm=0LtNleLoSuWOHuRx0ITBVqU
cache-control
no-cache, must-revalidate
content-type
text/html;charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
gdn.socdm.com/rtb/ Frame 3959
Redirect Chain
  • https://tg.socdm.com/rtb/sync_before?proto=google&sspid=google&google_gid=CAESEMFSRoYfAA7tWUhtHbuwqxA&google_cver=1&google_push=AehlK4Cm6A4CdjBm7UUx-WvnEz8j55-pvEDAYtwpGUkCkld_2Swq3-993SkN2UAOEvp4d...
  • https://cm.g.doubleclick.net/pixel?google_nid=scout&google_cm&google_hm=WXh4SmM4Q281c0lBQUh6S0xOY0FBQUFB
  • https://gdn.socdm.com/rtb/sync?proto=google&sspid=google&google_gid=CAESEMFSRoYfAA7tWUhtHbuwqxA&google_cver=1
43 B
951 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gdn.socdm.com/rtb/sync?proto=google&sspid=google&google_gid=CAESEMFSRoYfAA7tWUhtHbuwqxA&google_cver=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qi-mei-yin-le-jie-ling-hun-de-yin-hen-gan-shou-lang-man-le-pai-de-feng-pei-qing-gan.html
Protocol
HTTP/1.1
Server
124.146.215.4 , Japan, ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 10 Sep 2022 08:23:16 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync?proto=google&sspid=google&google_gid=CAESEMFSRoYfAA7tWUhtHbuwqxA&google_cver=1","cluster_id":49,"gdpr":false,"ipv4":"173.245.209.165","key":"YxxJc8Co5sIAAHzKLNcAAAAA","privacy_sensitive":false,"uid":"YxxJc8Co5sIAAHzKLNcAAAAA","upstream_id":"m-ad123"}
X-SO-Key
YxxJc8Co5sIAAHzKLNcAAAAA
X-SO-Upstream-ID
m-ad123
P3P
CP="See also http://www.scaleout.jp/privacy/"
X-SO-HostName
m-ad123.dc4p.scaleout.jp
X-SO-UID
YxxJc8Co5sIAAHzKLNcAAAAA
Connection
keep-alive
Content-Length
43
X-SO-IP
173.245.209.165
X-SO-Cluster-ID
49
Server
nginx
Content-Type
image/gif
Cache-Control
private
X-SO-Ads-Time
10
X-SO-LB-Hostname
m-ng22.dc4p.scaleout.jp

Redirect headers

pragma
no-cache
date
Sat, 10 Sep 2022 08:23:15 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://gdn.socdm.com/rtb/sync?proto=google&sspid=google&google_gid=CAESEMFSRoYfAA7tWUhtHbuwqxA&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
318
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
google
pix.impdesk.com/csync/ Frame 3959 		0
0
pixel
cm.g.doubleclick.net/ Frame 3959
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEOQp3XfGS_BbAsmB6Iah--k&google_cver=1&google_push=AehlK4B3Z45kG6hUSKw27yCZ_AteLxMOE8wbA8q1W9GsPqxAtPZC7ZH8Vfgp_VyEtRd5zhhnp2qVQFg1jvlZacPjmd68AqJ...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AehlK4B3Z45kG6hUSKw27yCZ_AteLxMOE8wbA8q1W9GsPqxAtPZC7ZH8Vfgp_VyEtRd5zhhnp2qVQFg1jvlZacPjmd68AqJJ2XzMSvSR8RlT1ih9S3S8GPz2yacmu8kCBPfQP...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AehlK4B3Z45kG6hUSKw27yCZ_AteLxMOE8wbA8q1W9GsPqxAtPZC7ZH8Vfgp_VyEtRd5zhhnp2qVQFg1jvlZacPjmd68AqJJ2XzMSvSR8RlT1ih9S3S8GPz2yacmu8kCBPfQPZoyN50uB0s&google_hm=ODgzNzY1MzM5ODk0MTc4ODQ0Nw%3D%3D
Requested by
Host: a011a39eb7575a461d98b9823b03d532.safeframe.googlesyndication.com
URL: https://a011a39eb7575a461d98b9823b03d532.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Sep 2022 08:23:15 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 10 Sep 2022 08:23:14 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AehlK4B3Z45kG6hUSKw27yCZ_AteLxMOE8wbA8q1W9GsPqxAtPZC7ZH8Vfgp_VyEtRd5zhhnp2qVQFg1jvlZacPjmd68AqJJ2XzMSvSR8RlT1ih9S3S8GPz2yacmu8kCBPfQPZoyN50uB0s&google_hm=ODgzNzY1MzM5ODk0MTc4ODQ0Nw%3D%3D
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security
max-age=31536000
content-length
0
x-content-type-options
nosniff
pixel
cm.g.doubleclick.net/ Frame 3959
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEMOky3x3xLb0Hy0ZmbgddK8&google_cver=1&google_push=AehlK4Dzuc9qpF_T4A519OmaMP6UdlLzVKmwFikUEuJEUBuU9bYY0cJ8AUe0IDbNDTfowoA89gidPK...
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AehlK4Dzuc9qpF_T4A519OmaMP6UdlLzVKmwFikUEuJEUBuU9bYY0cJ8AUe0IDbNDTfowoA89gidPKfz0yoNij-SMepSdVLVDUap-aI-15EcVYd_5d4FZae1Y...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AehlK4Dzuc9qpF_T4A519OmaMP6UdlLzVKmwFikUEuJEUBuU9bYY0cJ8AUe0IDbNDTfowoA89gidPKfz0yoNij-SMepSdVLVDUap-aI-15EcVYd_5d4FZae1YBYo2ucCI1FwmE-nP8wVcg&google_hm=MzEzNjg5NjMzMjEyNjE4MTIzOA%3D%3D
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qi-mei-yin-le-jie-ling-hun-de-yin-hen-gan-shou-lang-man-le-pai-de-feng-pei-qing-gan.html
Protocol
H3
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Sep 2022 08:23:15 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AehlK4Dzuc9qpF_T4A519OmaMP6UdlLzVKmwFikUEuJEUBuU9bYY0cJ8AUe0IDbNDTfowoA89gidPKfz0yoNij-SMepSdVLVDUap-aI-15EcVYd_5d4FZae1YBYo2ucCI1FwmE-nP8wVcg&google_hm=MzEzNjg5NjMzMjEyNjE4MTIzOA%3D%3D
date
Sat, 10 Sep 2022 08:23:15 GMT
content-length
0
pixel
cm.g.doubleclick.net/ Frame 3959
Redirect Chain
  • https://rtb2-useast.e-volution.ai/sync?exchange=193&google_gid=CAESEK2PEAoroPoTXA3XaBEKx-k&google_cver=1&google_push=AehlK4C_MtxphO-s3Lhp9bjceAMhj6C7__jORqipq2_uhfW3pmTjL8y27db2GHa0u7YJwTlidBxeF1YE...
  • https://dsp.adkernel.com/adkuid?r=https%3A%2F%2Frtb2-useast.e-volution.ai%2Fsync%3Fexchange%3D193%26google_gid%3DCAESEK2PEAoroPoTXA3XaBEKx-k%26google_cver%3D1%26google_push%3DAehlK4C_MtxphO-s3Lhp9b...
  • https://rtb2-useast.e-volution.ai/sync?adkuid=A6304337797325048124&exchange=193&google_gid=CAESEK2PEAoroPoTXA3XaBEKx-k&google_cver=1&google_push=AehlK4C_MtxphO-s3Lhp9bjceAMhj6C7__jORqipq2_uhfW3pmTj...
  • https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTYzMDQzMzc3OTczMjUwNDgxMjQ&google_push=AehlK4C_MtxphO-s3Lhp9bjceAMhj6C7__jORqipq2_uhfW3pmTjL8y27db2GHa0u7YJwTlidBxeF1Y...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTYzMDQzMzc3OTczMjUwNDgxMjQ&google_push=AehlK4C_MtxphO-s3Lhp9bjceAMhj6C7__jORqipq2_uhfW3pmTjL8y27db2GHa0u7YJwTlidBxeF1YEZmHE7pYfHxDnHpoYEsNoOTLRzp54J3cyI6nXXb_RD9E-ULrJ2nC2jHMRHK5pLSp5
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qi-mei-yin-le-jie-ling-hun-de-yin-hen-gan-shou-lang-man-le-pai-de-feng-pei-qing-gan.html
Protocol
H3
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Sep 2022 08:23:16 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTYzMDQzMzc3OTczMjUwNDgxMjQ&google_push=AehlK4C_MtxphO-s3Lhp9bjceAMhj6C7__jORqipq2_uhfW3pmTjL8y27db2GHa0u7YJwTlidBxeF1YEZmHE7pYfHxDnHpoYEsNoOTLRzp54J3cyI6nXXb_RD9E-ULrJ2nC2jHMRHK5pLSp5
Date
Sat, 10 Sep 2022 08:23:15 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
attr
cm.g.doubleclick.net/pixel/ Frame 3959 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KCbD2FSbUJtRuXk5OmqkScU30o-QRIrVAOzePBowkNmqJyLaE1EF1mZiyo87Bs4DAR9XMf8w
Requested by
Host: a011a39eb7575a461d98b9823b03d532.safeframe.googlesyndication.com
URL: https://a011a39eb7575a461d98b9823b03d532.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 08:23:14 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
JI0Pcydj_YJwFyiv8pAtPmsHnnPx6gDBxLt0n0XpIm8.js
pagead2.googlesyndication.com/bg/ Frame 5189 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/JI0Pcydj_YJwFyiv8pAtPmsHnnPx6gDBxLt0n0XpIm8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
sffe /
Resource Hash
248d0f732763fd82701728aff2902d3e6b079e73f1ea00c1c4bb749f45e9226f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 00:27:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
201317
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15957
x-xss-protection
0
last-modified
Mon, 29 Aug 2022 10:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 08 Sep 2023 00:27:57 GMT
pixel
cm.g.doubleclick.net/ Frame E01A
Redirect Chain
  • https://dynalyst-sync.adtdp.com/pixel?pid=10&google_gid=CAESENROCngTfSkyYMkh9Llvj-0&google_cver=1&google_push=AehlK4Afl-Q2iLa63Z2UEnlIrc9u9_js9euGLhxgvf2x_MVBjXy6VDcOok6mciu4KujTzwkojuE8BL0qNb-MW8R...
  • https://cm.g.doubleclick.net/pixel?google_nid=cyberagent_dynalyst&google_push=AehlK4Afl-Q2iLa63Z2UEnlIrc9u9_js9euGLhxgvf2x_MVBjXy6VDcOok6mciu4KujTzwkojuE8BL0qNb-MW8Rw5JefHojkyhB-Vu3qwyZjRCPJLQA11aK...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=cyberagent_dynalyst&google_push=AehlK4Afl-Q2iLa63Z2UEnlIrc9u9_js9euGLhxgvf2x_MVBjXy6VDcOok6mciu4KujTzwkojuE8BL0qNb-MW8Rw5JefHojkyhB-Vu3qwyZjRCPJLQA11aK0VYrOseyEUcpPkorka2z6mpE
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qi-mei-yin-le-jie-ling-hun-de-yin-hen-gan-shou-lang-man-le-pai-de-feng-pei-qing-gan.html
Protocol
H3
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Sep 2022 08:23:15 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=cyberagent_dynalyst&google_push=AehlK4Afl-Q2iLa63Z2UEnlIrc9u9_js9euGLhxgvf2x_MVBjXy6VDcOok6mciu4KujTzwkojuE8BL0qNb-MW8Rw5JefHojkyhB-Vu3qwyZjRCPJLQA11aK0VYrOseyEUcpPkorka2z6mpE
Date
Sat, 10 Sep 2022 08:23:15 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
asr
aid.send.microad.jp/g/ Frame E01A 		43 B
641 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aid.send.microad.jp/g/asr?google_gid=CAESEHctOG17-A9xEmrc4bSKI78&google_cver=1&google_push=AehlK4CCUaebCp9Mk5sd2nuEsWBTpY7QA6apW9gmBPVDwyrhZV7WBWrJ7aueUoVVC5lFOYMOyDSANEcqqpJN7UxcIBYFIeCYlvklUox4Z3UHxxW9cOaOPYxOOtgEnwYeAa7e7-LeUT2YTQ
Requested by
Host: a011a39eb7575a461d98b9823b03d532.safeframe.googlesyndication.com
URL: https://a011a39eb7575a461d98b9823b03d532.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
202.233.84.1 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=3600

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 10 Sep 2022 08:23:15 GMT
Server
Apache
Strict-Transport-Security
max-age=3600
P3P
policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE"
Access-Control-Allow-Origin
*
Connection
close
Content-Type
image/gif
Access-Control-Allow-Headers
origin, x-requested-with, If-Modified-Since, content-type, Pragma, Cache-Control
Content-Length
43
adx_sync
ad.audience73.com/ Frame E01A 		0
0
pixel
cm.g.doubleclick.net/ Frame E01A
Redirect Chain
  • https://dsp.adkernel.com/sync?exchange=11&google_gid=CAESEJ2ThhPhIhQFfo-iq-0m4_M&google_cver=1&google_push=AehlK4DUp34lcSFUp6IGa6oNwgYNs2VtuL27WtV8BWP1qoOEGyB2Bf3-fDD2nbAeGqPV4O8kXecAA3RiQX2o8MI54k...
  • https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTg1MDI4NjczMzI1NTAxMDI0NzI&google_push=AehlK4DUp34lcSFUp6IGa6oNwgYNs2VtuL27WtV8BWP1qoOEGyB2Bf3-fDD2nbAeGqPV4O8kXecAA3RiQX2o8MI54kdE...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTg1MDI4NjczMzI1NTAxMDI0NzI&google_push=AehlK4DUp34lcSFUp6IGa6oNwgYNs2VtuL27WtV8BWP1qoOEGyB2Bf3-fDD2nbAeGqPV4O8kXecAA3RiQX2o8MI54kdE0T7qs0bpZJfThpqqcckeefocw4wkpJa1edHzRiZ1JvuQXyoacAM
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qi-mei-yin-le-jie-ling-hun-de-yin-hen-gan-shou-lang-man-le-pai-de-feng-pei-qing-gan.html
Protocol
H3
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Sep 2022 08:23:15 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTg1MDI4NjczMzI1NTAxMDI0NzI&google_push=AehlK4DUp34lcSFUp6IGa6oNwgYNs2VtuL27WtV8BWP1qoOEGyB2Bf3-fDD2nbAeGqPV4O8kXecAA3RiQX2o8MI54kdE0T7qs0bpZJfThpqqcckeefocw4wkpJa1edHzRiZ1JvuQXyoacAM
Date
Sat, 10 Sep 2022 08:23:15 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame E01A
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEKYrUww3LBRk975-rRDrbf8&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEKYrUww3LBRk975-rRDrbf8&google_hm=YxxJcsMym3xtfAffeJ0RQwAAEpAAAAAB&google_nid=index&google_push=AehlK4BZIf-lXe8715xcgMRzYicmczTyeoGnX...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEKYrUww3LBRk975-rRDrbf8&google_hm=YxxJcsMym3xtfAffeJ0RQwAAEpAAAAAB&google_nid=index&google_push=AehlK4BZIf-lXe8715xcgMRzYicmczTyeoGnXcqy36O_GEWeRTWK9gSPJDsmI2TJXhG2Skyf-zUz0gTv619xwZITaprgSDkgrdXIv9R1jCgX7oD09Fu7vVZXaTUThkuC1TrC0P-B63b-FJM
Requested by
Host: a011a39eb7575a461d98b9823b03d532.safeframe.googlesyndication.com
URL: https://a011a39eb7575a461d98b9823b03d532.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Sep 2022 08:23:15 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 10 Sep 2022 08:23:15 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2NK4src1twyCUuKNMSxpDSmNsTNlrxx6AhOlc4YQeYTDYsV0%2BQM%2Bi%2FFAHvx4wukAM1gFTlFfX2XqCs3UVi8BFRoCLy9AfW9eVXLVQ%2Fx14BA40Eo6aOQbfGJMt%2FIDdv1lgqodeqJh%2B9CHUg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEKYrUww3LBRk975-rRDrbf8&google_hm=YxxJcsMym3xtfAffeJ0RQwAAEpAAAAAB&google_nid=index&google_push=AehlK4BZIf-lXe8715xcgMRzYicmczTyeoGnXcqy36O_GEWeRTWK9gSPJDsmI2TJXhG2Skyf-zUz0gTv619xwZITaprgSDkgrdXIv9R1jCgX7oD09Fu7vVZXaTUThkuC1TrC0P-B63b-FJM
cache-control
no-cache
cf-ray
7486c2ad6fc4a980-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
pixel
cm.g.doubleclick.net/ Frame E01A
Redirect Chain
  • https://ds.uncn.jp/doubleclick/0/sync_push?google_gid=CAESELVHAvzbmgqxZ4GkwXGLaN4&google_cver=1&google_push=AehlK4AjIBecmTfjCwAT_Cu6nfiQTX5bjCQXtTpuJUvtSTN0GbiHSLQXUmCk87KHyXwk79SAKcPnHRAfdsl1EAslA...
  • https://cm.g.doubleclick.net/pixel?google_nid=unicorn&google_push=AehlK4AjIBecmTfjCwAT_Cu6nfiQTX5bjCQXtTpuJUvtSTN0GbiHSLQXUmCk87KHyXwk79SAKcPnHRAfdsl1EAslA48JZf9TSymDvjzKeYN7Ra4n9M68dnAkjLZeT4va1a6...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=unicorn&google_push=AehlK4AjIBecmTfjCwAT_Cu6nfiQTX5bjCQXtTpuJUvtSTN0GbiHSLQXUmCk87KHyXwk79SAKcPnHRAfdsl1EAslA48JZf9TSymDvjzKeYN7Ra4n9M68dnAkjLZeT4va1a6thGzQ_rS9KtI&google_hm=Acmgb1h8n0iJhdiJAx4sVpE
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qi-mei-yin-le-jie-ling-hun-de-yin-hen-gan-shou-lang-man-le-pai-de-feng-pei-qing-gan.html
Protocol
H3
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Sep 2022 08:23:15 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=unicorn&google_push=AehlK4AjIBecmTfjCwAT_Cu6nfiQTX5bjCQXtTpuJUvtSTN0GbiHSLQXUmCk87KHyXwk79SAKcPnHRAfdsl1EAslA48JZf9TSymDvjzKeYN7Ra4n9M68dnAkjLZeT4va1a6thGzQ_rS9KtI&google_hm=Acmgb1h8n0iJhdiJAx4sVpE
Date
Sat, 10 Sep 2022 08:23:15 GMT
Server
Apache
Connection
keep-alive
Content-Length
274
Content-Type
text/html; charset=utf-8
1.gif
id5-sync.com/c/495/0/0/ Frame E01A
Redirect Chain
  • https://sync.inmobi.com/gob?google_gid=CAESEKGBpyjjKJQnZIKE0w3e2Ho&google_cver=1&google_push=AehlK4AdkgdsPef6NgA1wTLw6jKMZkqyEI2MiQSY3BMpU0EUfNck-kZ1dc8CgLmtJUtVLYPWm7V0Ep8QuqT1VxqluYUSlffymElPLHhi...
  • https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAehlK4AdkgdsPef6NgA1wTLw6jKMZkqyEI2MiQSY3BMpU0EUfNck-kZ1dc8CgLmtJUtV...
  • https://id5-sync.com/c/495/0/0/1.gif?gdpr=0&gdpr_consent=&us_privacy=
0
0
attr
cm.g.doubleclick.net/pixel/ Frame E01A 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KUtLDbjsQ5l_KYNBcy1bkxSJpl5wDbavfUZ1oQRuITH90swEq6XmyU51_oqKA-KFRpcDs7SA
Requested by
Host: a011a39eb7575a461d98b9823b03d532.safeframe.googlesyndication.com
URL: https://a011a39eb7575a461d98b9823b03d532.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 08:23:14 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
publishertag.prebid.js
static.criteo.net/js/ld/ 		88 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
e9969ec6163fc467674443a6cd06f78cf8d664794d386558db417565e57423d3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 08:23:15 GMT
content-encoding
gzip
last-modified
Wed, 31 Aug 2022 21:48:59 GMT
server
nginx
etag
W/"630fd74b-16068"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 11 Sep 2022 08:23:15 GMT
JI0Pcydj_YJwFyiv8pAtPmsHnnPx6gDBxLt0n0XpIm8.js
pagead2.googlesyndication.com/bg/ Frame A27C 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/JI0Pcydj_YJwFyiv8pAtPmsHnnPx6gDBxLt0n0XpIm8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
sffe /
Resource Hash
248d0f732763fd82701728aff2902d3e6b079e73f1ea00c1c4bb749f45e9226f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 00:27:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
201317
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15957
x-xss-protection
0
last-modified
Mon, 29 Aug 2022 10:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 08 Sep 2023 00:27:57 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame C5A6 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220907&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_fy2021.js?bust=31069448
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
fa0aa1507580b2dc07a90dcbf69c0df1335349e705f103034dec02a2b66f593e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 10 Sep 2022 08:23:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11186
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 14F2 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220907&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209060101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
9cdee7f38217e316bb4f8b87da6345c7dc1901fb1f7f4af7c453fc149343afe5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 10 Sep 2022 08:23:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11098
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 11B3 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220907&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209060101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
23fbe90ffdaf3fed12fca252d15e97f25fc250b6ad99f680710e3e227b96086e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 10 Sep 2022 08:23:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11083
x-xss-protection
0
activeview
pagead2.googlesyndication.com/pcs/ Frame DB38 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvzyC6ei40VZH1cbq28BHKXW2AKpLMPyOKt26d5lvsy0t7DFdP4DgvkSPpt_8_It8_MrSdmyNSUgjh4-pCUDwE6Q0yDEqQeslOa-_z-cyVT467q_B2W1wl4v_yhsV7H3s11VgE&sai=AMfl-YRTd1zz_qIn_OMgIaFrQx95aLQLoMcGznzWW1_BRwEiMfF1Ip-t-bb3KK4rxFQgt_aQIbtLPT66QV1tgpQX_yr6o9c0VO0O9trfYQ1fEPz-KO-cCjHx3EBSEshR&sig=Cg0ArKJSzOHGaSTI3cp0EAE&cid=CAASFeRofsxd3uiKrr3kaPKkvPu3wMh0OQ&id=ampim&o=5,300&d=120,600&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=639&tls=1639&g=100&h=100&tt=1639&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=4082231052
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qi-mei-yin-le-jie-ling-hun-de-yin-hen-gan-shou-lang-man-le-pai-de-feng-pei-qing-gan.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Sep 2022 08:23:14 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5189 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BU_vUcUkcY_KnLZDoowOvhKPIBgAAAAA4AeAEAg&bg=!j4yljMjNAAZTikH4c4o7ACkAdvg8Wt2krs32m6Q7UOR-rMwxEqd3QKL7tpt1ZLxcmN8gMYUeiDBgMwIAAABMUgAAAANoAQeZAvsJzow_JdHPem-Zbze-kIOMBAgf5VLHOiiqZJKRhk2TjMHXpKeaLc7R6GrfipkD6xU2hanP3k13XisGA7Ci6AbmvXdXHkhOPv-KVi4KVutphTdOTaqzB3CJVS5jx4-H-7nTGSdymo1l4GQF4aQSG8gk13YZVVY8xMDiuptB7BV-y9KGwmjZPmWOxNly-qWM4ynbDuPf3U8wfPaxqvweuxYG1Fh7O3m77k0s8K6NoWlCklf1s4UTt_RWajtDxZ2_VsYKLA8PYGbaTTtdecGytTWxjsMY7H9lucH8pfIQIdVemrEM8mpipzQbzUOThgqn4gwNAfg5eM5I4IZ5F44I7-phmFq_wzn7YBveOeV_1gYr9JfGVHu1PPlzvSpUvIYA7hr7v2WDq9qsys6WHLvubodN4NE44NZXVrPyLYtbnvlNH51XqwxPvfKS4YJvTBkHIQfKGcxd4fjUXG3FNDl3xUSjtDTHTO3gibQeiiYd8nqKDEFyQdorA2NFCQg_qkR1Gm7OM-abMlHnB0MNXqsJ3gqSLC-BCjDechxgSMtnApguhLdVfpIMmD65uF5KlFkYjby-7K_CdDIuSwwYwzWah1FJOHf_kUjqMyFFq5MDRQ7EPfOVzgX6HPnzdZGS7su9UUjJeuDctcvTTGK-CPRg_CottfMSInqhylkWYfU1HQ4dwXbG3bBoj591xVQev3xM-RKIMFY_LT5vScyhXi1wQO3eVbgZ58pu35tndW3HJWnSolaVXxzfLs4o9JOOPn8Pgx-XYoUkWHpbkTOXYyLpxLZJNGI6lqSjl8BzMlt4bmXg7QHIBreiqcrGBG1dJ9RGXZ-0xHSwrQ8IRhJZ2OqVZymSjx6MdIkaUG73hiM0-saI-jbYYFDYqyMboAoqbitJrFgNZURjN4UnUKrVGKJUMNj2Z9faN8OLzsbbhBkSGSDpuqo65pv3Ov0W4y4QW2WNaCIqx6b5aCE0OQmg7U46jtmiBdq0Zsa4ir_lAMhzAEVQbM53o7XznuxX9eGT
Requested by
Host: a011a39eb7575a461d98b9823b03d532.safeframe.googlesyndication.com
URL: https://a011a39eb7575a461d98b9823b03d532.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Sep 2022 08:23:14 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
smtr
contextual.media.net/ Frame C174 		91 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/smtr?cb=window._mNDetails.initAd&&gdpr=0&cid=8CUABW64L&cpcd=ZNUXWKgjxAVr8bMpeLkZyA%3D%3D&crid=131738877&size=336x280&cc=AU&chnm=HARMONY&pid=8POHZR87R&tpid=T1E3668&https=1&vif=2&requrl=https%3A%2F%2Fwww.bg3.co&nse=5&vi=1662798194405287317&lw=1&ugd=4&adt1=8CU3SX34C&adt2=529820104&bae=B44gxaqxag&bcpf=8fOnRrolnfOur8B44gxaqxag&bdrId=4&ntv=0&matchstring=hr%3D0%7Cbcat%3D11%2C47%2Ch%2Cgo%2Ci2%7Ccsh%3D1&katpre=1&katbid=-103&pgid=p0159616195t202209100823&goent=1&nb=1&cadomain=tzR-hLcl-L81q0bo4F7GnA3mMwDIDjC2d77KxBXphR_fTCDUsmLZYQ%3D%3D&allsc=NSW
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/nmedianet.js?cid=8CUABW64L
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.83.196.24 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-24.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
1866a766c47824407262904f227838a42dd3e98667b6abf7f73dd5556662fd4e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Sep 2022 08:23:15 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
text/javascript
expires
Sat, 10 Sep 2022 08:23:15 GMT
cache-control
max-age=0, no-cache, no-store
x-sc-h
21-98nd
strict-transport-security
max-age=31536000
timing-allow-origin
*
content-length
33660
x-sc-w
21-r4r8
bping.php
lg3.media.net/ Frame C174 		15 B
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lg3.media.net/bping.php?vgd_len=518&&vgd_cdv=794&gdpr=0&prid=8PRVCXX19&cid=8CUABW64L&crid=131738877&vi=1662798194405287317&ugd=4&lf=6&cc=AU&sc=NSW&lper=100&wsip=2886781036&r=1662798194869&requrl=https%3A%2F%2Fwww.bg3.co&vgd_l2type=sca&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=54203&vgd_rakh=1662798194180111380&vgd_l1rhst=contextual.media.net&vgd_rpth=%2Fnmedianet.js&vgd_hb_audit_1=8CU3SX34C&vgd_hb_audit_2=529820104&vgd_pgid=p0159616195t202209100823&vgd_pgids=1&vgd_uspa=0&hvsid=00001662798194867029185683573693&gdpr=0&vgd_end=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662798192126&bpp=11&bdt=234&idt=319&shv=r20220907&mjsv=m202209060101&ptt=5&saldr=sa&correlator=1094902774847&frm=8&ife=1&pv=2&ga_vid=245469315.1662798192&ga_sid=1662798192&ga_hid=1104964764&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31069437%2C44772916%2C44769661&oid=2&pvsid=2709184894833235&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.p4r2luhaezh3&fsb=1&dtd=335
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.252.26 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-252-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=21600
server
Apache
date
Sat, 10 Sep 2022 08:23:14 GMT
ntcoent-length
15
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
max-age=16329
content-length
15
checksync.php
contextual.media.net/ Frame 69BE 		26 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CU3SX34C&prvid=99%2C77%2C20000%2C2033%2C262%2C241%2C3018%2C246%2C4%2C313%2C359%2C10000%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662798192126&bpp=11&bdt=234&idt=319&shv=r20220907&mjsv=m202209060101&ptt=5&saldr=sa&correlator=1094902774847&frm=8&ife=1&pv=2&ga_vid=245469315.1662798192&ga_sid=1662798192&ga_hid=1104964764&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31069437%2C44772916%2C44769661&oid=2&pvsid=2709184894833235&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.p4r2luhaezh3&fsb=1&dtd=335
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.83.196.24 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7ef32f294a526645c225e15443374d0346ff1d5b32f62cf4e1e6f38f73b4a0d6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
9411
content-type
text/html; charset=UTF-8
date
Sat, 10 Sep 2022 08:23:14 GMT
expires
Mon, 12 Sep 2022 08:23:14 GMT
p3p
CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
clog
hblg.media.net/ Frame C174 		35 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/clog?logid=awlog&pixel_len_bucket=4528&lmt_enf=true&req_mtype%3C%3E=0&mx_bsProfileRa=0&mx_nsz=3&spSource=0&ifst=0&vid=YxxJcAAOWNEF6YftqwGKGQ&s_city=taipei&ugd=4&bcat%3C%3E=1000031%23%231000030%23%2310130%23%231000024%23%231000037%23%231000036%23%231000004&exp=ssProfile%3D0%7Csfl%3Dfalse%7CssBucket%3D0%7Cbfl%3D-100%7Csch%3D1%7Cclt%3D3%7Cfl_rl%3D1%7Cdbr%3D1%7Ctpi%3D1&app=0&ctr=4.0885925E-4&mx_TAF=3&device_id=4&ae=false&mx_UCC=1&prspt=headerBid&mx_bss_algos%3C%3E=0&usp_status=0&seat=BID_API&og_cbdp=0.020&size=336x280&mx_TAS=1&mx_gpid_sent=false&xtmax=290&commit_id=d5d0fd30&scrid=1700080807683300336028000000500&itypeid=17&mx_SPRIG=0&viewability=-1&renderer=1&be=0&rtime=10.0&adj0=0.0&tmax=300&s_ip=173.194.171.8&adj2=0.0&adj1=0.0&feedback_id=YxxJcAAOWNEF6YftqwGKGQ&adtypes=0&mx_aabpc=0&reqid=YxxJcAAOWNEF6YftqwGKGQ&sc=AU-NSW&sd=1&mowxReqId=497c40dca8f14bb3bef0dce419605f73_1&ifdp=0&requrl=https%3A%2F%2Fwww.bg3.co&bidrestime=1662798192985&pv_adtype=0&cc=AU&strg=HARMONY&pcrid=8CUABW64L-131738877-37-23&coppa_enf=true&bdp=0.020&ct=beaconsfield&spIsReq=3&s=1&abs=0%7C0%7Cxtmax%3D290%7CHARMONY%7Cbrr%3D0&mx_epbc=8CUABW64L&dnt_enf=false&mx_ssBucket=0&vls=0&asn=54203&mang=1&fleet=common-istio&mx_isLossNtf=false&advUrl=https%3A%2F%2Ftopics.businessfocus.online&dn=bg3.co&dt=O&acid=497c40dca8f14bb3bef0dce419605f73&actltime=17&act=headerBid&iframingState=0&mx_lr_seg_deal=0&exclattr=32%7C34%7C70%7C13%7C14%7C15%7C16%7C48%7C17%7C114%7C18%7C19%7C20%7C22%7C25%7C26%7C27%7C30%7C95&dfpBd=0.011&sckfl=1&dmm_erpm=true&mx_lr=0&mview=1&smbrid=adx-1&bfs=103&rfc=-1&prvApiId=8CUABW64L&epcexp=false&pubid=pub-ADX-101418826937&mx_bsProfile=0&cid=8CU3SX34C&bcrid=1700080807683300336028000000500&omul=1.0&res_mtype=0&apPrfs%3C%3E=62%23%2313%23%2361&suid=CAESEFYwOrJf0T494foK9Y7-TPQ&chnl=HARMONY&pst=0&reqsize=336x280&adpos=3&itype=ADX&mx_g_one_uid_sent=None&spCst=0&mx_sid=8CUABW64L&tgtval=pub-ADX-101418826937&__expireat=1662798793239&lmt_status=N&reftype=0&prvAccId=131738877&ckfl=0&lper=1&mx_tgs=250x250%7C300x250%7C336x280&dummy_vsid=false&cbdp=0.011&pvdTmax=254&ltime=16.0&epc=131738877&ctr_vendor=EXCHANGE&prvReqId=39933960903501_113547844_52982010441&zip=2015&exid=31&spFst=0&mx_GCID=0&cliIPType=v4&pexid=ADX-pub-4485239425924787&ybnca_erpm=0.01&brsrclk=0&sbdrid=186&mx_bsBucketRa=0&rtttime=21&apTags%3C%3E=75&mx_PC=1&wsip=mowx-istio-556596975b-7vpdf&currsrc_date=2022-09-09+00%3A00%3A00&psrc=fail&geoll=false&omid=0&debug_ts=2022-09-10+08%3A23%3A12&policy_enf=2&mx_ssProfile=0&mx_SC=0&reftime=0&pbidflr=0.010&spbf=0&currsrc=API&fpusp=false&lmt_applied=N&mnrfc=-1&pub_blk_enf=1&amptype=1&moau=true&ocurr=USD&snm=SUCCESS&mx_IAB2=0&usp_enf=1&bidflr=0.010&incentive_type=0&skadidfl=0&pid=8PR113JGC&spTo=3&pvid=4&schain_cmpl=1&is_ortb=false&mx_aurl_hc=0&ucrid_ver=2&mx_maq_call=false&mx_uid_sent=0&mx_sbp=-10.0&mnrf=0&slotVisibility=2&dbf=1&gdpr=0&gqid=AMVB_Pm9mONS3H6IQPRc54rB87yfWC6OD_ezmA24pVDQIMi1TVOjI2VUXs7957eB5TPDMpqA&dmm_ogerpm=false&csip=rtb-common-istio-59f7fddfbb-x2mjx.SG&mx_bsBucket=0&mx_aurt=0&spIvt=3&ptype=23&media=0&acsn=1&dtc=apac_sg&mx_aqcpl_crid=4&ogbdp=0.02&tpbTkn=false&adblk=3314916115&fpuReq=1&vcmplrt=-1.0&crid=529820104&geo_source=2&sat=1&mnet_ckfl=0&opbidflr=0.010&impId=1&rme=adm&bdata=sd2%3Dnull~iurl_l%3D50~ogerpm%3D0.01~vis_sd%3D242~dc2%3D1~scd%3Dnsw~v_asn%3D54203~vl2r_sd%3D2022091002~iurl_b%3D71022.73~url_tkc%3D0~std%3D~last%3D~vis_url_b%3D0.1~ip%3D3bw0Uw~fbb%3D0~vis_url_l%3D40~riipua%3D160%2C161~et%3D7~rc%3D1~risuid%3D0%2C0~rps_sd%3D2022091002~vis_b%3D129.22~url_b%3D0.01~url_tvi%3D661~url_l%3D50~gcat%3D-1~bb%3D186~vv%3D0~l2r_b%3D1000~erpm%3D0.01~bm%3D1~sid%3D97335391a67a729904180958400b477a~sd%3D1~uid%3D15fBzDQfZClB5ZLgu~btd%3D242849361287764584894219095899970689414839809132097575660418305953794499168896880644~d2p_l%3D70~3pcf%3D2.89~uim%3D0~og_msh%3D0.01~dmm_strg%3Dharmony~d2p_b%3D0.89~ogd2p_b%3D0.84~vurl_b%3D0.12~ss%3DNA~uiw%3D-1~ce%3D0~rps_b%3D22.7~vurl_l%3D30~CI%3D2733~nts%3D3~tb%3D-1~ct%3Dbeaconsfield~basis2%3D196~basis1%3D196~isRef%3D0~ivurl_b%3D8.55~isif%3D0~lc%3D3~bid%3D0.02~dc%3D8~vl2r_b%3D0.85~ivurl_l%3D30~supply_tag_id%3D%7Eamp%3D1%7Ecbdp%3D0.011%7Edmm%3Dharmony%7Esuid%3DCAESEFYwOrJf0T494foK9Y7-TPQ%7Esd%3D1%7Edtc%3Dapac_sg%7Exid%3DADX-pub-4485239425924787%7Edalg%3Dunison12%7Ehtml%3D1%7Eadblk%3D3314916115%7Esobp%3D%7Ectr%3D4.0885925E-4%7Ebdpcapd%3D0%7Edmm_erpm%3Dtrue%7Ebflr%3D0.010%7Eogbid%3D0.020%7Eac_type%3D1%7Eitype_id%3D17%7Eseller_tag_id%3D%7Edetected_tag_id%3D%7Edcut%3D1%7Edogb%3D0-1~ibc%3D1~ddt%3D-1~nsz%3D3~tgs%3D250x250%7C300x250%7C336x280~bsb%3D0~bsp%3D0~tmx%3D254&utime=1889&sf=0&cpr=0.7112738056829837
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662798192126&bpp=11&bdt=234&idt=319&shv=r20220907&mjsv=m202209060101&ptt=5&saldr=sa&correlator=1094902774847&frm=8&ife=1&pv=2&ga_vid=245469315.1662798192&ga_sid=1662798192&ga_hid=1104964764&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31069437%2C44772916%2C44769661&oid=2&pvsid=2709184894833235&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.p4r2luhaezh3&fsb=1&dtd=335
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.252.26 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-252-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
max-age=3600
date
Sat, 10 Sep 2022 08:23:14 GMT
server
Apache
strict-transport-security
max-age=86400 ; includeSubDomains
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=21600
content-length
35
expires
Sat, 10 Sep 2022 14:23:14 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame D85B 		1 KB
752 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662798192126&bpp=11&bdt=234&idt=319&shv=r20220907&mjsv=m202209060101&ptt=5&saldr=sa&correlator=1094902774847&frm=8&ife=1&pv=2&ga_vid=245469315.1662798192&ga_sid=1662798192&ga_hid=1104964764&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31069437%2C44772916%2C44769661&oid=2&pvsid=2709184894833235&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.p4r2luhaezh3&fsb=1&dtd=335
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
8482
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 10 Sep 2022 06:01:52 GMT
etag
48472445140208031
expires
Sun, 11 Sep 2022 06:01:52 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame C5A6 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_fy2021.js?bust=31069448
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 08:23:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 10 Sep 2022 08:23:14 GMT
truncated
/ Frame C174 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
966f693f1a992ad027a6d62beea20d748e546d6bf7f5f87d3f4dc8763eb0cf73

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 11B3 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209060101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 08:23:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 10 Sep 2022 08:23:15 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A27C 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BKAL6cUkcY9u4LtSCssUPwdSGkAYAAAAAOAHgBAI&bg=!jI-lj8vNAAZTikH4c4o7ACkAdvg8WlV82stppYIqlfGygQufxX9UoU4a6nlydEV8UtqrGxtpVR8wWwIAAABJUgAAAAFoAQcKALNILlGZSHK5KxpfcoUO2cz0H5R6tUnaOt_AW5ljHoDuRZ5X6tXNtfDnZwJTd2uyukcEd5BRCDPsn-tb1jdkFAFESZBbyzV4gAx38eEwNnaVV0rlrHyOluuqkBBK4KZ6PCfP7O0HURN-CGvXIXveUHxKQ_xbmP4v0ae8qiUFjZCbSd9TUxh3XkJA2XZAIrvZPrchUR6I6ouCbbLRHVvB9Q4gER9__cjKN8qDoEctSXqGvQANe5kC2l3T71CHt4xEI4meoqixClhospv13eFqjF_tDQY7YlNPHs28R-r23oO35fG_FH_WdlrQS3uFGysXsjaH-VRcEP7S638qJmTqdmTo9qMsSG4ucMuTe_JYCzTlR2TmeD26ok3BogwZcY6yxuvsaTbipqATfBfcNhc9KoOujM9ehlyMS7xwpI8hGrAQzLgb7oE7HvN_FnLJyi_xBpwf4Px-ENW6qOq_r_HBeypagEiG0bLbrgZQ87vFsdyDPtVwYDK8o5jjKZ6jMml-9N3YrKKNBo8qcCOQDJ0qo9-kpHEEq5AJV6bVpFRL3IshugPt0GcQCnzzQ-YmIfHzfynlJv02DLhwlBb0t9p-Gi5VvUOQNddpvmuuAKJa4GuxdmtNHe51xLLt86cgYkUu4npZcYuXi3tKe7HE64hSIDxgIhOo2HHhwcI3bFxpcd05K-TK9RZIkITYEcHpBctHiF_Tg1hNAjG2QrSoHwpE_FoE1uXvtg1q7b7kRkF_1DG6RAfCYXGZ_FL6zHppjr4AMaQTHhhJfRBvpkP5nQ825PP02wPUZP_6xYJ-1h-oGCCDqYeNjaqRJdo3SkcYQQU6zqVmPC47RMTkki1vunjU24I1xwXTYVPmbDaAsFSps1vj6zkbDWPv2z99aswPw6GnN-WmQWA-lGebYQ41OHMojGsQ22cN-97BVicZaLPYbq9VoPuJKjRpoeAqiCGHP-nsJDOw_4gl_qYBV4t6i0rPjJx8Sb567oAmjHYgHNiYXaLVVX4nKt_egOZNgjldRr26kEXfj7rubfrsIGAfZQlpUgsy_d4GF7KhgwyiHnD8wE18Sbey_iu0slsp3DGx1Gc9rIundPrTNVD0X3JGeDV_UDvPWxzUsDayVHcEIAEs8lk7SXJ7i7YwSKpRhjGA_QFJDJkLJWT0GDVgNj5y4EFzDOl3s_QOLZV8pLfqnG0nnwElJtKNQPD_ZZ1snVkiTKAPjC4
Requested by
Host: a011a39eb7575a461d98b9823b03d532.safeframe.googlesyndication.com
URL: https://a011a39eb7575a461d98b9823b03d532.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Sep 2022 08:23:15 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 14F2 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209060101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 08:23:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 10 Sep 2022 08:23:15 GMT
pixel
cm.g.doubleclick.net/ Frame D85B
Redirect Chain
  • https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESENETH25h2DhkZi63D6jfZi4&google_cver=1&google_push=AehlK4CogT3W81XVaefbcQBuhkeAsOixhyojvY-3G6H354JLJby5EWw...
  • https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=14bf5e0e91c8200e&is_secure=true&networkId=14000&version=1&google_gid=CAESENETH25h2DhkZi63D6jfZi4&google_cver=1&google_push=AehlK4CogT3W...
  • https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAJr3ZvqwTUdgMwxNv8AAAAAAA&expiration=1662884596&google_cver=1&is_secure=true&google_gid=CAESENETH25h2DhkZi63D6jfZ...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAJr3ZvqwTUdgMwxNv8AAAAAAA&expiration=1662884596&google_cver=1&is_secure=true&google_gid=CAESENETH25h2DhkZi63D6jfZi4&google_push=AehlK4CogT3W81XVaefbcQBuhkeAsOixhyojvY-3G6H354JLJby5EWwVJ7-00egktfWlJnEzvcMSSw7iozp7fF89BAPGXwTpwplz
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qi-mei-yin-le-jie-ling-hun-de-yin-hen-gan-shou-lang-man-le-pai-de-feng-pei-qing-gan.html
Protocol
H3
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Sep 2022 08:23:16 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 10 Sep 2022 08:23:16 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAJr3ZvqwTUdgMwxNv8AAAAAAA&expiration=1662884596&google_cver=1&is_secure=true&google_gid=CAESENETH25h2DhkZi63D6jfZi4&google_push=AehlK4CogT3W81XVaefbcQBuhkeAsOixhyojvY-3G6H354JLJby5EWwVJ7-00egktfWlJnEzvcMSSw7iozp7fF89BAPGXwTpwplz
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
cm
a.rfihub.com/ Frame D85B
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=445&google_gid=CAESEBN2VNwGTJWaEArLKStXZCo&google_cver=1&google_push=AehlK4ArzHKG9na78lOER8FURx7LPjZYFJfe4DJQ1sQK5iEzEbFczgEN_kDXqvGPTuuIchBWye0ZICZI-vaM_6pftIdRe8Q...
  • https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AehlK4ArzHKG9na78lOER8FURx7LPjZYFJfe4DJQ1sQK5iEzEbFczgEN_kDXqvGPTuuIchBWye0ZICZI-vaM_6pftIdRe8QE1J8&google_hm=MTk4NTEzMzU4...
  • https://a.rfihub.com/cm?pub=445&google_error=5
0
0
pixel
cm.g.doubleclick.net/ Frame D85B
Redirect Chain
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=glrdr&google_gid=CAESEMviwuqi3O1PF8mW70fFsRI&google_cver=1&google_push=AehlK4CnLrwl5z_L6DiX9PYplBViFhJRQjcbYPLvdanFKmvSE-84xufzUh_QZg1hoJ_rrUKx3pV...
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=glrdr&google_gid=CAESEMviwuqi3O1PF8mW70fFsRI&google_cver=1&google_push=AehlK4CnLrwl5z_L6DiX9PYplBViFhJRQjcbYPLvdanFKmvSE-84xufzUh_QZg1hoJ_rrUKx3pV...
  • https://cm.g.doubleclick.net/pixel?google_nid=lucid1&google_push&google_hm=24edYhF9RCe77VoeK5U6Dg
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=lucid1&google_push&google_hm=24edYhF9RCe77VoeK5U6Dg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qi-mei-yin-le-jie-ling-hun-de-yin-hen-gan-shou-lang-man-le-pai-de-feng-pei-qing-gan.html
Protocol
H3
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Sep 2022 08:23:16 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=lucid1&google_push&google_hm=24edYhF9RCe77VoeK5U6Dg
pragma
no-cache
date
Sat, 10 Sep 2022 08:23:16 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
x-xss-protection
1; mode=block
expires
0
adx_sync
ad.audience73.com/ Frame D85B 		0
0
pixel
cm.g.doubleclick.net/ Frame D85B
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEJVtGUqlYN3Ga8DScwhYrVY&google_cver=1&google_push=AehlK4AQdD1h52LSS8Zzd-V_0mh8W6nYN2dB-EvtQkAFM9VYH2ieTEZ_9Sykl0JpPKblAqdjrnZjIHtgygsUi0h0XBZ1a4qM5oDm
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=0&gdpr_consent=&us_privacy=&sync=1&google_push=AehlK4AQdD1h52LSS8Zzd-V_0mh8W6nYN2dB-EvtQkAFM9VYH2ieTEZ_9Sykl0JpPKblAqdjrnZjIHtgygsUi0h0XBZ1a4qM5oD...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzE3MTIzNTQ0MDc2Nzc2MjY5NzUzNw%3D%3D&google_push=AehlK4AQdD1h52LSS8Zzd-V_0mh8W6nYN2dB-EvtQkAFM9VYH2ieTEZ_...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzE3MTIzNTQ0MDc2Nzc2MjY5NzUzNw%3D%3D&google_push=AehlK4AQdD1h52LSS8Zzd-V_0mh8W6nYN2dB-EvtQkAFM9VYH2ieTEZ_9Sykl0JpPKblAqdjrnZjIHtgygsUi0h0XBZ1a4qM5oDm
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662798192126&bpp=11&bdt=234&idt=319&shv=r20220907&mjsv=m202209060101&ptt=5&saldr=sa&correlator=1094902774847&frm=8&ife=1&pv=2&ga_vid=245469315.1662798192&ga_sid=1662798192&ga_hid=1104964764&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31069437%2C44772916%2C44769661&oid=2&pvsid=2709184894833235&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.p4r2luhaezh3&fsb=1&dtd=335
Protocol
H3
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Sep 2022 08:23:15 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzE3MTIzNTQ0MDc2Nzc2MjY5NzUzNw%3D%3D&google_push=AehlK4AQdD1h52LSS8Zzd-V_0mh8W6nYN2dB-EvtQkAFM9VYH2ieTEZ_9Sykl0JpPKblAqdjrnZjIHtgygsUi0h0XBZ1a4qM5oDm
date
Sat, 10 Sep 2022 08:23:15 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pixel
cm.g.doubleclick.net/ Frame D85B
Redirect Chain
  • https://rtb2-useast.e-volution.ai/sync?exchange=193&google_gid=CAESEK2PEAoroPoTXA3XaBEKx-k&google_cver=1&google_push=AehlK4C7RIF3qRZJ2eWgR7VOcQOGji91ekLwji0PpdtcZGipKmKUE8TCvffXguuP4SfaW3h9aiEipPpy...
  • https://dsp.adkernel.com/adkuid?r=https%3A%2F%2Frtb2-useast.e-volution.ai%2Fsync%3Fexchange%3D193%26google_gid%3DCAESEK2PEAoroPoTXA3XaBEKx-k%26google_cver%3D1%26google_push%3DAehlK4C7RIF3qRZJ2eWgR7...
  • https://rtb2-useast.e-volution.ai/sync?adkuid=A8502867332550102472&exchange=193&google_gid=CAESEK2PEAoroPoTXA3XaBEKx-k&google_cver=1&google_push=AehlK4C7RIF3qRZJ2eWgR7VOcQOGji91ekLwji0PpdtcZGipKmKU...
  • https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTg1MDI4NjczMzI1NTAxMDI0NzI&google_push=AehlK4C7RIF3qRZJ2eWgR7VOcQOGji91ekLwji0PpdtcZGipKmKUE8TCvffXguuP4SfaW3h9aiEipPp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTg1MDI4NjczMzI1NTAxMDI0NzI&google_push=AehlK4C7RIF3qRZJ2eWgR7VOcQOGji91ekLwji0PpdtcZGipKmKUE8TCvffXguuP4SfaW3h9aiEipPpy1iUNXnD6OGTIU4VSbvaJ9Q
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qi-mei-yin-le-jie-ling-hun-de-yin-hen-gan-shou-lang-man-le-pai-de-feng-pei-qing-gan.html
Protocol
H3
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Sep 2022 08:23:16 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTg1MDI4NjczMzI1NTAxMDI0NzI&google_push=AehlK4C7RIF3qRZJ2eWgR7VOcQOGji91ekLwji0PpdtcZGipKmKUE8TCvffXguuP4SfaW3h9aiEipPpy1iUNXnD6OGTIU4VSbvaJ9Q
Date
Sat, 10 Sep 2022 08:23:16 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame D85B
Redirect Chain
  • https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=google&pixel_match=y&google_gid=CAESEJC7LKCS-VKg-y73wGiIM0Y&google_cver=1&google_push=AehlK4D2xpmt7Wgewuiv6tRbhKsxXCGIS2JkE-CoR1qcdg8rLm-9pUva376220nJ...
  • https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=google&pixel_match=y&google_gid=CAESEJC7LKCS-VKg-y73wGiIM0Y&google_cver=1&google_push=AehlK4D2xpmt7Wgewuiv6tRbhKsxXCGIS2JkE-CoR1qcdg8rLm-9pUva376220nJ...
  • https://cm.g.doubleclick.net/pixel?google_nid=admatrix_dsp&google_push=AehlK4D2xpmt7Wgewuiv6tRbhKsxXCGIS2JkE-CoR1qcdg8rLm-9pUva376220nJA_0RL86Q1qwzPUZ8gNNTVtlTi8_kDK7srCb-LA&google_hm=MTk1OEc1aXhBZ...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=admatrix_dsp&google_push=AehlK4D2xpmt7Wgewuiv6tRbhKsxXCGIS2JkE-CoR1qcdg8rLm-9pUva376220nJA_0RL86Q1qwzPUZ8gNNTVtlTi8_kDK7srCb-LA&google_hm=MTk1OEc1aXhBZ2k=&suid-set=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qi-mei-yin-le-jie-ling-hun-de-yin-hen-gan-shou-lang-man-le-pai-de-feng-pei-qing-gan.html
Protocol
H3
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Sep 2022 08:23:16 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 10 Sep 2022 08:23:16 GMT
Server
nginx
Location
https://cm.g.doubleclick.net/pixel?google_nid=admatrix_dsp&google_push=AehlK4D2xpmt7Wgewuiv6tRbhKsxXCGIS2JkE-CoR1qcdg8rLm-9pUva376220nJA_0RL86Q1qwzPUZ8gNNTVtlTi8_kDK7srCb-LA&google_hm=MTk1OEc1aXhBZ2k=&suid-set=1
Cache-Control
no-store,no-cache
Connection
close
Content-Length
0
expires
-1
attr
cm.g.doubleclick.net/pixel/ Frame D85B 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IB0dw9VuYcLkRB3thfvRhMWAF2W1KSx-7NVabCEFxFgaC3834pIbkyyDNiJuVikRCx6BQJ-Kw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662798192126&bpp=11&bdt=234&idt=319&shv=r20220907&mjsv=m202209060101&ptt=5&saldr=sa&correlator=1094902774847&frm=8&ife=1&pv=2&ga_vid=245469315.1662798192&ga_sid=1662798192&ga_hid=1104964764&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31069437%2C44772916%2C44769661&oid=2&pvsid=2709184894833235&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.p4r2luhaezh3&fsb=1&dtd=335
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 08:23:15 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3BF2 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
7286
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 10 Sep 2022 06:21:49 GMT
expires
Sun, 10 Sep 2023 06:21:49 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame FCAD 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f104.1e100.net
Software
GSE /
Resource Hash
8b1a19fda49ce5473414582c9bfae638ea11f01ff0bece4d18145af4c7906931
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-sXn2oPG-Pj14d9oDJTcBAA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-sXn2oPG-Pj14d9oDJTcBAA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 10 Sep 2022 08:23:15 GMT
expires
Sat, 10 Sep 2022 08:23:15 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
view
googleads4.g.doubleclick.net/pcs/ Frame ED5D 		0
63 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstfswapFYuvFfLjMk9IBndh15vu_wb1n_FvUanBJR-tNBjUS13DaMMdbPYb7gnbJRmBCdLPNhOwC-wdE3Nm2KGeq2F6QL1NCiJXK3YzA6jwJrNGKixrSjhd4FMdjjLjUD7LKn_WmqeBUvZqjCrphRWa-1okTAqhCNZGDeGJeWMXixe7X9TZy0XXRCjcP7rOoLk3fZ6e7uvazfvS4XaOMwBrFvpp_r2NLEGutqNZHFd5ka3AWHtmK-jCmo3xsqJum-yYfPpPNenIMhkO9wZAHsOp2WA_xWYy8t7-cfAVulGC2xbnei2IFkdlR0stKxoH56YIC71J71HJcSCHt9I9ZuqcvWHjT_H2ZIg_d009ujCOUi-v2j-nzIGUnGZ7ozpuALTmGq142y642Ubuo3JJ5rY9t2a7epBnleCMI9rhpi30tUD_zrUAO0Pcu6Yj3iukK6IOnkeYWhdhaEwfb0Bvakch62NmEpahqKIKdGEk71R_PTmsc4cECRIDsv8o27ez6QoqtDKVibs6l9I-xGM0rr6HUXIjKsepGmouZTLFceip2-NihupslqdiD-a_BIKSPJkVepgZ9TkWfMtUwm3KolpwSHpstdI1FYz_vZAZ7TBXYmRtAY3GUXOuLg8ad5GrODgugEEjY6God54GWX_fAoHyvIzsurkQkG1RRBmshll2grSUt_YE4i0I9OzVUTW2Dnu_JRioYZadV7QKM3mmXCFo8Shmt95twSzkkW3mN1CrE_xGcI4FvmOK6qaCx_1pCCeTXsUIpWaACDiSbYEdaR7l93VOtKUqR9ArN6XzL-gNA_XrikgyGD3xvjeecZbh9ILBlZrg3nus0XgDYInxKJpPJeGgD1ClPhQ1BC0WsjjN7QxaE4viYYEgGUjujQ40DxeYkmyibzN4B3ZF-RE3fymd3YdqychuJZ8F_yMOQVV65Hh4BJs2Dgije4hJi9JrHvrvidD5JRROR61MmOYpoD_FB2X6JAjSQsbQrGirIq-nciynI2V19SES-UXbySGgvP-uEbd46csGX2FpkE5mdZ6i6d19rL37Flxsea0_wd8JeQAlbE66vWtrwvwDJxUroYb3wteRvSJ7lkSlqXHwi1B8LPwsxcLwdxlk6SknTq2pm9-3pHY7K-dA-w1yHReXholDGNIYVsY7RWjzPxRYmjxnlFaKOmfuOvPFCFA3pUG_l7xV10JPKmLjCzdHv3U0IUze_zH7_w&sai=AMfl-YSEP_T6iAlX1N8ymUBBAOHoU48-V9CeTBADx8gVguAyaW67_A0TB386As-ahkBadsV1yIOXn4ATU820I0qraACFYFOmGJ-q1FEoUTZHO1AvrRKBudk7QlGeYJ-y9MTiT2HPk9an3BpPb7FRLPMRJ_Y1ZhT7XxDItGbUHTaUFdTDi8v8DXQ3TFsNZAnhyjFb9dG_jYT_JNvDUuyyNdMXmHi52Dk&sig=Cg0ArKJSzKLHKVycZw0eEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1006&vt=11&dtpt=1005&dett=2&cstd=0&cisv=r20220907.18257&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A8evtrw_ERKHddzZOLN7vJ3Nd3pdVpHM2fyS0D8-RzrnB24-DcdaixrtvxzGCHSEmLPyxoZiQhCBZxDFp6XY0nXsEFjQ&cry=1&dbm_d=AKAmf-DWG7wfscyRYEDLKjNV7A3u0IExRijEgpo92zX0xNKJdKYcKtpDWkUTTc--oqu3ul5HKES9REbpJBEARjrsOLOB9V8vm6i8i4I6oiCLAN2L4uoG6_t8JPQxYj8Je95jeqmarqZDQtM7XCvj0EnmAQnjLQvi8oxDMjZ8EUI1Ts7E3qVL8wpT77ENBhk6SbUStzhoHU8hi_GyDpp9_CIoApXJhW10KCns7WGhsUcCdGS3hZLVr0yrXOoRE9OOseXoNIw4bmSB0Vss-aex1gbHBcpCL0vGNLvZKzGm5Oxm7w1jD_-gURoji8CBxMHnl7ZQSH3C-8dbsABlEGDKPXQisBt6aXeMrPSO72Zqs1MXcP1KFZ8v6ENF446KD3AijZdcCXFDEp3dxuDAB5AvQOLutr01N7Z_PqXWI1OcKk6bV5o4v3QoQZWnDADhB6BkMuFy6gbd1ZUJyMHbsvv3yomSUskFKgNmagIvUOJJxlBqck8rIhtKcBMWn8GHB0C3TD6QmL4S5iwCVaBOuymhIz_rDgw4EaFtiDr2AWWq9h5yLdGqf-pkusJ5et-cboneBLJ4EYHuoYuBqTYGCCrLDITC7PHiyVNW9gkYnpxbdQNhZpjvL998CWKhGvLzG2739jbJPWiKgC5pS0zuPuJpxvVbZnEdSFpP3wucIajRneNj0CuH67ySxrRyKyfYSFo11JyzAnsz52l6illa9nIFop_bSvkrMwmSTwFrJOXapvRMmDbx6McIdyj22kX-HTV8jfoCGvKSkzqS2vYjQw4I7T1JHbTmNAuskjLTJ3wIe_A_XehlZ9OSPhpc_DjlgvFxumSnfWrwjcHEG57jn_-985m5KM4FqcwvLfMDf4rmvcrPtpz0hRLQV_VA9B_joF4L_gJs6WqR_bc6hOGFPRd_2ajzeng2VlG07DaS-ypSQfRNFVdcdifwRKJL0VWJk56tQLYpKijSQK4hiUUMWleo44_P3e2VbgeEHrx41i4kSp_okZ3dZ1gS82iYH5LwE58gzj-ZIyL1hI7MPbhiHakuOYwKcFhz4ZD8kiYiXsJWXMeO2fgXrm8nv-DHKZOdLiCose8qYOyqq3K1AqFtQWFsBay0gxK6C-NhhT77Rc-P_88-8mb2ZWJgi8ZG-TZ1Uu1cfXAx07l8L2fsgJG40s8Q2YwWbFMByXmO44CcxrhYcxOD-qmoW8KRR-d_vobGH4-lLUHq3ln41kj_9FXxDpALkbufNv85SmtofLAdypPSRfwaEaWDN8ghIkQYPRUzPy2JMqsF6Ey775mwjFpKn1PAaSKMuo4c0hMdvKj-C5Pe7ArMh0eQ8eAJdPnXntwh0JeO9nu4lIXP6y7Kfrsu4FpnEHBM_3zjf0a-DhSajxOS5muKu3Y1Jl16S0L5XmVAbVTQAvYt2aKAS8q53y3_Cd1Z7RjIFaVxKMGVLo9lgxG7ogTNhMDcwpkiSsEpyFnCNK5nCNpMo6UWCKrm95i6mYb3QB_if0GsGUQ71UJ6S3k4ZqEn28IWRlpxGTeNCkwruiRc_vsHgqF5TnvyuWPKSE3P6dsQzfMTQh2_0i2nXXKPegOthy96_M5biQvkSm1B7cvwtYFF2o4sk1Ie1ENclzXGexlvLHsRtILLwvds1Ck97qpANyqUofMlI2K2735l30Yggkzh8_ELhl77HXg8ZDlQjkGsRPrNnBUYg11zl8iK2IExVIitjrSDbUulFWNMJOZ658M9Z-vvYi1D10yg83Hc5-53LNMJVljX4yrhym2VbqgmBAOJcFAJ-xKdtgVCqlYyKodRzpCV39VUprkjbQBcWP-5KX2NY-hCZsX9NYgIJ1U8JCURcB3Z5l-r4T9BvMm0eqUn-onMmeOvYiq-fsWGJUEKXZ8dkpAh5FD-gWTa57Poqd0mG0UwQcZ-PlQQhPb0Kv0alqQJ0lBoTviIlHthY6Ygiwi5bP-1SlTbE701hGzFyVnWIp03U1D6TDuSuSLRiPBb0LgMnKUBzJxDhVWc50noHD5_V3rd5coTdtH6J9qbDGDiGYSMeLyXf8CH-O2GYcTwxlg0q_nLBEn-YuLkuNQLWQx0hIk-7HVcXPL-agI5SyBB8gc21BAGHNi7Dz7HmGXLdvwiDy8paY_RJ59i3_z-6jv6qfvAe6-ifEzHef9vraviZrzsAcPh75QcBCd6nWjH6NpU-Ds3YaD2Et5Vi4C1KwnRLsaX8OxiCdp6G615IJc5DilmS2Ixrf4Hp1QNdfsHH-oTWybP8uUnLOEgxVjUHUaGbIwSz8fB2vGCiBoZJHpFz2xHde8K65hzdoge-lYZgs416WGQ6WLjRCZlNSM9e8-psbAac1GrekxM6UBBjzG3X5JjAPkP6z8I9BnweL47rC_K0NfcuXBDARRyki2HHqsHY3-raMEjUTKPz6rRzpLbD8ZisbuO5lmcikXS73E5WtGqOErd3l6Ce8Pc1l3wxkY0cMG9T-LMMJ6KxtdbUa9rArIEi_pbQFni1mZ69yN8eU4MB1sx0ZDhfutUjq5cYisR84KB3QhAR-dF4Xjkt8qt0O9XT1ODTrtVvJmfJ--K9bGsKcl8pCCGjWTcvSLE0LZAQzjUc_Nf2lwbtr9l1NxcfRLMPfNDcRCvENR9DL0pjGfM_Q1ro26wc0uS0cJiRfe4wDNoz3mAy-rrRB3w7CkHZ4FUiHbylKIH4YyEbPQir2sDlSuws_UjnOA_UWxP9kHsbNJuDFFc6upfgzBeX7tStzSPndecwqkiO7Ayce58mW3sK51sv95JhHxPfYKlzYXs4p8raVGWRo8nNd_46YUIYPibAy0x6alDH-I42cArz8y-VX3z2GmPXEZAjsBFs3piGRXEgj6NbITqNn3cibDdwES5yrIRrgkGzRMXvVmGc_aiSia4CevUfDwm1wVyAju2Dn1gzzV_rSBS9m6nMcdxVtRGIARJF6ZSu2H6l31vDwdd9--7FfSPzV1zrakH0654MY9tZ09XChO16DU1T_oGeTX-wMwWv-ReJPVmAZZVeYWqpqswgF4jhch0i-2qATAoYDFXO55oTetrGnPrRL_6lZGgGnnoHtAnu2mPdvOxT8Eq8huI1MbACUW2PHRdehOa0UhNM1r9aMzm51HXlBBqEKe_DwLq2GZJ5yEMVnlrtkkR92wlmJaqfCHH3piDgnIpV-1_JxaV3Yy6abyhEClSdgawkQcoO8_lBp-B-ilKDldHWPMeyqvSeJxB6UdHMgPn39eACluM-VeNMSTFy6nGFb1FDn5Gye8U6E19ZQr-vCEWS27q_Ime_pEppGmMlLZQjKeS_0w-pcX2Ff776a4M8ivkpWgyBuvmYFgVnA3GlS7GCcjiAAe0reNgO7dhJT8JS8EtsuQirAoKdnutUrbQRjBDdUKf6ox2duuDhirSgTZn9rMz&cid=CAASJeRorQtp0SavqwEd3dNv5srfJDv8ddVEbRW-uXXqi7u2AhdpgEU&rfl=1%2Chttps%253A%252F%252Fwww.bg3.co%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://a011a39eb7575a461d98b9823b03d532.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 10 Sep 2022 08:23:15 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame EE7A 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
7286
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 10 Sep 2022 06:21:49 GMT
expires
Sun, 10 Sep 2023 06:21:49 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 1C66 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f104.1e100.net
Software
GSE /
Resource Hash
564092551ff10a5e98e0afc31a9a0018e20a82a960d3dbeac96c10d8512af911
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-LM6MZv5PN7qiI1hRSyAhIg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-LM6MZv5PN7qiI1hRSyAhIg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 10 Sep 2022 08:23:15 GMT
expires
Sat, 10 Sep 2022 08:23:15 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame DB2E 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
7286
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 10 Sep 2022 06:21:49 GMT
expires
Sun, 10 Sep 2023 06:21:49 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 9F00 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f104.1e100.net
Software
GSE /
Resource Hash
50d836b66e850274c34e6ad7c79e99b0ae0c5f42ff380b4666c852beb3dd288e
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-E-eH1Mpg_6_-iMMZEYfA9Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-E-eH1Mpg_6_-iMMZEYfA9Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 10 Sep 2022 08:23:15 GMT
expires
Sat, 10 Sep 2022 08:23:15 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
cksync
cs.media.net/ Frame 69BE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?cs=6&google_nid=media&google_cm=1&google_hm=MzA1Nzk5Nzk0NjgzNTc4NzAwMFYxMA%3D%3D&google_sc=1
  • https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEEwdar_oTK9jRxi2537-j5s&google_cver=1
45 B
445 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEEwdar_oTK9jRxi2537-j5s&google_cver=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CU3SX34C&prvid=99%2C77%2C20000%2C2033%2C262%2C241%2C3018%2C246%2C4%2C313%2C359%2C10000%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.36.252.26 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-252-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Sep 2022 08:23:15 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Sat, 10 Sep 2022 08:23:15 GMT

Redirect headers

pragma
no-cache
date
Sat, 10 Sep 2022 08:23:15 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEEwdar_oTK9jRxi2537-j5s&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync
cs.media.net/ Frame 69BE
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=9e4e4e56-cdb2-438a-ae55-90584569c230
45 B
450 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=9e4e4e56-cdb2-438a-ae55-90584569c230
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CU3SX34C&prvid=99%2C77%2C20000%2C2033%2C262%2C241%2C3018%2C246%2C4%2C313%2C359%2C10000%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.36.252.26 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-252-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Sep 2022 08:23:15 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Sat, 10 Sep 2022 08:23:15 GMT

Redirect headers

pragma
no-cache
date
Sat, 10 Sep 2022 08:23:15 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=9e4e4e56-cdb2-438a-ae55-90584569c230
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
199
view
googleads4.g.doubleclick.net/pcs/ Frame FAAE 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstdsG-PadEA0_aW9p-uAPaADxoIvCgRsF8kKrMdnuqrWj7ds4F7Qz6sl_ThJq4ax4Er8r6PI9JnRpsDGiiZbxE9f4M8xbOz9c3jGXP_kA5qhwB13ORMELwX65bqpaZD4Z7CTLJI_ujYd77SBOaS89BKo80HkuWFMPbcwyH4qPfJT6opwKDvsPNt0W7K6Gp1xqZ_JG7wYBDteGMuIF6Pgn_1zKSesfy1UXpysJmEsYU16afCSuwFGhTUg_P9fPvN6v22I56lkR6MMz5_sKPGSZarmb1M0MbNJho-UdOS7p0yIjPUGdD0PD2-21K7__8Nat1zuxI3JaGkyFOq7ZKlYwkXID4r8ddYgvUpG1xbuBsWGCCgD7I-yVJCZ4vMK39x2gqWUF3_6AtE-4rQX3AFuh6dqYui-sKxvvJJHJGeCJTss_r0Le8rLuc9M0yq8FgQ3QEHspkcGbIcjTJDSVfNhbRvdY80rAe3zDUq3fTSNG8P8nj65HqKUaeCJ1FMc-4cX6Ccnf2pu74hncfq1e9baQc7GCFvtAXPWGL1O36jtfoqRa0o_9T324r88n645zCua4CSXM_Nme4uXktnxYr686Zmp8f5_UZIYG3hM9nB6CPUGJP_IJe8OMVR-SOzhFaMPJ5Q_DWc-fx4_q9oJJhxbZdU0_z7gY1PddsRkG0d7b-J47fnudX2QXAw5CV8dOWaG735wBBWtVYWHiJuB9BhjMgJ2_RgSw7vcwzNHbby1L08liGDio2tjBfOYlbjiztS7OZco0sOlI0BstK5VCEeZHAthVfPTgYDzVqjo6Fao9ywIUYb0ITYnc-PH1AZeKwE4d5MuHb36p7eOAVQlKQYtBmRfOK4edtaVQ2hKBNnR_Lgxg3eGfC5Lz_QneWI3uHnllJY4ZF6APSaZl5MX_YOu-wkL3CVuaZqScids5_WPMomvYpVOQmpYHsR15Snc-O36X1MpxMGLjwZ6jn4xlomVu2Nl-A2opn47aYSExxQaUjv8O84sPy-sipd_pvorAspqwowPB_OENKvQGFOmP2PVzOg93IrovauC1rGHu3y1-TI0Tws2ZD8-uQOvJzVctK0jMvU_aUrGeSaZU576c0FMJ9QtZu9dq711WBFtFL4e_ImCuMUpBhcxgi5JfJAruU8k1yRH6yI1NNqKaj_Oo1OPAu5KFa4ASJcbf3fBKvwsJoEXGjVIC62YTHI9732qeIuEySrEw&sai=AMfl-YTNQFYuCYUUmBIZsEGh1ixcw6nyRKnmE-NcaYsoQ4zLVd_rjKbTd6c8ukdPw9JTKfY7KT7U-iXFqd-DFp_52F_XaXDRUUL03hUzSV5LjdRtAtLU1MojzxmTMlMlYnaZlm0MgRXARsw_8QzwtVUIRGNxEu1yJiKBuTIRpRfLiw9Fuo7WojQFEpcDbvhK-OQ7glqu5rNeQX_IQjMyEwF20-Y160s&sig=Cg0ArKJSzKmBGY0oWwSZEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1262&vt=11&dtpt=1260&dett=2&cstd=1&cisv=r20220907.93771&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BAGeRltZCQ2h2o8WjYQBwwjlAnUdjCsn_qAZL9YXSZtyN82Xt-qJ9wX2HqzH2zjBnmBsi9wqL9RRGxXy5PeQnM4gf63A&cry=1&dbm_d=AKAmf-Bqey4ufO7ozakeoaYnLAmGmHM4yrmro_bkvPNZGtdVXyJoyR9wDFvr6DdA8Q60IUj5vAzmD4CVbfXV0Z7wOr8KVXVvMagmnLNM2mSu141icQHvpLnVSta59VBnm2UHd0kDuiavBZSNaE6g1xPrJPAtbVz4D_tTemZ9K5uBH29COPf94CAhVcMv8o8Z6LRm4KTjsVC3KZrlKNMasu_tZyA1lsw9-vF3_AO-JJQPXRTl4om6jYxgrCFDMbrpgz9-LkrWYo01fEIr1bFB1P4Jx2YhZSU9OXyxbGOYFrsVrNv_2l4DV_N-BDIYtJZvU2wEvpamDE0a9D9jrVIMuYqIoLBXLxE4nUB6epqcylMuVkOx3yii1rbyUA5Hy5xofpggQpaYU2Ls_655peg36PZh0rml3_ZxlTep7hCH2zMs1vaToeNiKxOAan_kmgfkrrvl02AvYcxdgrs6K_Zdaml-4BO6kb8h7ShZrzETIn5Sl_sMXjJsHLYi4AMmTip5-SZE72T4EVkgDLaaHd-H1_1jCb7F_4VPDGMtc5oh4Wk9x9mOXHpi7paeyxQHLxc1e-ramR1vYAH9pwk0wsCc3QgJ1ggl49dEuy3h5kNm_wsOjcQb0wJMNXAZTBlk-0bW4rUFk6_5114QFoDu3bGj_xG4ykJ9zqhN-HlC7ekOYV1O8XwuN9OMeJMa5_xhlCElQX0ORyJMYd5k80ZCOO8ysm8-cGf3q4Mbo0Xz_O3teL0dvHrA9LU6DyqaDjijP-0hd0rOJ_aVtYuNJmTxsFfGT-7NbH9HJ0RV3Q8dNftVyarEBCeoehG_a9XE2yhB7JeG5EQner9GdUGPH7_kBA_Yrb13MU9BbjDT1M_tMbhAOEy9KnPqO1TL9i5O0aGmOqlN7dj5Qk0AsvYqXvQLqeGVko6ZLj8lsjBd251k92dpYGrckyMnbayhafZ41KU-pdmGUcoIw5Vp8xEqGDfn3-Dq5nI3k4W8894TSNDJ4RKpPx_GTOBn92oi822dojGeQgMhYQ9lUjTfyMk795FXUycut4wmwgbAw1zrVqJoB5OGJmtt_raHFpfccXrmq7dTQOUA3_cHADUHPDrMf0oSZul2qhTjAQHU56vD3Fi2Q9pe8WVHkLeBSfDwM7zq_QPwg3dgyUEsjHUcgUAq04vm0P4pyJtv5pjICwGRFs7jl_tiX1hPX_RnZNqIsEOjrADWwaCc_HlgLKh3BzPqOHzjJZibEF7cN0jiXp0LfWrTmRgpP9Oq98h9o5pFHV1QOJxnJ3HNmEbrvgPsT71ozqpxWrtYatRJnbFgeil41CnhZTgHJxe1QOUqd0wW5tVPSz7UyZH-U4C-FkXNOZiOC6LY2H9T7i_FOlrtyWQb3vbnGA_g6rEmGXZxK47G1xM_4CnJEq86WOioeUhjqRXDAVy2pIGfVKXQzBsYH6Ajvrh7hUw_ASK_HfB9nqQHXeUeuE9N2YpAtVrVA4zB5jRdzK3nNK2faFtj79vltcOkLYNmnesqZNSXq3uZg6hlfPZZXVlY39EA60cmD8AD5_Syk0EZP4M7fJdGJKT8iKxkK7u4SMsLfT0-HthZSFhDl3xR_eRF3jNb_fUKC9eFA-Mf0C38QNRZTJMv_NEVADDwEcFKO8VrNd7tz9TVwrA9gQSRYiGYQGb6bo84K3hkHrdnAeYBWsADvHIFyD047lJEdRZQYl0iLGx92NF86YDIaCjse3vVFMqAoDDRCnZKub-MyiI_a8nRcueebHBZBPy71t6RZc3Z7cemDLUVljvTWOUamgAoOec6kDtl7Bsbw0zqqdiBz-0U2i_Rj8cx4aPb7SbvT4qAFaZ-_sL9q5GPlIvRwopLHEvO5UjA6puE3N7-fnGq3a5UYKDk_3k3G8vwlsLRfra-Sz_iMzFXltIOIG7w2xWEROUk97sYLIn4tUfp4xVBGMy7wAcuCRpkjPIhKnlROjP5eFYDJ1RGZtWYbDS_zeYotwkGbFslug5eiNQXuDlIA0tWs992b9XEzT_VVoz5vtguvz6timtET4Gsaxd66SiMGmy5jxl31WDg34Gx1lnvJioi_hGtWX0be2n3esM885RNRlvylQD_66M8Nrl66XYfUDlxMwLab22jnfafTmc-zY-1RG6ChnxyeSt8pCw8CBWPeX5XlkD2rnslrlwB-5McTIFps5okw77EF1ajR9_FUVrRdB4pNE2j5OOb5nq-LtT-qOUgFKEPHfJojP3F4o31hNv9cx-amg_niGv5hfAEzjVChfO-3eoXI6EzVz4lY-28HTQLx5nw5TKSj6jFwJNYP37Qs9QTlAOJe5wGeMeUyWGZcrPKi1q8BOW2H3QNcfPJmtdoJf7QD9FJZeAKVAZ7cN0-C7rfUMnQ-cuIlhfJhhdvOdp_Rk6fCBs2fGk-y9eRN7ATudwYD5gu8kM3SFzisWDe5sV-baMVu376Z3FUoiQQxjWyg27zWRqnNYx2G242EG-bN1Wi3uLN3eLLUqQgrOMbB9xBFZTCG3Dj4LUj09A8c8MC01A9RNEhDHVyIYQ7QyYboxMTae5fHddHVBLyf9-G7tXXF_ntL-RBLiTd_UE0cv3fri6cA6S11m7y68vck6rK-MkguyA7v0WtW4ZVcgtfdi7CQ0_rmykOd-3NkrLnW-SM6ZPQnDlt4vEEeKIq-05GQjV5slQ0Tjk8ViiCcJwSlWfmdXQL4HFGiG-u7VT1vNi8cwJ-NhO3gFtOxNrT8KlRR124mtIxBH5OgrPmMDJiTEzc6dm-vfS9STB-w3EO4ocCIW5wvYSTO6MhtWLVC7mOl2jJ-cDDUH7NuHIGsGU_Hl479sswlEeQL76f8F-ZapwlKLjEmNjpQckdLhLr_vep9XJfQN88v_B4CeJqTJVYbtOXW9DPNhwT15V5hv_CYkM5SRtkXoW801gwCLa3LeyKcyXJKhoSEgY-R1P7R56HS8dqtHlGyFNDtBeoEWT-e8Naen_tXX1NVdH6JDFhjKxyIiDN3jMQdDMmqWeAU2W-ktKbZygHBeBoDk4OEm_eaApRf8g0exzEDKglmXFRLgXgDAh8RYRiMt0FqlS-W0dh0FW80T1w91E-0e86xh0Ejfh1q6PZKun8iZ7CpVhOfDIlvLCzYvzobR6LJwcIhfLVaUTbg5fwP5XTEoZBA65u2et3c0PIgjVnr2GcAUY6cnrWvx_8vFpIcGN4CgE4EYQoG4iwVRPPWG7CryXNxu4PMfwaaJCn2TAkA_a79h6JFYNzFv9c-9eRw1Bl-USnZ_Ni3BfYqCORPK86DiuHNtkUi7vLqp4VuvXle_1VyShE-SHaL-HfdLZAtIIajWp9E9Po6SVwipP_amPLv8dFh68SpaHakWvOpdz8PXNoTtmTL44bwznkj_6MiMQ&cid=CAASJeRomO8ARMmjsTJrHBJC2w45S5XjUvsgrtacucEWyJcgSWgv3O0&rfl=1%2Chttps%253A%252F%252Fwww.bg3.co%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://a011a39eb7575a461d98b9823b03d532.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 10 Sep 2022 08:23:15 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
sodar
pagead2.googlesyndication.com/pagead/ Frame FCAD 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220907&jk=1759535697485998&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qi-mei-yin-le-jie-ling-hun-de-yin-hen-gan-shou-lang-man-le-pai-de-feng-pei-qing-gan.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
JI0Pcydj_YJwFyiv8pAtPmsHnnPx6gDBxLt0n0XpIm8.js
pagead2.googlesyndication.com/bg/ Frame 3BF2 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/JI0Pcydj_YJwFyiv8pAtPmsHnnPx6gDBxLt0n0XpIm8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
sffe /
Resource Hash
248d0f732763fd82701728aff2902d3e6b079e73f1ea00c1c4bb749f45e9226f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 00:27:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
201318
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15957
x-xss-protection
0
last-modified
Mon, 29 Aug 2022 10:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 08 Sep 2023 00:27:57 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 1C66 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220907&jk=2407276506492534&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qi-mei-yin-le-jie-ling-hun-de-yin-hen-gan-shou-lang-man-le-pai-de-feng-pei-qing-gan.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
JI0Pcydj_YJwFyiv8pAtPmsHnnPx6gDBxLt0n0XpIm8.js
pagead2.googlesyndication.com/bg/ Frame EE7A 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/JI0Pcydj_YJwFyiv8pAtPmsHnnPx6gDBxLt0n0XpIm8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
sffe /
Resource Hash
248d0f732763fd82701728aff2902d3e6b079e73f1ea00c1c4bb749f45e9226f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 00:27:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
201318
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15957
x-xss-protection
0
last-modified
Mon, 29 Aug 2022 10:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 08 Sep 2023 00:27:57 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 9F00 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220907&jk=2270844468798228&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qi-mei-yin-le-jie-ling-hun-de-yin-hen-gan-shou-lang-man-le-pai-de-feng-pei-qing-gan.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
JI0Pcydj_YJwFyiv8pAtPmsHnnPx6gDBxLt0n0XpIm8.js
pagead2.googlesyndication.com/bg/ Frame DB2E 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/JI0Pcydj_YJwFyiv8pAtPmsHnnPx6gDBxLt0n0XpIm8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
sffe /
Resource Hash
248d0f732763fd82701728aff2902d3e6b079e73f1ea00c1c4bb749f45e9226f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 00:27:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
201318
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15957
x-xss-protection
0
last-modified
Mon, 29 Aug 2022 10:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 08 Sep 2023 00:27:57 GMT
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.bg3.co
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Sat, 10 Sep 2022 08:23:15 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
226235
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
json
gum.criteo.com/sid/ 		326 B
637 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&cw=1&pbt=1&lsw=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1662648504901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
546cd5b9641829cffba32680801c7ac253b12ce744ebb40e4e07da815942554c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Sat, 10 Sep 2022 08:23:15 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
697415
strict-transport-security
max-age=31536000; preload;
expires
0
rid
match.adsrvr.org/track/ 		109 B
540 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1662648504901.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
486ae9b783fdf48074594dce4b5708846ac766dce55f8bcc7546aa84e4523a4a

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 10 Sep 2022 08:23:15 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
109
expires
Mon, 10 Oct 2022 08:23:16 GMT
usync.html
eus.rubiconproject.com/ Frame 5204 		281 B
573 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1662648504901.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.15.148.136 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-15-148-136.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 10 Sep 2022 08:23:16 GMT
ETag
"40014-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Unused62
8096267
Vary
Accept-Encoding
pd
u.openx.net/w/1.0/ Frame DE7F 		532 B
636 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1662648504901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
88b5f7001eebda1f83264bf25784cb637532cc835f328e9465a2113a4744b7a7

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
324
content-type
text/html
date
Sat, 10 Sep 2022 08:23:15 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
async_usersync.html
acdn.adnxs.com/dmp/ Frame 7CA5 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1662648504901.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
13508
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sat, 10 Sep 2022 08:23:15 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 08 Sep 2022 04:38:03 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
1, 20177
X-Served-By
cache-lga21953-LGA, cache-syd10125-SYD
X-Timer
S1662798196.742911,VS0,VE0
checksync.php
contextual.media.net/ Frame 5C08 		36 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1662648504901.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.83.196.24 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e8c1c4efe9cfb7153f0fce2f6217d65521daeceb0c4c8c42c20c018f10e4ea8f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
11782
content-type
text/html; charset=UTF-8
date
Sat, 10 Sep 2022 08:23:15 GMT
expires
Mon, 12 Sep 2022 08:23:15 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
ixmatch.html
js-sec.indexww.com/um/ Frame 30BC 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1662648504901.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.72.44.239 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1387
Content-Type
text/html; charset=UTF-8
Date
Sat, 10 Sep 2022 08:23:16 GMT
ETag
"e20015-b68-5e4a60c97afb7"
Last-Modified
Mon, 25 Jul 2022 19:18:30 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server
Apache
Vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame 8225 		2 KB
863 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1662798191280
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1662648504901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.79.234.101 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-51-79-234.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
sync.html
public.servenobid.com/ Frame D2CC 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://public.servenobid.com/sync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1662648504901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.45.7 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7efdca1ce8a8ee4fb50887d9f88bdace1026e0f76ea1e64a802b97402d825a79

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
4053
cache-control
max-age=86400
content-encoding
br
content-type
text/html
date
Sat, 10 Sep 2022 07:15:44 GMT
etag
W/"3b058e9cd661ca6990301a82cf5d448f"
last-modified
Wed, 17 Aug 2022 23:23:08 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 f1f5d974f7fdb5d7a316f8977e43daae.cloudfront.net (CloudFront)
x-amz-cf-id
ElrJplMxsKHO6jfOCAKcWcFiQQq1NEX_XwZnJ3MuoMssf34lWJRZTA==
x-amz-cf-pop
MRS52-P1
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:us-east-1:559734745816:build/adserver-public-prod:049b4e88-3480-44ce-bc71-9207efe847a1
x-amz-meta-codebuild-content-md5
77e8f986028c7819a018b65a51e4d1c5
x-amz-meta-codebuild-content-sha256
4cf0411e60b9185dacd3ae0196e3adabe45eed1b64ea27e89ed58c43c33d4297
x-cache
Hit from cloudfront
sync
eb2.3lift.com/ Frame B95F
Redirect Chain
  • https://eb2.3lift.com/sync?
  • https://eb2.3lift.com/sync?&ld=1
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?&ld=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1662648504901.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
e06b3a957380d49aeade8c04d425aabd8aa9690b1e7d9803d4f0a6a85f76916b

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-length
458
content-type
text/html; charset=utf-8
date
Sat, 10 Sep 2022 08:23:15 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Sat, 10 Sep 2022 08:23:15 GMT
location
/sync?&ld=1
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
magnite
prebid.a-mo.net/setuid/
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://prebid.a-mo.net/setuid/magnite?uid=L7VN3ZUG-R-94Q5&gdpr=0&us_privacy=1---
0
135 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid/magnite?uid=L7VN3ZUG-R-94Q5&gdpr=0&us_privacy=1---
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qi-mei-yin-le-jie-ling-hun-de-yin-hen-gan-shou-lang-man-le-pai-de-feng-pei-qing-gan.html
Protocol
H2
Server
145.40.88.5 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 08:23:16 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
vary
Accept-Encoding

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://prebid.a-mo.net/setuid/magnite?uid=L7VN3ZUG-R-94Q5&gdpr=0&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
6690dc791bf02dde8c4051a04cfd7bb8
Expires
0
receive
pixel.tapad.com/idsync/ex/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=adaptmx&user_id=4b2dc87e-5abd-4bba-9846-3ffedc788cbf&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://x.bidswitch.net/ul_cb/sync?ssp=adaptmx&user_id=4b2dc87e-5abd-4bba-9846-3ffedc788cbf&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=09a44ca7-f1fb-44bf-bb48-0934f7c5e1fc&ssp=adaptmx&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10525404912588158618&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.vi...
0
0
cookie
cm.adform.net/
Redirect Chain
  • https://prebid.a-mo.net/cchain?cb=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Damx%26uid%3D4b2dc87e-5abd-4bba-9846-3ffedc788cbf&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://ssum.casalemedia.com/usermatchredir?s=191503&gdpr=1&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F317%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26A%3D...
  • https://prebid.a-mo.net/cchain/0/317?gdpr=0&gdpr_consent=&us_privacy=1---&A=4b2dc87e-5abd-4bba-9846-3ffedc788cbf&bidder=index_rtb&cbx=aHR0cHM6Ly9pYi5hZG54cy5jb20vcHJlYmlkL3NldHVpZD9iaWRkZXI9YW14JnV...
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F2%2F317%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26A%3D4b2dc87e-5abd-4bba-9846-3ffedc788cbf%26bidder%3Dappnexus%26cbx%3D...
  • https://prebid.a-mo.net/cchain/2/317?gdpr=0&gdpr_consent=&us_privacy=1---&A=4b2dc87e-5abd-4bba-9846-3ffedc788cbf&bidder=appnexus&cbx=aHR0cHM6Ly9pYi5hZG54cy5jb20vcHJlYmlkL3NldHVpZD9iaWRkZXI9YW14JnVp...
  • https://cm.adform.net/cookie?gdpr=1&gdpr_consent=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F3%2F317%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26A%3D4b2dc87e-5abd-4bba-9846-3ffedc...
0
0
yahoo
prebid.a-mo.net/setuid/
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58570/occ?gdpr=0&gdpr_consent=&uid=4b2dc87e-5abd-4bba-9846-3ffedc788cbf
  • https://prebid.a-mo.net/setuid/yahoo?uid=y-iLV8alRE2uF3vvqCbv6HztQALkSxLibF1WTmNIc-~A&gdpr=0&gdpr_consent=
0
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid/yahoo?uid=y-iLV8alRE2uF3vvqCbv6HztQALkSxLibF1WTmNIc-~A&gdpr=0&gdpr_consent=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qi-mei-yin-le-jie-ling-hun-de-yin-hen-gan-shou-lang-man-le-pai-de-feng-pei-qing-gan.html
Protocol
H2
Server
145.40.88.5 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 08:23:15 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
3
server
envoy
vary
Accept-Encoding

Redirect headers

location
https://prebid.a-mo.net/setuid/yahoo?uid=y-iLV8alRE2uF3vvqCbv6HztQALkSxLibF1WTmNIc-~A&gdpr=0&gdpr_consent=
date
Sat, 10 Sep 2022 08:23:16 GMT
server
ATS/9.1.10.25
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
truncated
/ Frame 4FD7 		107 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 4FD7 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 4FD7 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
generate_204
tpc.googlesyndication.com/ Frame 3BF2 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?eNV9fw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qi-mei-yin-le-jie-ling-hun-de-yin-hen-gan-shou-lang-man-le-pai-de-feng-pei-qing-gan.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 08:23:15 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
bql.php
lg3.media.net/ Frame 4FD7 		15 B
159 B 		Script
General
Check archive.org
Download Go to
Full URL
https://lg3.media.net/bql.php?vgd_len=5421&&&vgd_l2type=sca&fp=MzA_eCVWy1eyoiNQ0FcmxnRtITqI8ADJ42z0GtDV69dZ8tYZnJvoQd3_DDzYqNheSNemzNxw-NS-sztxHtPauYEO8X3xYYhPFCCAZPdC99E_8Bhh3OX4G5WjOhWAoQ-t&cme=KNo4cmrMJHTf256YdBNh9sPpY4JSchcxjVDFOp8_tmfXh86p0x_CXjS1Rtt-WlAHFVvNiBmypCfeNl2yCJLhDCnavW4UtqR7cdehCkRYszWnTCRae5ySKWKzs9caWdspIXMgp2nBCpz6pqqzgubApdaHQ5RtetpdwAHWqkZP_emI8f-TFmkXvSkcmg-OjDR6ojMTIMyTyQPBH-fkyGwmrQ%3D%3D%7C%7C5km1I4o2OiZf0XNu18J7tIJCMFEp-lDsTewV5cLrdNtSVODq0KjC_NxEFNhpJHlhanggg99_tFLBo6o1EBZBhK7b4d5jipP9sioN-eqrSC2RlQmDubQJKpCK_BCqtu3M54jmoHSxo68ZQv-F4Nm5f4gOBDIM7ZyKnqz_cxFeElUQoql_IsACclRTjBGpi7zZ7DC5ghppjvvCYLmdPyXeEs-pxh_URCYGG4mpWedKX5dA5EmnRec0XA%3D%3D%7Cu8A6SM53vAdJjhazCSusZAnIl_9HqKRb%7CjyjVTouP1sOI3OR67jxweNSVYtHEv6HR%7Ca0AmFUYXmD6ASqXHhJuVwQhdp4_HJdO5PL2fuJszgjo%3D%7CdsA6EMpZ47R6ljdz__nQtthZoUpm2bb5%7C&v=1&geo=-33.91%7C151.2&dlper=20&lper=100&lpid=&tsid=7&q=&prv=&type=&ps=&hint=&td=&cc=AU&wsip=170721356&bca=0&ugd=4&vgd_fcic=0&vgde_setid=Nfu&vgd_dnquo=01_9&ksu=224&fdkt=232&vgde_kbbh=fuoyxQBuG&kwd[]=Best+Priced+Car+Insurance&kwt[]=232&kbc[]=a8c5cf0754323e1139b173ce42054d81.d2s&kwp[]=1&kid[]=48970281&kbc2[]=0%7C1%3D0.67%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C12%3D0.30%7C62%3D1.38%7C10%3D4.84%7C60%3D0.69%7C66%3D0.98%7C63%3D0.31%7Cps%3D1.008%7C3%3D0.51%7C4%3D5.00&ktd[]=1126174801920256&ktrkt[]=Best+Priced+Car+Insurance&kwd[]=Script+Font+Generator&kwt[]=265&kbc[]=48855&kwp[]=2&kid[]=280915159&kbc2[]=1%3D0.65%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C12%3D0.48%7C62%3D0.58%7C10%3D4.84%7C60%3D0.75%7C66%3D0.98%7C63%3D0.31%7Cps%3D0.626%7C3%3D0.14%7C4%3D1.00&ktd[]=274894815488&ktrkt[]=Script+Font+Generator&kwd[]=A+Business+Proposal&kwt[]=265&kbc[]=21982&kwp[]=3&kid[]=4603988&kbc2[]=1%3D1.44%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C12%3D1.45%7C62%3D1.07%7C10%3D4.84%7C60%3D1.44%7C66%3D0.98%7C63%3D0.31%7Cps%3D0.626%7C3%3D0.22%7C4%3D1.65&ktd[]=274911592704&ktrkt[]=A+Business+Proposal&kwd[]=Large+Alphabet+Stencils&kwt[]=265&kbc[]=40024&kwp[]=4&kid[]=17063637&kbc2[]=1%3D0.06%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C12%3D0.42%7C62%3D0.51%7C10%3D4.84%7C60%3D0.06%7C66%3D0.98%7C63%3D0.31%7Cps%3D0.626%7C3%3D0.10%7C4%3D1.00&ktd[]=274894815488&ktrkt[]=Large+Alphabet+Stencils&kwd[]=Website+Maker+App&kwt[]=391&kbc[]=1224808752&kwp[]=5&kid[]=340189069&kbc2[]=1%3D1.11%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C12%3D0.46%7C62%3D1.36%7C10%3D4.84%7C60%3D1.11%7C66%3D0.98%7C63%3D0.31%7Cps%3D0.528%7C3%3D1.47%7C4%3D5.00&ktd[]=1126174801658112&ktrkt[]=Website+Maker+App&kwd[]=Handwriting+Practice+Worksheets&kwt[]=265&kbc[]=40024&kwp[]=6&kid[]=13239366&kbc2[]=1%3D0.17%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C12%3D0.54%7C62%3D1.16%7C10%3D4.84%7C60%3D0.17%7C66%3D0.98%7C63%3D0.31%7Cps%3D0.626%7C3%3D0.04%7C4%3D1.65&ktd[]=274894815488&ktrkt[]=Handwriting+Practice+Worksheets&cid=8CUABW64L&vwid=1662798194405287317&vi=1662798194405287317&tdAdd[]=ib%3D0&vsid=3057997956835795&tdAdd[]=asnum%3D54203&vgde_test_data_struct=%7B%22EO7E8O%22%3Au%7D&vgd_cdv=794&vgd_l3_sc=NSW&vgd_chost=contextual.media.net&vgd_hb_audit_1=8CU3SX34C&vgd_hb_audit_2=529820104&vgd_katbid=-103&vgd_pdtid=1&vgd_implt=3&vgd_l2wsip=170721356&vgd_nrrv=96642&vgd_nrrmf=1c80a&vgd_nrrsf=scrr&vgd_cty=beaconsfield&vgd_go_pid=8POHZR87R&&tdAdd[]=%7C%40%7Cabp%3A1%3A2&vgd_ifrmode=11&vgd_l1rakh=1662798194180111380&sttm=1662798194867&upk=1662798195.24736&hvsid=00001662798194867029185683573693&verid=3111299&vgd_matchstr=hr%3D0%7Cbcat%3D11%2C47%2Ch%2Cgo%2Ci2%7Ccsh%3D1&sbdrId=186&vgd_ecrid=1700080807683300336028000000500&vgd_isiolc=1&vgd_fcm_enc_mis=1&pid=8POHZR87R&&abpl=2&&kbbq=%26asn%3D54203&&vgd_vstrid=3057997956835795&vgde_bdata=QOfvzxjj~8xLjMjvX9~myJLEYv9.9u~e8QMQOvfHf~ONfvu~QNOvzQB~eM1QzvXHf9A~ejfLMQOvf9ff9iu99f~8xLjMGvhu9ff.hA~xLjM7UNv9~Q7Ov~j1Q7v~e8QMxLjMGv9.u~8EvAGB9PB~kGGv9~e8QMxLjMjvH9~L88Ex1vuF9%2CuFu~J7vh~LNvu~L8Qx8Ov9%2C9~LEQMQOvf9ff9iu99f~e8QMGvufi.ff~xLjMGv9.9u~xLjM7e8vFFu~xLjMjvX9~yN17vou~GGvuWF~eev9~jfLMGvu999~JLEYv9.9u~GYvu~Q8OvihAAXAiu1Fh1hfii9HuW9iXWH99GHhh1~QOvu~x8OvuXkRlrgk2%3DjRX2Tyx~G7OvfHfWHiAFufWhhFHXWHWiHfui9iXWiiih9FWiHuHWAiW9iuAf9ihXhXFF9HuWA9XiXAhiHHiiuFWWiFWW9FHH~OfEMjvh9~AENkvf.Wi~x8Yv9~myMYQwv9.9u~OYYMQ7Lyvw1LYmz5~OfEMGv9.Wi~myOfEMGv9.WH~exLjMGv9.uf~QQvIK~x8Bvou~NJv9~LEQMGvff.h~exLjMjvA9~%3DVvfhAA~z7QvA~7Gvou~N7vGJ1NmzQk8JjO~G1Q8QfvuiF~G1Q8QuvuiF~8QDJkv9~8exLjMGvW.XX~8Q8kv9~jNvA~G8Ov9.9f~ONvW~ejfLMGv9.WX~8exLjMjvA9~QxEEj5M71yM8Ov~1YEvu~NGOEv9.9uu~OYYvw1LYmz5~Qx8Ov%3DK4b4s3BaL6k9_HiHkmCi3ho_0g~QOvu~O7Nv1E1NMQy~-8OvKrtoExGoHHWXfAiHfXifHhWh~O1jyvxz8Qmzuf~w7Yjvu~1OGjUvAAuHiuFuuX~QmGEv~N7LvH.9WWXifX4oH~GOEN1EOv9~OYYMJLEYv7LxJ~GkjLv9.9u9~myG8Ov9.9f9~1NM75EJvu~875EJM8Ovuh~QJjjJLM71yM8Ov~OJ7JN7JOM71yM8Ov~ONx7vu~OmyGv9ou~8GNvu~OO7vou~zQlvA~7yQvfX9-fX9%7CA99-fX9%7CAAF-fW9~GQGv9~GQEv9~7Y-vfXH&vgd_optout=0&vgd_cfud=220407&vgd_scsver=306&vgd_bhv_kbb=-1&vgd_go_ent=1&vgd_l2ch=0&vgd_rensize=336_280&vgd_scr_h=1200&vgd_scr_w=1600&vgd_ect=4g&vgd_dtc=apac_sg&vgd_mbr=1&vgd_l1rpth=%2Fnmedianet.js&vgd_pgids=1&&tdAdd[]=uiparams%3D%3Brend_w%3A336%3Brend_h%3A280&&vgd_uspa=0&vgd_sc=NSW&vgd_l1rhst=contextual.media.net&hvsid=00001662798194867029185683573693&subBdr=186&bdrid=4&rc=0&rand=1662798195629&acid=497c40dca8f14bb3bef0dce419605f73&matm=1662798195629&requrl=https%3A%2F%2Fwww.bg3.co&vgd_ltimesrc=1&vgd_ltime=2379&vgd_rtime=2359&vgd_etm=12&vgd_l1hcsd=Sdgs7%7C5993&vgd_l1ch=1&vgd_lhl=2768&vgd_pgid=p0159616195t202209100823&vgd_adprefflag=11&vgd_csip=rtb-common-istio-59f7fddfbb-x2mjx.SG&vgd_sbSup=1&vgd_nrrs=96642&vgd_cntrdt=SF%7Cgoogleads.g.doubleclick.net&vgd_eadm=1&vgd_end=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qi-mei-yin-le-jie-ling-hun-de-yin-hen-gan-shou-lang-man-le-pai-de-feng-pei-qing-gan.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.252.26 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-252-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=21600
server
Apache
date
Sat, 10 Sep 2022 08:23:15 GMT
ntcoent-length
15
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
max-age=17877
content-length
15
sd
us-u.openx.net/w/1.0/ Frame DE7F
Redirect Chain
  • https://ad.turn.com/r/cs?pid=9&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=7477050108822088008&gdpr=0&gdpr_consent=&us_privacy=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073061&val=7477050108822088008&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Sep 2022 08:23:16 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537073061&val=7477050108822088008&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Sat, 10 Sep 2022 08:23:15 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
sd
us-u.openx.net/w/1.0/ Frame DE7F
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=783dc955-9ec6-7b31-fa74-90ebeeebb39f&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=9e4e4e56-cdb2-438a-ae55-90584569c230&ttd_puid=783dc955-9ec6-7b31-fa74-90ebeeebb39f&gdpr=0&gdpr_consent=
43 B
62 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=9e4e4e56-cdb2-438a-ae55-90584569c230&ttd_puid=783dc955-9ec6-7b31-fa74-90ebeeebb39f&gdpr=0&gdpr_consent=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Sep 2022 08:23:16 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 10 Sep 2022 08:23:15 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=9e4e4e56-cdb2-438a-ae55-90584569c230&ttd_puid=783dc955-9ec6-7b31-fa74-90ebeeebb39f&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
335
sd
jp-u.openx.net/w/1.0/ Frame DE7F
Redirect Chain
  • https://tg.socdm.com/rtb/sync_before?proto=openx
  • https://jp-u.openx.net/w/1.0/sd?id=537072335&val=YxxJc8Co5sIAAHzKLNcAAAAA
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=YxxJc8Co5sIAAHzKLNcAAAAA
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Sep 2022 08:23:16 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Sat, 10 Sep 2022 08:23:15 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync_before?proto=openx","cluster_id":49,"gdpr":false,"ipv4":"173.245.209.165","key":"YxxJc8Co5sIAAHzKLNcAAAAA","privacy_sensitive":false,"uid":"YxxJc8Co5sIAAHzKLNcAAAAA","upstream_id":"m-ad123"}
X-SO-Key
YxxJc8Co5sIAAHzKLNcAAAAA
X-SO-Upstream-ID
m-ad123
P3P
CP="See also http://www.scaleout.jp/privacy/"
X-SO-HostName
m-ad123.dc4p.scaleout.jp
X-SO-UID
YxxJc8Co5sIAAHzKLNcAAAAA
Connection
keep-alive
Content-Length
0
X-SO-IP
173.245.209.165
X-SO-Cluster-ID
49
Server
nginx
Location
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=YxxJc8Co5sIAAHzKLNcAAAAA
Cache-Control
private
X-SO-Ads-Time
6
X-SO-LB-Hostname
a-tgng40004.dc2p.scaleout.jp
sd
jp-u.openx.net/w/1.0/ Frame DE7F
Redirect Chain
  • https://cr-p3.ladsp.jp/cookiesender/3
  • https://cr-pall.ladsp.com/cookiesender/3
  • https://cr-pall.ladsp.com/cookiesender/3?cr=true
  • https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AZVSBkrv_ON0ks8ADsaW65qk8M8AAAGDJn7x6Q
0
0
pixel
cm.g.doubleclick.net/ Frame DE7F 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NTQ1MjFhOWYtNTdiMS0yNTk1LWVmOTQtY2E1MjI0MDk3ZGZm
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Sep 2022 08:23:15 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame DE7F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEkKv0okHYYlLhNADXCmLXw&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEkKv0okHYYlLhNADXCmLXw&google_cver=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Sep 2022 08:23:16 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 10 Sep 2022 08:23:15 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEkKv0okHYYlLhNADXCmLXw&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame EE7A 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?7ioVaA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qi-mei-yin-le-jie-ling-hun-de-yin-hen-gan-shou-lang-man-le-pai-de-feng-pei-qing-gan.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 08:23:15 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
generate_204
tpc.googlesyndication.com/ Frame DB2E 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?BFe5-w
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qi-mei-yin-le-jie-ling-hun-de-yin-hen-gan-shou-lang-man-le-pai-de-feng-pei-qing-gan.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 08:23:15 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
async_usersync
ib.adnxs.com/ Frame 7CA5 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.151.120 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
908.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 10 Sep 2022 08:23:15 GMT
X-Proxy-Origin
173.245.209.165; 173.245.209.165; 908.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid
ee0f7e5a-6a7b-4a76-b378-9d5ac333752e
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
gum.criteo.com/ Frame 5C08 		61 B
301 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?r=2&c=321&gdpr=0&gdpr_pd=0&gdpr_consent=&us_privacy=&j=window.advBidxc.mnetRtusId
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
f77f47058428a1c21dad5a75ac13fbfdeb9858947218fee2112fded5972a0b5d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 08:23:16 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
319600
strict-transport-security
max-age=31536000; preload;
expires
60
usync.html
eus.rubiconproject.com/ Frame 018B
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=medianet
  • https://eus.rubiconproject.com/usync.html?p=medianet
281 B
573 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=medianet
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.15.148.136 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-15-148-136.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 10 Sep 2022 08:23:16 GMT
ETag
"40014-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Unused62
8096267
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sat, 10 Sep 2022 08:23:16 GMT
location
https://eus.rubiconproject.com/usync.html?p=medianet
server
AkamaiGHost
cksync.html
contextual.media.net/ Frame 604C
Redirect Chain
  • https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3057997956835795000V10%26type%3Drkt%26refUrl%3D%26vid%3D279819586730579979568357950...
  • https://contextual.media.net/cksync.html?cs=8&vsid=3057997956835795000V10&type=rkt&refUrl=&vid=27981958673057997956835795000V10&ovsid=1975180289631866553
219 B
651 B 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/cksync.html?cs=8&vsid=3057997956835795000V10&type=rkt&refUrl=&vid=27981958673057997956835795000V10&ovsid=1975180289631866553
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.83.196.24 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
85af3052d288ffd9157258dfe4daf5309f0b64d0067ab8221cd0c62909c18419
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-length
219
content-type
text/html;charset=UTF-8
date
Sat, 10 Sep 2022 08:23:16 GMT
expires
Sat, 10 Sep 2022 08:23:16 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
pragma
no-cache
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E

Redirect headers

Content-Length
0
Date
Sat, 10 Sep 2022 08:23:16 GMT
Location
https://contextual.media.net/cksync.html?cs=8&vsid=3057997956835795000V10&type=rkt&refUrl=&vid=27981958673057997956835795000V10&ovsid=1975180289631866553
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.3.29.v20201019)
cksync
cs.media.net/ Frame 5C08
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=9e4e4e56-cdb2-438a-ae55-90584569c230
45 B
450 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=9e4e4e56-cdb2-438a-ae55-90584569c230
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.36.252.26 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-252-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Sep 2022 08:23:16 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Sat, 10 Sep 2022 08:23:16 GMT

Redirect headers

pragma
no-cache
date
Sat, 10 Sep 2022 08:23:15 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=9e4e4e56-cdb2-438a-ae55-90584569c230
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
199
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame FE29 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3057997956835795000V10%26type%3Dpba%26refUrl%3D%26vid%3D27981958673057997956835795000V10%26ovsid%3DPM_UID
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.72.44.196 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=25583
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Sat, 10 Sep 2022 08:23:16 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Sat, 10 Sep 2022 15:29:39 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
cksync.php
contextual.media.net/ Frame 5C08
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3057997956835795000V10%26type%3Dapx%26refUrl%3D%26vid%3D27981958673057997956835795000V10%26ovsid%3D%24UID
  • https://contextual.media.net/cksync.php?cs=8&vsid=3057997956835795000V10&type=apx&refUrl=&vid=27981958673057997956835795000V10&ovsid=8576658518161717200
45 B
452 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3057997956835795000V10&type=apx&refUrl=&vid=27981958673057997956835795000V10&ovsid=8576658518161717200
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
104.83.196.24 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
server
Apache
date
Sat, 10 Sep 2022 08:23:16 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Sat, 10 Sep 2022 08:23:16 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 10 Sep 2022 08:23:16 GMT
X-Proxy-Origin
173.245.209.165; 173.245.209.165; 908.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid
ceb50d4e-9b9c-4553-93c0-bb40042fa60d
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://contextual.media.net/cksync.php?cs=8&vsid=3057997956835795000V10&type=apx&refUrl=&vid=27981958673057997956835795000V10&ovsid=8576658518161717200
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cksync.html
contextual.media.net/ Frame 5C08
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3057997956835795...
  • https://contextual.media.net/cksync.html?cs=8&vsid=3057997956835795000V10&type=opx&refUrl=&vid=27981958673057997956835795000V10&ovsid=b011a0ca-35c6-41d1-993b-ee855c042143
219 B
219 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.html?cs=8&vsid=3057997956835795000V10&type=opx&refUrl=&vid=27981958673057997956835795000V10&ovsid=b011a0ca-35c6-41d1-993b-ee855c042143
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
104.83.196.24 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
server
Apache
date
Sat, 10 Sep 2022 08:23:16 GMT
vary
Accept-Encoding
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
text/html;charset=UTF-8
content-length
219
x-mnet-hl2
E
expires
Sat, 10 Sep 2022 08:23:16 GMT

Redirect headers

date
Sat, 10 Sep 2022 08:23:16 GMT
content-encoding
gzip
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://contextual.media.net/cksync.html?cs=8&vsid=3057997956835795000V10&type=opx&refUrl=&vid=27981958673057997956835795000V10&ovsid=b011a0ca-35c6-41d1-993b-ee855c042143
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
RX-c91c9ec1-1f70-4729-86b8-0e73aebdef5b-004
sync.targeting.unrulymedia.com/csync/ Frame 5C08
Redirect Chain
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3057997956835795000V10%26type%3Dr1%26refUrl%3D%26vid%3D27981958673057997956...
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&zcc=1&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3057997956835795000V10%26type%3Dr1%26refUrl%3D%26vid%3D27981958673057...
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4900826527
  • https://sync.1rx.io/usersync/tradedesk/9e4e4e56-cdb2-438a-ae55-90584569c230
  • https://sync.targeting.unrulymedia.com/csync/RX-c91c9ec1-1f70-4729-86b8-0e73aebdef5b-004?redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3057997956835795000V10%26type%3Dr1%2...
0
0
cksync.php
contextual.media.net/ Frame 5C08
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3057997956835795000V10%26type%3Ddxu%26refUrl%3D%26vid%3D27981958673057997956835...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3057997956835795000V10%26type%3Ddxu%26refUrl%3D%26vid%3D27981958673057997...
  • https://contextual.media.net/cksync.php?cs=8&vsid=3057997956835795000V10&type=dxu&refUrl=&vid=27981958673057997956835795000V10&ovsid=ESExH1nC1OwVLK5
45 B
452 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3057997956835795000V10&type=dxu&refUrl=&vid=27981958673057997956835795000V10&ovsid=ESExH1nC1OwVLK5
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
104.83.196.24 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
server
Apache
date
Sat, 10 Sep 2022 08:23:16 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Sat, 10 Sep 2022 08:23:16 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 10 Sep 2022 08:23:16 GMT
Server
PingMatch/5cd8a5d#5cd8a5dae4649c563ed7e6eb1dd90a4f2423ff29 i-061340171d1604405@ap-southeast-1a@dxedge-app-ap-southeast-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Location
https://contextual.media.net/cksync.php?cs=8&vsid=3057997956835795000V10&type=dxu&refUrl=&vid=27981958673057997956835795000V10&ovsid=ESExH1nC1OwVLK5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
usersync.aspx
dis.criteo.com/dis/ Frame 5C08 		43 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=115&p=259&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.146 -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Sep 2022 08:23:15 GMT
server
Kestrel
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
118352
content-type
image/gif
expires
Sat, 10 Sep 2022 00:00:00 GMT
img
sync.mathtag.com/sync/ Frame 5C08
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1
  • https://x.bidswitch.net/ul_cb/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1
  • https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Dmedianet%26bsw_param%3Dc9f9f6b0-0ffe-407d-8133-0592fe6e4f...
0
0
23178
stags.bluekai.com/site/ Frame 5C08
Redirect Chain
  • https://b1sync.zemanta.com/usersync/medianet/?cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3057997956835795000V10%26type%3Dzem%26refUrl%3D%26vid%3D27981958673057997956835795...
  • https://stags.bluekai.com/site/23178?id=9cETBB6pVwWgohKpgykq&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TD...
0
0
sync
rtb.mfadsrvr.com/ Frame 5C08 		0
0
um
cs.emxdgt.com/ Frame 5C08 		0
67 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.emxdgt.com/um?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3057997956835795000V10%26type%3Demx%26refUrl%3D%26vid%3D27981958673057997956835795000V10%26ovsid%3D%24UID
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.23.149.157 -, , ASN (),
Reverse DNS
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 08:23:16 GMT
server
awselb/2.0
content-length
0
content-type
text/plain; charset=utf-8
xuid
eb2.3lift.com/ Frame B95F
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3658&xuid=9e4e4e56-cdb2-438a-ae55-90584569c230&dongle=0cfd
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3658&xuid=9e4e4e56-cdb2-438a-ae55-90584569c230&dongle=0cfd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 08:23:16 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Sat, 10 Sep 2022 08:23:15 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://eb2.3lift.com/xuid?mid=3658&xuid=9e4e4e56-cdb2-438a-ae55-90584569c230&dongle=0cfd
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
209
ebda
eb2.3lift.com/ Frame B95F
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTQ2MTc2NjYwMjI3Mzc1OTkyMTAzNg%3D%3D
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 08:23:16 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sat, 10 Sep 2022 08:23:16 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
248
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame B95F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEHE8Ty96hyQxo-gin92s1l0&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEHE8Ty96hyQxo-gin92s1l0&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 08:23:16 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Sat, 10 Sep 2022 08:23:15 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEHE8Ty96hyQxo-gin92s1l0&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame B95F
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTQ2MTc2NjYwMjI3Mzc1OTkyMTAzNg%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTQ2MTc2NjYwMjI3Mzc1OTkyMTAzNg%3D%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H3
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Sep 2022 08:23:16 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTQ2MTc2NjYwMjI3Mzc1OTkyMTAzNg%3D%3D
date
Sat, 10 Sep 2022 08:23:15 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
p.adsymptotic.com/d/px/ Frame B95F
Redirect Chain
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=1461766602273759921036&dbredirect=true&gdpr=0&consent=
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=1461766602273759921036&dbredirect=true&gdpr=0&consent=&cookiesTest=true
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=3f10933a-69ff-4664-b5a7-3bb89c230e6e&_noobservation=1
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=3f10933a-69ff-4664-b5a7-3bb89c230e6e&_noobservation=1&_expected_cookie=3ed3a14...
43 B
141 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=3f10933a-69ff-4664-b5a7-3bb89c230e6e&_noobservation=1&_expected_cookie=3ed3a142758b9ca8c8e7d8988cc31b65
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
104.18.100.194 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p
CP='NON DSP COR CONi OUR BUS CNT'
date
Sat, 10 Sep 2022 08:23:17 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7486c2bc1bcca832-SYD
content-length
43
content-type
image/gif

Redirect headers

location
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=3f10933a-69ff-4664-b5a7-3bb89c230e6e&_noobservation=1&_expected_cookie=3ed3a142758b9ca8c8e7d8988cc31b65
date
Sat, 10 Sep 2022 08:23:17 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7486c2bac9aca832-SYD
content-length
0
sync
x.bidswitch.net/ Frame B95F 		43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=triplelift&user_id=1461766602273759921036&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.213.12.39 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
39.12.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 10 Sep 2022 08:23:16 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
xuid
eb2.3lift.com/ Frame B95F
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/1461766602273759921036?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-na5u52BE2oQdoBguDu2iPzKCfzZeux3mK8hqGtOgCg--~A&dongle=0883
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-na5u52BE2oQdoBguDu2iPzKCfzZeux3mK8hqGtOgCg--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 08:23:16 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Sat, 10 Sep 2022 08:23:16 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-na5u52BE2oQdoBguDu2iPzKCfzZeux3mK8hqGtOgCg--~A&dongle=0883
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security
max-age=31536000
content-length
0
x-content-type-options
nosniff
iu3
s.amazon-adsystem.com/ Frame B95F
Redirect Chain
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=1461766602273759921036
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=1461766602273759921036&dcc=t
0
0
c.gif
c.bing.com/ Frame B95F 		42 B
668 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=1461766602273759921036&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0001.a-msedge.net
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Sep 2022 08:23:15 GMT
etag
"6fa9befc56b2d81:0"
last-modified
Wed, 17 Aug 2022 16:32:48 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: DAA85B9592874262A138265433897D04 Ref B: SYD03EDGE1409 Ref C: 2022-09-10T08:23:16Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42
23178
stags.bluekai.com/site/ Frame B95F
Redirect Chain
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent=
  • https://stags.bluekai.com/site/23178?id=vUv5jUkfRiNXqvOnHfS4&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLE...
0
0
log
hblg.media.net/ Frame C174 		35 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/log?log=kfk&evtid=adplog&&lmt_enf=true&req_mtype%3C%3E=0&mx_bsProfileRa=0&mx_nsz=3&spSource=0&ifst=0&vid=YxxJcAAOWNEF6YftqwGKGQ&s_city=taipei&ugd=4&bcat%3C%3E=1000031%23%231000030%23%2310130%23%231000024%23%231000037%23%231000036%23%231000004&exp=ssProfile%3D0%7Csfl%3Dfalse%7CssBucket%3D0%7Cbfl%3D-100%7Csch%3D1%7Cclt%3D3%7Cfl_rl%3D1%7Cdbr%3D1%7Ctpi%3D1&app=0&ctr=4.0885925E-4&mx_TAF=3&device_id=4&ae=false&mx_UCC=1&prspt=headerBid&mx_bss_algos%3C%3E=0&usp_status=0&seat=BID_API&og_cbdp=0.020&size=336x280&mx_TAS=1&mx_gpid_sent=false&xtmax=290&commit_id=d5d0fd30&scrid=1700080807683300336028000000500&itypeid=17&mx_SPRIG=0&viewability=-1&renderer=1&be=0&rtime=10.0&adj0=0.0&tmax=300&s_ip=173.194.171.8&adj2=0.0&adj1=0.0&feedback_id=YxxJcAAOWNEF6YftqwGKGQ&adtypes=0&mx_aabpc=0&reqid=YxxJcAAOWNEF6YftqwGKGQ&sc=AU-NSW&sd=1&mowxReqId=497c40dca8f14bb3bef0dce419605f73_1&ifdp=0&requrl=https%3A%2F%2Fwww.bg3.co&bidrestime=1662798192985&pv_adtype=0&cc=AU&strg=HARMONY&pcrid=8CUABW64L-131738877-37-23&coppa_enf=true&bdp=0.020&ct=beaconsfield&spIsReq=3&s=1&abs=0%7C0%7Cxtmax%3D290%7CHARMONY%7Cbrr%3D0&mx_epbc=8CUABW64L&dnt_enf=false&mx_ssBucket=0&vls=0&asn=54203&mang=1&fleet=common-istio&mx_isLossNtf=false&advUrl=https%3A%2F%2Ftopics.businessfocus.online&dn=bg3.co&dt=O&acid=497c40dca8f14bb3bef0dce419605f73&actltime=17&act=headerBid&iframingState=0&mx_lr_seg_deal=0&exclattr=32%7C34%7C70%7C13%7C14%7C15%7C16%7C48%7C17%7C114%7C18%7C19%7C20%7C22%7C25%7C26%7C27%7C30%7C95&dfpBd=0.011&sckfl=1&dmm_erpm=true&mx_lr=0&mview=1&smbrid=adx-1&bfs=103&rfc=-1&prvApiId=8CUABW64L&epcexp=false&pubid=pub-ADX-101418826937&mx_bsProfile=0&cid=8CU3SX34C&bcrid=1700080807683300336028000000500&omul=1.0&res_mtype=0&apPrfs%3C%3E=62%23%2313%23%2361&suid=CAESEFYwOrJf0T494foK9Y7-TPQ&chnl=HARMONY&pst=0&reqsize=336x280&adpos=3&itype=ADX&mx_g_one_uid_sent=None&spCst=0&mx_sid=8CUABW64L&tgtval=pub-ADX-101418826937&__expireat=1662798793239&lmt_status=N&reftype=0&prvAccId=131738877&ckfl=0&lper=1&mx_tgs=250x250%7C300x250%7C336x280&dummy_vsid=false&cbdp=0.011&pvdTmax=254&ltime=16.0&epc=131738877&ctr_vendor=EXCHANGE&prvReqId=39933960903501_113547844_52982010441&zip=2015&exid=31&spFst=0&mx_GCID=0&cliIPType=v4&pexid=ADX-pub-4485239425924787&ybnca_erpm=0.01&brsrclk=0&sbdrid=186&mx_bsBucketRa=0&rtttime=21&apTags%3C%3E=75&mx_PC=1&wsip=mowx-istio-556596975b-7vpdf&currsrc_date=2022-09-09+00%3A00%3A00&psrc=fail&geoll=false&omid=0&debug_ts=2022-09-10+08%3A23%3A12&policy_enf=2&mx_ssProfile=0&mx_SC=0&reftime=0&pbidflr=0.010&spbf=0&currsrc=API&fpusp=false&lmt_applied=N&mnrfc=-1&pub_blk_enf=1&amptype=1&moau=true&ocurr=USD&snm=SUCCESS&mx_IAB2=0&usp_enf=1&bidflr=0.010&incentive_type=0&skadidfl=0&pid=8PR113JGC&spTo=3&pvid=4&schain_cmpl=1&is_ortb=false&mx_aurl_hc=0&ucrid_ver=2&mx_maq_call=false&mx_uid_sent=0&mx_sbp=-10.0&mnrf=0&slotVisibility=2&dbf=1&gdpr=0&gqid=AMVB_Pm9mONS3H6IQPRc54rB87yfWC6OD_ezmA24pVDQIMi1TVOjI2VUXs7957eB5TPDMpqA&dmm_ogerpm=false&csip=rtb-common-istio-59f7fddfbb-x2mjx.SG&mx_bsBucket=0&mx_aurt=0&spIvt=3&ptype=23&media=0&acsn=1&dtc=apac_sg&mx_aqcpl_crid=4&ogbdp=0.02&tpbTkn=false&adblk=3314916115&fpuReq=1&vcmplrt=-1.0&crid=529820104&geo_source=2&sat=1&mnet_ckfl=0&opbidflr=0.010&impId=1&rme=adm&bdata=sd2%3Dnull~iurl_l%3D50~ogerpm%3D0.01~vis_sd%3D242~dc2%3D1~scd%3Dnsw~v_asn%3D54203~vl2r_sd%3D2022091002~iurl_b%3D71022.73~url_tkc%3D0~std%3D~last%3D~vis_url_b%3D0.1~ip%3D3bw0Uw~fbb%3D0~vis_url_l%3D40~riipua%3D160%2C161~et%3D7~rc%3D1~risuid%3D0%2C0~rps_sd%3D2022091002~vis_b%3D129.22~url_b%3D0.01~url_tvi%3D661~url_l%3D50~gcat%3D-1~bb%3D186~vv%3D0~l2r_b%3D1000~erpm%3D0.01~bm%3D1~sid%3D97335391a67a729904180958400b477a~sd%3D1~uid%3D15fBzDQfZClB5ZLgu~btd%3D242849361287764584894219095899970689414839809132097575660418305953794499168896880644~d2p_l%3D70~3pcf%3D2.89~uim%3D0~og_msh%3D0.01~dmm_strg%3Dharmony~d2p_b%3D0.89~ogd2p_b%3D0.84~vurl_b%3D0.12~ss%3DNA~uiw%3D-1~ce%3D0~rps_b%3D22.7~vurl_l%3D30~CI%3D2733~nts%3D3~tb%3D-1~ct%3Dbeaconsfield~basis2%3D196~basis1%3D196~isRef%3D0~ivurl_b%3D8.55~isif%3D0~lc%3D3~bid%3D0.02~dc%3D8~vl2r_b%3D0.85~ivurl_l%3D30~supply_tag_id%3D%7Eamp%3D1%7Ecbdp%3D0.011%7Edmm%3Dharmony%7Esuid%3DCAESEFYwOrJf0T494foK9Y7-TPQ%7Esd%3D1%7Edtc%3Dapac_sg%7Exid%3DADX-pub-4485239425924787%7Edalg%3Dunison12%7Ehtml%3D1%7Eadblk%3D3314916115%7Esobp%3D%7Ectr%3D4.0885925E-4%7Ebdpcapd%3D0%7Edmm_erpm%3Dtrue%7Ebflr%3D0.010%7Eogbid%3D0.020%7Eac_type%3D1%7Eitype_id%3D17%7Eseller_tag_id%3D%7Edetected_tag_id%3D%7Edcut%3D1%7Edogb%3D0-1~ibc%3D1~ddt%3D-1~nsz%3D3~tgs%3D250x250%7C300x250%7C336x280~bsb%3D0~bsp%3D0~tmx%3D254&utime=1889&sf=0&cpr=0.7112738056829837&evttyp=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662798192126&bpp=11&bdt=234&idt=319&shv=r20220907&mjsv=m202209060101&ptt=5&saldr=sa&correlator=1094902774847&frm=8&ife=1&pv=2&ga_vid=245469315.1662798192&ga_sid=1662798192&ga_hid=1104964764&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31069437%2C44772916%2C44769661&oid=2&pvsid=2709184894833235&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.p4r2luhaezh3&fsb=1&dtd=335
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.252.26 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-252-26.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Sep 2022 08:23:16 GMT
strict-transport-security
max-age=86400 ; includeSubDomains
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Sat, 10 Sep 2022 08:23:16 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame ED5D 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvGCLobzLOLSPjnRkCFATdHZG4W8c1maokMe7knZ_BrGtVmTpSMCz6HK1DTtyMn5g-4fr1lk1dpjwl4pEtDZ6WxQEyINdcGDUmk2wbIbr8QfZ1HqpQqPZovtQ&sai=AMfl-YSq4QV2_49wB5YG-ej_oa3RfxP_YAnC9bH9x4HT4xGSt5trA7XRxlqEteA-hrR-lwqL-n4hqo96NYJVcBpUzAoBTuAY25MiY1Apxg7Pvo_k9c-AdNhkr53FWh3i&sig=Cg0ArKJSzDzIUvbcZJjAEAE&cid=CAASJeRorQtp0SavqwEd3dNv5srfJDv8ddVEbRW-uXXqi7u2AhdpgEU&id=lidar2&mcvt=1000&p=1110,436,1200,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220907&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2857874404&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1662798193117&rpt=1998&isd=0&lsd=0&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://a011a39eb7575a461d98b9823b03d532.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Sep 2022 08:23:16 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame B3E4 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220907&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209060101/show_ads_impl_fy2021.js?bust=31069437
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
1037c4326645dd21466b7fc39e72458ae4e314e06489e4c585f7e33803cc5dea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 10 Sep 2022 08:23:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11151
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame B85B 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220907&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209060101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
5c860690473c3d0b95401f667e29bba1eab450d9061bfe14017c990d68c1d856
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 10 Sep 2022 08:23:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11111
x-xss-protection
0
sodar
pagead2.googlesyndication.com/pagead/ Frame C5A6 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220907&jk=1759535697485998&bg=!bG-lbyvNAAZTikH4c4o7ACkAdvg8Wk_jxlQiy0CxXCFcDit2mEPgVHUW6cb75Z3Jr6vAZh_5OX52xgIAAACxUgAAAAJoAQeZAtzts8JMG1AMas93VPG3ByRLDOjM92-AnwIsdnodq3ZDstDQy47nvtfOlRTfZjOpZ6b1W6kRbN24NAP9kwOrnpy5JsgCz6ISjPUpm5AaSzKkDF6yRAPv4yi4uagABWpumK5fGoAhKzn90T39m3IRVSplP-FN1cN1oWIR5AghDXSfZleQc4ktufzFNIhfpPjYY_ZyXv-ii8aGKdKkeBkvevo-wnc-vhuVqSvdT_wSDaD6W72IMPcFkryCPKv7XhPxxpczvus0Vm4Zn7QXidr9SMyUne8w3sR1OJSFl9xrP0bSxlvH7B25i4FPwDyUK8AXD3TYVEHcpA8Slca0SJM6CVNoE2OqUguHGUt-EHtd_GUV7FQ4RjX-2px3VlvSoXiOXxx954iq73QJwfT767wtSSAE3o2k00O5bBdJx7ZWb2n6hc5swboDvxSzvo0ZgOzN5agyuBk3H_eg-HnSOu7AT-ITx3P3_8j7L4GiHoRpAsupSjGkwmwe_deLwNgo6gfu5-Hw-_SY2jrEqrdFAfld-JoCZs9mlTs6OFM0YTOA4OmQRxuAuGgFlqNLzZjR-bHhjz9cs9tZSRSmQuhpN87lhXeTOtQ_HanaU4bn4nTu3GnkFzP8d6p1c7kUZ9h9lweU-nVO3-LccDvGhsEgB1arxVKRsKLNwOJlucPYMO5Ly8m1hbkoZ58a1pApzgD-Pa8400wGq81Fp9pIvi3AHGZ7vISw3bPV6A8zDf81OJWr5tdDCkhdCh5O2tlteqsg2QmijnYu-ijHaCrvCaszM8PH3o-KIEMK_86pifgSz0yW_GZXmFb57OoHO9denmCd1cJ-0v1FHFoOm6NwYLoL3iW3XEja6L1HLt1KEq6dwzq4GZp4o3CwBGPvuleWzfSWX5mouyPFcBjL-L_YzKwP1KIvYhQQ9cXufYMqqkOPKLv_jkvKNUsJjhDkHLpd3ga3J93PvxXlS8YVtYFW2ZimWP4
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qi-mei-yin-le-jie-ling-hun-de-yin-hen-gan-shou-lang-man-le-pai-de-feng-pei-qing-gan.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
usync.js
eus.rubiconproject.com/ Frame 5204 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.15.148.136 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-15-148-136.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
7bf33c686c7d0098b15fa105f49c725fa99d02b4800bae9e067f339160d4d7b1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 10 Sep 2022 08:23:16 GMT
Content-Encoding
gzip
Last-Modified
Wed, 24 Aug 2022 20:46:19 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=29002
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9378
Expires
Sat, 10 Sep 2022 16:26:38 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 11B3 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220907&jk=2407276506492534&bg=!OTqlOn7NAAZTikH4c4o7ACkAdvg8Wss6Gjv596Eh9WKfLtyRx-Hs-F5fugDG5BBXZoFG22xVD-ytwQIAAADLUgAAAAJoAQeZArFeLMD5i5jHX937Tq-AIx1upYGVhfd_8_EE9XghpSC8eNmoWA2owXSnzi1UwNSyfH1LEdOMnRon8OYz-ZbRtjFSAdefmgyEHY26ztKeFWsbN47lk4KshE8fbjVHXO4dvJonqIQr5dwljQ5TI0JNdEw9lmaKYxvBlo6Hp9vjRC90WHQcRU8oEKMbOVo35lV4vbhXmY-gttUV-FfF1MNTcxLYYwKhTGQwKiWWF32fQHe3ipJGGud3DxZdiYJo1mGMN1Bk6fAFsEnXpkxce0dXrSruYSwWjbicsf08tu0-jIs5GOlReYnbcvsOQ2DNsZAvwsrgQLfARDvxwJPbKPojIcF1LN33W-EjlUones5kFpKrsDKJJAg9vnc-_ZzNVU5eB8i8mOQs9wtUbtVkWk0F9w1pUb4Vwp0m3eiqfr-E6NIoem0q8scQXIadTOKm5yJ3u6AhqrI7cwywRjM1oAXFUoNQkUwQicf251XzYPsBTBhvh-HfWjFrotXHJ6H5_37I81LKo5iepoaGbx_zRbF0B1kfyRgDcyo2C41VbsogMQ8cpPAKLsFn9ZvmHXPrlQ1hYCsRQk0muuGwJL3LwbqCUex0F20FlGEAihLCOsdXPU8I27iTWDh9cQ6gx1ohVNt_4UJt9yPyMKJYM7TSxS1EbAdm3nteZYuDibbyylH6mAAj4Xi6PyVx5XWsAhqM-iuKINvJyUHPrn4Y3k1KzaoOPr_Zsf0F5f3_SUMHZeAnVXhj9lwhxSTXerwZLlGoLpYGAYtzQwBNIsJbMzPr8FORgQ8_SKa3nZNfvZNvTjJ5RBsdVjVY9kat5rdloE8OQo-BU3JbOAvCTTTuLtwsklPSBEO-wKBWvLpKR4bJVgEPC8LEqJQjTtr3XBe77D-PxvFNH7LRxR4lEjgkUHW1mUJwH9AIrg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qi-mei-yin-le-jie-ling-hun-de-yin-hen-gan-shou-lang-man-le-pai-de-feng-pei-qing-gan.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 14F2 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220907&jk=2270844468798228&bg=!RUalRgLNAAZTikH4c4o7ACkAdvg8Wm4UAMy0DN8agmO-cCwa0rkCfz-KTxoeEePn6T4kzQdQYPQM4gIAAAC5UgAAAAJoAQcKAHnnNQTquQSHtKRciI9zL3vCsk3tIKMc9ZjDxlSJGhpCfUMTNaBY45K0BL7yBVXUXxUy2AOhrePyZojyeywnO_J3jnFzZ6CqGdEjLttrk7Z9qoCBVWd318GN5U-ba3pyb0ymwIsFFSY8kS2dtzj15o94dShb4i_xRN1NmQLCN0DrN2k7XUecAJLk7HYK2cbH6oozdHeKAeOfL7LzSAPgDI5h8cPeOJcah0yartyDqz_79Xlt9DTIEgahf0Uiad0lCAPxDy-z971Z9Nw5-ipe3N-B8bEDvHf1Lq6jTpupBQLPVu1iMtld8UuCzZbWpD1jPX1_EC1Hs2Ptg2lS6eJfCNM3Odpi52D5JZtu11R1C38Ddzbn0B5TV5w1EF_C0j4bh0MHOC-xQxjqMGc3cYYoXLuHOkg5hopfZVjs6uFW-vDmLG4bmIaCU-21apG8dmAshYxl5CkY6kSphjQe8kx3L3kwWeZPYBLlqboSo3CDp4cELCtDQbK61_k4AZyNV8AWCSU8_J1gxNslu7eWcqd1r0-4s_a7jI9p5KtWhpX8bjzrB-z31N9hW-82U6r0S3OCPLNkfTPb3gNfizAekTZXlX6XdAVULwnvMNf7wHtAFn_wwPnMiHl9s33-KHffxobafTq6M4hzdBeEvJB2pRllF48T00OULuXfJv4d6oZmwhsZG7ZJwOfTGewgzBbEJSGzmHzCILpWpWLcq-EaNYePw6eaZ4z08orPPy2sjGuLmAMou35z_Ikbi0fMrGJF8U9WGc5r8WiT-ewjZ6Kh9pk83AZZsY-B9L8aKauRfPXblpNMEL-5RMx-abUKOk17QZPWqdQwMbpaETWwWOFqAZ7Me8OTCbYZXUT8M68y5jhedJlOI6HWUst3BTrTMkLIqhe3jlgyCKrF0pQZ_HqdsKTJAa2Yi_ispMQdtG_p3d59-1l_n70dBPWBU3U6K4F-yFt8eKAJRAhb5iv1hTh_pi35Ug5iWnzVUeV3AwrMUHH3xW7DnTxQGL0OAwSfEE2IN4sp9zuDAav6RtADQslOQCYg9O7NO3UTxF2x9pAqTLqAmb-cjSRbVq0efvtIv9RcPAzy-N8WwV8bd_S8_mlTTHaugg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qi-mei-yin-le-jie-ling-hun-de-yin-hen-gan-shou-lang-man-le-pai-de-feng-pei-qing-gan.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
activeview
pagead2.googlesyndication.com/pcs/ Frame FAAE 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstJ8k-vGVBcI8wahqIGhwhvMh9RQ1689LRc0uj-ftla4uasjAx9u8X0Xxaqlv_7R1m4XiqdGXBVH7PuEyJjOW4bgoV73bheB9p93phZTDOxtFKpOfv25KrxEQ&sai=AMfl-YQUjVYhJ9SQgMEGe9d6AuS_z7QWV0ajNChAOdKJfDk1XLTt6Sd77J3z8ZM3MzGK4_5mx5NmbX6vJi3YMb13StHBoEADi6BkULyg_rsZl8GiLgdoJgys5qiGcbHq&sig=Cg0ArKJSzGlLiqx1wdOoEAE&cid=CAASJeRomO8ARMmjsTJrHBJC2w45S5XjUvsgrtacucEWyJcgSWgv3O0&id=lidar2&mcvt=1000&p=60,450,310,750&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220907&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1420297610&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1662798193107&rpt=2208&isd=0&lsd=0&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://a011a39eb7575a461d98b9823b03d532.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Sep 2022 08:23:16 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame B3E4 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209060101/show_ads_impl_fy2021.js?bust=31069437
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 08:23:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 10 Sep 2022 08:23:16 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame B85B 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209060101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 08:23:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 10 Sep 2022 08:23:16 GMT
token
token.rubiconproject.com/ Frame 5204 		0
0
token
token.rubiconproject.com/ Frame 5204 		0
0
token
token.rubiconproject.com/ Frame 5204 		0
0
token
token.rubiconproject.com/ Frame 5204 		0
0
dcm
aax-eu.amazon-adsystem.com/s/ Frame 5204 		0
0
token
token.rubiconproject.com/ Frame 5204 		0
0
tap.php
pixel.rubiconproject.com/ Frame 5204
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEMC-eEttGkycP1Yg3tc2B0c&google_cver=1
42 B
690 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEMC-eEttGkycP1Yg3tc2B0c&google_cver=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qi-mei-yin-le-jie-ling-hun-de-yin-hen-gan-shou-lang-man-le-pai-de-feng-pei-qing-gan.html
Protocol
HTTP/1.1
Server
69.173.158.64 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
dedf7fc216a5bbc739a54325e875a79f
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Sat, 10 Sep 2022 08:23:16 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEMC-eEttGkycP1Yg3tc2B0c&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
esync
token.rubiconproject.com/ Frame 5204
Redirect Chain
  • https://id.rlcdn.com/709414.gif
  • https://token.rubiconproject.com/esync?pid=28028&puid=&pt=e
0
0
bqi.php
lg3.media.net/ Frame C174 		15 B
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lg3.media.net/bqi.php?vgd_len=2899&lf=3&&vgd_hb_audit_1=8CU3SX34C&vgd_hb_audit_2=529820104&vgd_l2type=sca&pid=8POHZR87R&katbid=-103&katen=1&cme=KNo4cmrMJHTf256YdBNh9sPpY4JSchcxjVDFOp8_tmfXh86p0x_CXjS1Rtt-WlAHFVvNiBmypCfeNl2yCJLhDCnavW4UtqR7cdehCkRYszWnTCRae5ySKWKzs9caWdspIXMgp2nBCpz6pqqzgubApdaHQ5RtetpdwAHWqkZP_emI8f-TFmkXvSkcmg-OjDR6ojMTIMyTyQPBH-fkyGwmrQ==||5km1I4o2OiZf0XNu18J7tIJCMFEp-lDsTewV5cLrdNtSVODq0KjC_NxEFNhpJHlhanggg99_tFLBo6o1EBZBhK7b4d5jipP9sioN-eqrSC2RlQmDubQJKpCK_BCqtu3M54jmoHSxo68ZQv-F4Nm5f4gOBDIM7ZyKnqz_cxFeElUQoql_IsACclRTjBGpi7zZ7DC5ghppjvvCYLmdPyXeEs-pxh_URCYGG4mpWedKX5dA5EmnRec0XA==|u8A6SM53vAdJjhazCSusZAnIl_9HqKRb|jyjVTouP1sOI3OR67jxweNSVYtHEv6HR|a0AmFUYXmD6ASqXHhJuVwQhdp4_HJdO5PL2fuJszgjo=|dsA6EMpZ47R6ljdz__nQtthZoUpm2bb5|&gdpr=0&prid=8PRVCXX19&cid=8CUABW64L&crid=131738877&requrl=https%3A%2F%2Fwww.bg3.co&vi=1662798194405287317&ugd=4&cc=AU&sc=NSW&bdrid=4&subBdr=186&startTime=1662798194859&l2type=sca&vgd_l1rakh=1662798194180111380&l1ch=1&sttm=1662798194867&upk=1662798195.24736&hvsid=00001662798194867029185683573693&acid=497c40dca8f14bb3bef0dce419605f73&verid=3111299&vgd_bdata=sd2%3Dnull~iurl_l%3D50~ogerpm%3D0.01~vis_sd%3D242~dc2%3D1~scd%3Dnsw~v_asn%3D54203~vl2r_sd%3D2022091002~iurl_b%3D71022.73~url_tkc%3D0~std%3D~last%3D~vis_url_b%3D0.1~ip%3D3bw0Uw~fbb%3D0~vis_url_l%3D40~riipua%3D160%2C161~et%3D7~rc%3D1~risuid%3D0%2C0~rps_sd%3D2022091002~vis_b%3D129.22~url_b%3D0.01~url_tvi%3D661~url_l%3D50~gcat%3D-1~bb%3D186~vv%3D0~l2r_b%3D1000~erpm%3D0.01~bm%3D1~sid%3D97335391a67a729904180958400b477a~sd%3D1~uid%3D15fBzDQfZClB5ZLgu~btd%3D242849361287764584894219095899970689414839809132097575660418305953794499168896880644~d2p_l%3D70~3pcf%3D2.89~uim%3D0~og_msh%3D0.01~dmm_strg%3Dharmony~d2p_b%3D0.89~ogd2p_b%3D0.84~vurl_b%3D0.12~ss%3DNA~uiw%3D-1~ce%3D0~rps_b%3D22.7~vurl_l%3D30~CI%3D2733~nts%3D3~tb%3D-1~ct%3Dbeaconsfield~basis2%3D196~basis1%3D196~isRef%3D0~ivurl_b%3D8.55~isif%3D0~lc%3D3~bid%3D0.02~dc%3D8~vl2r_b%3D0.85~ivurl_l%3D30~supply_tag_id%3D%7Eamp%3D1%7Ecbdp%3D0.011%7Edmm%3Dharmony%7Esuid%3DCAESEFYwOrJf0T494foK9Y7-TPQ%7Esd%3D1%7Edtc%3Dapac_sg%7Exid%3DADX-pub-4485239425924787%7Edalg%3Dunison12%7Ehtml%3D1%7Eadblk%3D3314916115%7Esobp%3D%7Ectr%3D4.0885925E-4%7Ebdpcapd%3D0%7Edmm_erpm%3Dtrue%7Ebflr%3D0.010%7Eogbid%3D0.020%7Eac_type%3D1%7Eitype_id%3D17%7Eseller_tag_id%3D%7Edetected_tag_id%3D%7Edcut%3D1%7Edogb%3D0-1~ibc%3D1~ddt%3D-1~nsz%3D3~tgs%3D250x250%7C300x250%7C336x280~bsb%3D0~bsp%3D0~tmx%3D254&matchstring=hr%3D0%7Cbcat%3D11%2C47%2Ch%2Cgo%2Ci2%7Ccsh%3D1&vgd_matchstr=hr%3D0%7Cbcat%3D11%2C47%2Ch%2Cgo%2Ci2%7Ccsh%3D1&vgd_sc=NSW&infr=1&twna=1&stime=1662798193283&vgd_ecrid=1700080807683300336028000000500&l1hcsd=l1!Sdgs7|5993&vgd_l1rhst=contextual.media.net&vgd_uspa=0&vgd_isiolc=1&pvl=%7B%22dtc%22%3A%22apac_sg%22%2C%22mbr%22%3A1%2C%22l1rpth%22%3A%22%2Fnmedianet.js%22%2C%22pgids%22%3A1%7D&vgd_fcm_enc_mis=1&l2ch=0&vgd_pgid=p0159616195t202209100823&vgd_pgids=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qi-mei-yin-le-jie-ling-hun-de-yin-hen-gan-shou-lang-man-le-pai-de-feng-pei-qing-gan.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.252.26 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-252-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=21600
server
Apache
date
Sat, 10 Sep 2022 08:23:16 GMT
ntcoent-length
15
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
max-age=16057
content-length
15
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5DEF 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
7287
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 10 Sep 2022 06:21:49 GMT
expires
Sun, 10 Sep 2023 06:21:49 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 52EB 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f104.1e100.net
Software
GSE /
Resource Hash
0bca8517aa151603ee4d67c771c893959de2b5f1e89ba2596ab39e81f0c81816
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-SFaU9i_2N4DPuR5O6anj7w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-SFaU9i_2N4DPuR5O6anj7w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 10 Sep 2022 08:23:16 GMT
expires
Sat, 10 Sep 2022 08:23:16 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame F2A1 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
7287
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 10 Sep 2022 06:21:49 GMT
expires
Sun, 10 Sep 2023 06:21:49 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 5E0F 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f104.1e100.net
Software
GSE /
Resource Hash
5ff3b3d1ad750611b9db677d0796f42a50f06982315e23ff264a2aa7d74e0bf9
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-msOwR-aFMNj8BAiupGQtzQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-msOwR-aFMNj8BAiupGQtzQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 10 Sep 2022 08:23:16 GMT
expires
Sat, 10 Sep 2022 08:23:16 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
usermatch
ssum-sec.casalemedia.com/ Frame E25E 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc8407fe752e34b4bb4a770b71757bcfff7c3209e500b1f2c366a4daa2d7f5f4

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
7486c2bacd8f554b-SYD
content-encoding
br
content-type
text/html
date
Sat, 10 Sep 2022 08:23:17 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SKbwTmwiCQ18yZ%2F2oG704gso8DTY%2BStaCJLnEv%2FcYpjvxGg0h6QJDWHbv3cUnmLw792bY%2BAnUiAH01OXzrc4AiMRMJXaddYaqwq8OfHNF3CpcDP7flUlceLNGD6ybH6hL1JmILEA%2FkL5XQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 8D0C 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.72.44.196 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=25583
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Sat, 10 Sep 2022 08:23:16 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Sat, 10 Sep 2022 15:29:39 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
13926
g2.gumgum.com/usync/ Frame F3FF 		0
0
/
onetag-sys.com/usync/ Frame 9990 		2 KB
863 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.79.234.101 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-51-79-234.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
sync
ssbsync.smartadserver.com/api/ Frame 698D 		597 B
699 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.106.127.53 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
0eaf9eeca0f6319ae8d567ef93ab4ea0df35b723b185f4a7ff7dcb79d53260b2

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

content-length
597
content-type
text/html
date
Sat, 10 Sep 2022 08:23:15 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 89ED 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b53641b1194aa117c5a3881c3331863830e477c64bb14fc4d1fa91c19ba7276

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
7486c2bacd90554b-SYD
content-encoding
br
content-type
text/html
date
Sat, 10 Sep 2022 08:23:17 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FXrHfVyyHDXXpKt4FeUOACPzqSvucZarwBqOzmVgbr1070o2V9LftSO4LfpfUfWwyhU6Zd%2FwGLXavwHrskCxIj%2Bs1s%2BTSKh5dcWo4GUEU9vu%2FZGIuaUOzxMgsVNf%2ByDpoxGwZ31a0CFJXA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 21DD
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
281 B
573 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.15.148.136 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-15-148-136.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 10 Sep 2022 08:23:17 GMT
ETag
"40014-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Unused62
8096267
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sat, 10 Sep 2022 08:23:16 GMT
location
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
server
AkamaiGHost
setuid
x.yieldlift.com/ Frame D2CC
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=13702&gdpr=0&gdpr_consent=&us_privacy=1YN-&
  • https://x.yieldlift.com/setuid?bidder=rubicon&uid=L7VN3ZUG-R-94Q5&gdpr=0&us_privacy=1YN-
0
0
sync
ads.servenobid.com/ Frame D2CC
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID
  • https://ads.servenobid.com/sync?pid=312&uid=8576658518161717200
0
0
merge
ce.lijit.com/ Frame D2CC 		0
0
pixel
ap.lijit.com/ Frame D2CC 		0
0
getuid
x.yieldlift.com/ Frame D2CC 		0
0
RX-c91c9ec1-1f70-4729-86b8-0e73aebdef5b-004
sync.targeting.unrulymedia.com/csync/ Frame D2CC
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4313540450
  • https://sync.1rx.io/usersync/tradedesk/9e4e4e56-cdb2-438a-ae55-90584569c230
  • https://sync.targeting.unrulymedia.com/csync/RX-c91c9ec1-1f70-4729-86b8-0e73aebdef5b-004
0
0
sync
ads.servenobid.com/ Frame D2CC
Redirect Chain
  • https://p.rfihub.com/cm?pub=44007&in=1
  • https://ads.servenobid.com/sync?pid=324&uid=1992631737148350183
0
0
usa
sync.go.sonobi.com/ Frame D2CC 		0
0
ImgSync
image8.pubmatic.com/AdServer/ Frame D2CC
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D
  • https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=1&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-mo....
0
0
sync
ads.servenobid.com/ Frame D2CC
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58559/occ
  • https://ads.servenobid.com/sync?pid=337&uid=y-iLV8alRE2uF3vvqCbv6HztQALkSxLibF1WTmNIc-~A
0
367 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=337&uid=y-iLV8alRE2uF3vvqCbv6HztQALkSxLibF1WTmNIc-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.48.53.23 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-53-23.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 08:23:17 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=337&uid=y-iLV8alRE2uF3vvqCbv6HztQALkSxLibF1WTmNIc-~A
date
Sat, 10 Sep 2022 08:23:16 GMT
server
ATS/9.1.10.25
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
redirectuser
ssp.disqus.com/ Frame D2CC 		0
0
sync
ads.servenobid.com/ Frame D2CC
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58632/occ
  • https://ads.servenobid.com/sync?pid=339&uid=y-iLV8alRE2uF3vvqCbv6HztQALkSxLibF1WTmNIc-~A
0
367 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=339&uid=y-iLV8alRE2uF3vvqCbv6HztQALkSxLibF1WTmNIc-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.48.53.23 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-53-23.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 08:23:17 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=339&uid=y-iLV8alRE2uF3vvqCbv6HztQALkSxLibF1WTmNIc-~A
date
Sat, 10 Sep 2022 08:23:16 GMT
server
ATS/9.1.10.25
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
PugMaster
image6.pubmatic.com/AdServer/ Frame FE29 		0
0
async_usersync
ib.adnxs.com/ Frame 7CA5 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.151.120 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
908.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 10 Sep 2022 08:23:16 GMT
X-Proxy-Origin
173.245.209.165; 173.245.209.165; 908.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid
4eb675df-1342-4007-a0ec-2463caef3d94
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 52EB 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220907&jk=2709184894833235&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qi-mei-yin-le-jie-ling-hun-de-yin-hen-gan-shou-lang-man-le-pai-de-feng-pei-qing-gan.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
JI0Pcydj_YJwFyiv8pAtPmsHnnPx6gDBxLt0n0XpIm8.js
pagead2.googlesyndication.com/bg/ Frame 5DEF 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/JI0Pcydj_YJwFyiv8pAtPmsHnnPx6gDBxLt0n0XpIm8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
sffe /
Resource Hash
248d0f732763fd82701728aff2902d3e6b079e73f1ea00c1c4bb749f45e9226f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 00:27:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
201320
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15957
x-xss-protection
0
last-modified
Mon, 29 Aug 2022 10:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 08 Sep 2023 00:27:57 GMT
sync
ads.servenobid.com/ Frame 698D 		0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=317&uid=3136896332126181238&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.53.23 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-53-23.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 08:23:17 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
/
rtb-csync.smartadserver.com/redir/ Frame 698D
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-EtBqU4Lj3YbAv.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?partnerid=80&gdpr=0&partneruserid=0QxhzdMGZ57KD2LIhlt9n4QGaMjKWjbKgVmiIVqw
0
0
/
csync.loopme.me/ Frame 698D 		0
0
1.gif
id5-sync.com/c/102/0/9/ Frame 698D
Redirect Chain
  • https://id5-sync.com/i/102/9.gif?gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/102/0/9/1.gif?gdpr=0&gdpr_consent=&us_privacy=
0
0
/
rtb-csync.smartadserver.com/redir/ Frame 698D
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=smart-adserver&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?partnerid=75&issi=1&partneruserid=9e4e4e56-cdb2-438a-ae55-90584569c230&gdpr=0&gdpr_consent=
0
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 5E0F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220907&jk=4230146200296490&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qi-mei-yin-le-jie-ling-hun-de-yin-hen-gan-shou-lang-man-le-pai-de-feng-pei-qing-gan.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
JI0Pcydj_YJwFyiv8pAtPmsHnnPx6gDBxLt0n0XpIm8.js
pagead2.googlesyndication.com/bg/ Frame F2A1 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/JI0Pcydj_YJwFyiv8pAtPmsHnnPx6gDBxLt0n0XpIm8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
sffe /
Resource Hash
248d0f732763fd82701728aff2902d3e6b079e73f1ea00c1c4bb749f45e9226f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 00:27:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
201320
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15957
x-xss-protection
0
last-modified
Mon, 29 Aug 2022 10:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 08 Sep 2023 00:27:57 GMT
usync.js
eus.rubiconproject.com/ Frame 018B 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=medianet
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.15.148.136 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-15-148-136.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
7bf33c686c7d0098b15fa105f49c725fa99d02b4800bae9e067f339160d4d7b1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=medianet
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 10 Sep 2022 08:23:17 GMT
Content-Encoding
gzip
Last-Modified
Wed, 24 Aug 2022 20:46:19 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=29001
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9378
Expires
Sat, 10 Sep 2022 16:26:38 GMT
pixel
cm.g.doubleclick.net/ Frame 89ED 		0
0
dcm
s.amazon-adsystem.com/ Frame 89ED 		0
0
rum
dsum-sec.casalemedia.com/ Frame 89ED
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=9e4e4e56-cdb2-438a-ae55-90584569c230&expiration=1665390197&gdpr=0&gdpr_consent=
0
0
YxxJcleRX__WhDr2FRISFgAAFMMAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 89ED 		0
0
pm_match
um.simpli.fi/ Frame 89ED 		0
0
ie
match.prod.bidr.io/cookie-sync/ Frame 89ED 		0
0
img
sync.mathtag.com/sync/ Frame 89ED 		0
0
/
csync.loopme.me/ Frame 89ED 		0
0
sync
ads.servenobid.com/ Frame 89ED 		0
0
activeview
pagead2.googlesyndication.com/pcs/ Frame C174 		0
0
generate_204
tpc.googlesyndication.com/ Frame 5DEF 		0
0
getuid
secure.adnxs.com/ Frame E25E 		0
0
sync
ups.analytics.yahoo.com/ups/55940/ Frame E25E 		0
0
ZMAwryCI
sync-tm.everesttech.net/upi/pid/ Frame E25E 		0
0
cs
ad.turn.com/r/ Frame E25E 		0
0
ie
match.prod.bidr.io/cookie-sync/ Frame E25E 		0
0
/
b1sync.zemanta.com/usersync/index/ Frame E25E 		0
0
pixel
cm.g.doubleclick.net/ Frame E25E 		0
0
casale
match.adsrvr.org/track/cmf/ Frame E25E 		0
0
htw-pixel.gif
cdn.indexww.com/ht/ Frame E25E 		0
0
generate_204
tpc.googlesyndication.com/ Frame F2A1 		0
0
sync.php
pixel.rubiconproject.com/exchange/ Frame 018B 		0
0
usync.js
eus.rubiconproject.com/ Frame 21DD 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
hb-api.omnitagjs.com
URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fqi-mei-yin-le-jie-ling-hun-de-yin-hen-gan-shou-lang-man-le-pai-de-feng-pei-qing-gan.html&CanonicalUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fqi-mei-yin-le-jie-ling-hun-de-yin-hen-gan-shou-lang-man-le-pai-de-feng-pei-qing-gan.html&PublisherDomain=https%3A%2F%2Fbg3.co%2F
Domain
pix.impdesk.com
URL
https://pix.impdesk.com/csync/google?google_gid=CAESEMETWLeE20p6rK103u7DeNo&google_cver=1&google_push=AehlK4B66kpw_FkrPKZ1fjbQcGhnQutrGPngMWZUPSHx3HAWdYWUSFseLTHA4v66vdSOyxudoC4MCo3uo4qJZNmJxwvau2YEInHvdu2v_RbIa5qsHESD0_m6WRQwAByVeEHPnGJInnVgrvM
Domain
ad.audience73.com
URL
https://ad.audience73.com/adx_sync?google_gid=CAESEEg9uW7nCCkacdCOXI9WBWQ&google_cver=1&google_push=AehlK4CdqVFnIQ1nTV4qOmARZnd2etuN9rRfCst_MRZ84iKO-gDOa34DoM7eNifPw-TjuXnkjjw-osBPYFiM_EtzIB-uYWDR42d9FLiPc8gmM17mh3-gcgE3zjk80PKIPIa3lk8ZmYdusgg
Domain
id5-sync.com
URL
https://id5-sync.com/c/495/0/0/1.gif?gdpr=0&gdpr_consent=&us_privacy=
Domain
a.rfihub.com
URL
https://a.rfihub.com/cm?pub=445&google_error=5
Domain
ad.audience73.com
URL
https://ad.audience73.com/adx_sync?google_gid=CAESEEg9uW7nCCkacdCOXI9WBWQ&google_cver=1&google_push=AehlK4BRuKQFUcSkONncv-Tkgl5ngMP6JzGjMIVm-JKx7Up1o-IsQ6hpmrxVaROqw3g6moucrOvPF-xKx4pPyoCTDtDKXcFiJBY
Domain
pixel.tapad.com
URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10525404912588158618&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.visitorid%3D%24%7BTA_DEVICE_ID%7D%26ssp%3Dadaptmx%26gdpr_consent%3D%26gdpr%3D0
Domain
cm.adform.net
URL
https://cm.adform.net/cookie?gdpr=1&gdpr_consent=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F3%2F317%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26A%3D4b2dc87e-5abd-4bba-9846-3ffedc788cbf%26bidder%3Dadform%26cbx%3DaHR0cHM6Ly9pYi5hZG54cy5jb20vcHJlYmlkL3NldHVpZD9iaWRkZXI9YW14JnVpZD00YjJkYzg3ZS01YWJkLTRiYmEtOTg0Ni0zZmZlZGM3ODhjYmY%253D%26uid%3D%24UID
Domain
jp-u.openx.net
URL
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AZVSBkrv_ON0ks8ADsaW65qk8M8AAAGDJn7x6Q
Domain
sync.targeting.unrulymedia.com
URL
https://sync.targeting.unrulymedia.com/csync/RX-c91c9ec1-1f70-4729-86b8-0e73aebdef5b-004?redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3057997956835795000V10%26type%3Dr1%26refUrl%3D%26vid%3D27981958673057997956835795000V10%26ovsid%3DRX-c91c9ec1-1f70-4729-86b8-0e73aebdef5b-004
Domain
sync.mathtag.com
URL
https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Dmedianet%26bsw_param%3Dc9f9f6b0-0ffe-407d-8133-0592fe6e4f3e&gdpr=0&gdpr_consent=
Domain
stags.bluekai.com
URL
https://stags.bluekai.com/site/23178?id=9cETBB6pVwWgohKpgykq&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPJZMNCVIQSCGZYFM52XM5XWQS3QM54WW4JGOJSWMVLSNQ6SM5DZOBST26TFNUTHM2LEHUZDOOJYGE4TKOBWG4ZTANJXHE4TOOJVGY4DGNJXHE2TAMBQKYYTAJTWONUWIPJTGA2TOOJZG44TKNRYGM2TOOJVGAYDAVRRGA
Domain
rtb.mfadsrvr.com
URL
https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=3057997956835795000V10
Domain
s.amazon-adsystem.com
URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=1461766602273759921036&dcc=t
Domain
stags.bluekai.com
URL
https://stags.bluekai.com/site/23178?id=vUv5jUkfRiNXqvOnHfS4&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5OZKXMNLKKVVWMUTJJZMHC5SPNZEGMUZU&gdpr=0
Domain
token.rubiconproject.com
URL
https://token.rubiconproject.com/token?pid=26594
Domain
token.rubiconproject.com
URL
https://token.rubiconproject.com/token?pid=2249&pt=n
Domain
token.rubiconproject.com
URL
https://token.rubiconproject.com/token?pid=25470
Domain
token.rubiconproject.com
URL
https://token.rubiconproject.com/token?pid=36584
Domain
aax-eu.amazon-adsystem.com
URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
Domain
token.rubiconproject.com
URL
https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
Domain
token.rubiconproject.com
URL
https://token.rubiconproject.com/esync?pid=28028&puid=&pt=e
Domain
g2.gumgum.com
URL
https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Domain
x.yieldlift.com
URL
https://x.yieldlift.com/setuid?bidder=rubicon&uid=L7VN3ZUG-R-94Q5&gdpr=0&us_privacy=1YN-
Domain
ads.servenobid.com
URL
https://ads.servenobid.com/sync?pid=312&uid=8576658518161717200
Domain
ce.lijit.com
URL
https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D
Domain
ap.lijit.com
URL
https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID
Domain
x.yieldlift.com
URL
https://x.yieldlift.com/getuid?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D314%26uid%3D%24UID
Domain
sync.targeting.unrulymedia.com
URL
https://sync.targeting.unrulymedia.com/csync/RX-c91c9ec1-1f70-4729-86b8-0e73aebdef5b-004
Domain
ads.servenobid.com
URL
https://ads.servenobid.com/sync?pid=324&uid=1992631737148350183
Domain
sync.go.sonobi.com
URL
https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D
Domain
image8.pubmatic.com
URL
https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=1&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-mo.net%252Fcchain%252F1%252F564%253Fgdpr%253D0%2526gdpr_consent%253D%2526us_privacy%253D1YN-%2526A%253D4b2dc87e-5abd-4bba-9846-3ffedc788cbf%2526bidder%253Dpubmatic%2526cbx%253DaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%25253D%2526uid%253D%2523PMUID
Domain
ssp.disqus.com
URL
https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID
Domain
image6.pubmatic.com
URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=98329518&p=159463&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Domain
rtb-csync.smartadserver.com
URL
https://rtb-csync.smartadserver.com/redir/?partnerid=80&gdpr=0&partneruserid=0QxhzdMGZ57KD2LIhlt9n4QGaMjKWjbKgVmiIVqw
Domain
csync.loopme.me
URL
https://csync.loopme.me/?redirect=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D124%26partneruserid%3D%7Bdevice_id%7D&gdpr=0&gdpr_consent=
Domain
id5-sync.com
URL
https://id5-sync.com/c/102/0/9/1.gif?gdpr=0&gdpr_consent=&us_privacy=
Domain
rtb-csync.smartadserver.com
URL
https://rtb-csync.smartadserver.com/redir/?partnerid=75&issi=1&partneruserid=9e4e4e56-cdb2-438a-ae55-90584569c230&gdpr=0&gdpr_consent=
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YxxJcleRX__WhDr2FRISFgAAFMMAAAAB&gdpr_consent=&us_privacy=&gdpr=
Domain
s.amazon-adsystem.com
URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YxxJcleRX__WhDr2FRISFgAAFMMAAAAB
Domain
dsum-sec.casalemedia.com
URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=9e4e4e56-cdb2-438a-ae55-90584569c230&expiration=1665390197&gdpr=0&gdpr_consent=
Domain
pr-bh.ybp.yahoo.com
URL
https://pr-bh.ybp.yahoo.com/sync/casale/YxxJcleRX__WhDr2FRISFgAAFMMAAAAB?gdpr_consent=&us_privacy=&gdpr=
Domain
um.simpli.fi
URL
https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID
Domain
match.prod.bidr.io
URL
https://match.prod.bidr.io/cookie-sync/ie
Domain
sync.mathtag.com
URL
https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D
Domain
csync.loopme.me
URL
https://csync.loopme.me/?redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=
Domain
ads.servenobid.com
URL
https://ads.servenobid.com/sync?pid=333&uid=YxxJcleRX__WhDr2FRISFgAAFMMAAAAB
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu2RC4xkWQW1hXLuq44CITOo3BgQI-ErRqd-WzcIjqrp6LfpmrK3kKtdlFJ-YNvvEuQ-_NpuPHv_dV_D2JpvLg8DFbK&sig=Cg0ArKJSzMBEuleloO9YEAE&cid=CAASFeRoYHWng-dwnHVFq58e5226w-AmMg&id=lidar2&mcvt=1008&p=0,0,284,336&mtos=0,1008,1008,1008,1008&tos=0,1008,0,0,0&v=20220907&bin=7&avms=nio&bs=0,0&mc=0.99&if=1&vu=1&app=0&itpl=20&adk=3314916115&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1662798192462&rpt=3736&met=mue&wmsd=0
Domain
tpc.googlesyndication.com
URL
https://tpc.googlesyndication.com/generate_204?885quA
Domain
secure.adnxs.com
URL
https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
Domain
ups.analytics.yahoo.com
URL
https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YxxJcleRX__WhDr2FRISFgAAFMMAAAAB&gdpr_consent=&us_privacy=&gdpr=
Domain
sync-tm.everesttech.net
URL
https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
Domain
ad.turn.com
URL
https://ad.turn.com/r/cs?pid=21
Domain
match.prod.bidr.io
URL
https://match.prod.bidr.io/cookie-sync/ie
Domain
b1sync.zemanta.com
URL
https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent=
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YxxJcleRX__WhDr2FRISFgAAFMMAAAAB&gdpr_consent=&us_privacy=&gdpr=
Domain
match.adsrvr.org
URL
https://match.adsrvr.org/track/cmf/casale
Domain
cdn.indexww.com
URL
https://cdn.indexww.com/ht/htw-pixel.gif?YxxJcleRX--WhDr2FRISFgAA%265315
Domain
tpc.googlesyndication.com
URL
https://tpc.googlesyndication.com/generate_204?O-79vA
Domain
pixel.rubiconproject.com
URL
https://pixel.rubiconproject.com/exchange/sync.php?p=medianet&khaos=L7VN3ZUG-R-94Q5
Domain
eus.rubiconproject.com
URL
https://eus.rubiconproject.com/usync.js

Verdicts & Comments Add Verdict or Comment

102 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| adpushup object| ucfad_async object| AMP object| AMP_CONFIG object| AMP_EXP object| __AMP_LOG function| HTMLElementOrig object| __AMP_ERRORS object| __AMP_MODE function| __AMP_REPORT_ERROR object| __AMP_TOP object| __AMP_SERVICES object| __AMP_URL_CACHE object| __AMP__EXPERIMENT_TOGGLES boolean| __AMP_TAG object| __AMP_EXTENDED_ELEMENTS function| __AMP_BASE_CE_CLASS function| setImmediate function| clearImmediate object| ucf object| request string| paramsString number| ampAdSlotIdCounter object| adRecover object| __AMP_EXPERIMENT_BRANCHES object| goog_identity_prom string| __AMP_DEFAULT_BOOTSTRAP_SUBDOMAIN number| ampAdGoogleIfiCounter undefined| $ undefined| jQuery string| currentState object| googletag object| _apPbJs object| hbAnalytics object| adpTags function| jqAlias object| google_reactive_ads_global_state object| gaGlobal number| ampAdPageCorrelator object| ggeac object| google_tag_data object| google_js_reporting_queue object| listeningFors number| 3pla object| google_ad_modifications number| google_global_correlator object| google_prev_clients object| _qevents object| _apPbJsChunk object| _pbjsGlobals object| mnet string| nobidVersion object| nobid object| Criteo object| ap_link_preview_states object| apLinkPreviewUtils object| apEuCountries function| quantserve function| __qc object| ezt object| _qoptions function| qtrack undefined| google_measure_js_timing boolean| noPreviewPage object| dataLayer function| gtag object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| google_tag_manager function| onYouTubeIframeAPIReady object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| criteo_pubtag object| criteo_pubtag_prebid_117 object| Criteo_prebid_117

67 Cookies

Domain/Path Name / Value
.3lift.com/sync Name: sync
Value: CgoIoQEQwtj7s7IwCgoIgQIQwtj7s7IwCgoI4gEQwtj7s7IwCgoI5gEQwtj7s7IwCgoIhwIQwtj7s7IwCgkICRDC2PuzsjAKCQg6EMLY-7OyMAoJCAsQwtj7s7IwCgoIjAIQwtj7s7IwCgkIXxDC2PuzsjA=
.aralego.com/ Name: sspid
Value: 6804c3bd-4245-33c2-b503-9ba2a85305e3
www.bg3.co/ Name: __AP_SESSION__
Value: 08590ca9-e29f-4e08-b709-f8a920fb78a4
.aralego.com/ Name: euconsent-v2
Value:
.aralego.com/ Name: gdpr
Value: 1
.adpushup.com/ Name: ap_uid
Value: ce0ee190-30e1-11ed-a2eb-000d3aa37209
.adpushup.com/ Name: ap_usid
Value: ce0ee191-30e1-11ed-a2eb-000d3aa37209
www.bg3.co/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.bg3.co/ Name: _pubcid
Value: ab91f60c-3741-44c6-a0a2-58038acc8062
.bg3.co/ Name: __gpi
Value: UID=000009aa1788d601:T=1662798190:RT=1662798190:S=ALNI_MY7oNokjF5Zu3U1zrRu2TxNl8U5gQ
.openx.net/ Name: i
Value: ab91f60c-3741-44c6-a0a2-58038acc8062|1662798191
.rubiconproject.com/ Name: khaos
Value: L7VN3ZUG-R-94Q5
.rubiconproject.com/ Name: audit
Value: 1|WD0cx+9RTMKMGmnET1izRrUyebV3a1stliAj8y424YSCwjKOsr0sky5zFwEio2Ja4HEYI5ehIrUHstlW8EOOMtzpQ7vzkXQ/
.doubleclick.net/ Name: IDE
Value: AHWqTUnr-flnQppg-Ko4BnHnj-Hx3541D5tepElNbC6BVqtGly7G_W2Z_FZQiD6gC70
.adnxs.com/ Name: icu
Value: ChgIm_VtEAoYASABKAEw75LxmAY4AUABSAEQ75LxmAYYAA..
.adnxs.com/ Name: uuid2
Value: 8576658518161717200
.prebid.a-mo.net/ Name: __amc
Value: 1_1662798191_1662798191
.a-mo.net/ Name: amuid2
Value: 4b2dc87e-5abd-4bba-9846-3ffedc788cbf
.prebid.a-mo.net/ Name: sd_amuid2
Value: 4b2dc87e-5abd-4bba-9846-3ffedc788cbf
www.bg3.co/ Name: qcSxc
Value: 1662798191909
.quantserve.com/ Name: mc
Value: 631c4970-02fad-1c98f-efdff
.bg3.co/ Name: __qca
Value: P0-1956325324-1662798191906
.teads.tv/ Name: tt_viewer
Value: bae479d0-8961-4e49-abb7-152cd959d0f4
.bg3.co/ Name: _ga_Z0TZ7TDHS1
Value: GS1.1.1662798193.1.0.1662798193.0.0.0
.bg3.co/ Name: _ga
Value: GA1.1.603661722.1662798192
.bg3.co/ Name: __gads
Value: ID=e2bd7ee8e1ebbef5:T=1662798190:S=ALNI_MZtYeVfw9cVE9fETYo42Jk4meQ1gQ
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2Ilaq*f8$!]tbPl1M>e)ZlrFUfJ+tGXxpWQ0L!`<vl6DX7+HF[iD6a_?7s@_K@E3.*vkP3If)y3KL9D3I?+WSZ`[o
.casalemedia.com/ Name: CMPS
Value: 4752
.doubleclick.net/ Name: DSID
Value: NO_DATA
.ctnsnet.com/ Name: cid_d0bb4d95e2e84ae58e1ee471d084c156
Value: 1
.ctnsnet.com/ Name: gid_CAESEP9Ad2gsO9v3ADF6KyHADIo
Value: 1
.yahoo.com/ Name: A3
Value: d=AQABBHJJHGMCEHZlmVdrrl5h2B_ZH8JG3F8FEgEBAQGaHWMmYwAAAAAA_eMAAA&S=AQAAAi1cM6P8BvewSvbwiRMeDDY
.casalemedia.com/ Name: CMID
Value: YxxJcleRX--WhDr2FRISFgAA
.casalemedia.com/ Name: CMPRO
Value: 5315
.socdm.com/ Name: SOC
Value: YxxJc8Co5sIAAHzKLNcAAAAA
.simpli.fi/ Name: suid
Value: A7FECE5223934D0E9780D1E84F40E738
.send.microad.jp/ Name: TR
Value: 1149eacae4346f18e8b23814c66f1b147ef0cf1576e17c3e
.adkernel.com/ Name: ADK_EX_11
Value: 1
.media.net/ Name: visitor-id
Value: 3057997956835795000V10
www.bg3.co/ Name: pbjs-unifiedid
Value: %7B%22TDID%22%3A%22939bce09-e1b1-4bec-af37-5a8d2f0c4997%22%2C%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222022-09-10T08%3A23%3A16%22%7D
.uncn.jp/ Name: t
Value: v_c9a06f58-7c9f-4889-85d8-89031e2c5691
.adsrvr.org/ Name: TDID
Value: 9e4e4e56-cdb2-438a-ae55-90584569c230
.openx.net/ Name: pd
Value: v2|1662798195|jElYiuvOiahI
.media.net/ Name: data-g
Value: CAESEEwdar_oTK9jRxi2537-j5s~~6
.smartadserver.com/ Name: pid
Value: 3136896332126181238
.prebid.a-mo.net/ Name: _sv3_2
Value: 1
.3lift.com/ Name: tluid
Value: 1461766602273759921036
.adsrvr.org/ Name: TDCPM
Value: CAESFgoHc3Z4OXQ1MBILCKq7kuT3w4k7EAUYASABKAIyCwiqs5WRjsSJOxAFOAFaB3N2eDl0NTBgAg..
.media.net/ Name: data-ttd
Value: 9e4e4e56-cdb2-438a-ae55-90584569c230~~1
.adkernel.com/ Name: ADKUID
Value: A8502867332550102472
.e-volution.ai/ Name: ADK_EX_193
Value: 1
.analytics.yahoo.com/ Name: IDSYNC
Value: 196y~272w
.openx.net/ Name: univ_id
Value: 537072971|9e4e4e56-cdb2-438a-ae55-90584569c230|1662798196012078
.ad-m.asia/ Name: uid
Value: 8stHViMtaL
.socdm.com/ Name: SOSYNC
Value: anNvbjp7ImdkbiI6MTY2Mjc5ODE5Nn0
.casalemedia.com/ Name: CMTS
Value: 4737
.dotomi.com/ Name: DotomiTest
Value: 14bf5e0e91c8200e
.bidswitch.net/ Name: tuuid
Value: 09a44ca7-f1fb-44bf-bb48-0934f7c5e1fc
.bidswitch.net/ Name: c
Value: 1662798196
.bidswitch.net/ Name: tuuid_lu
Value: 1662798196
.e-volution.ai/ Name: ADKUID
Value: A8502867332550102472
.bing.com/ Name: MUID
Value: 3EEC3E4B54F467AE093D2C5055C666D7
.c.bing.com/ Name: MR
Value: 0
.linkedin.com/ Name: li_sugr
Value: 3f10933a-69ff-4664-b5a7-3bb89c230e6e
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&a5771905-5ab0-4abe-89a0-983f6b28dc06"
.linkedin.com/ Name: lidc
Value: "b=OGST02:s=O:r=O:a=O:p=O:g=2757:u=1:x=1:i=1662798196:t=1662884596:v=2:sig=AQHKQ4y3Ag5JhZCk_sphCK77NXFIhSUe"

9 Console Messages

Source Level URL
Text
network error URL: https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fqi-mei-yin-le-jie-ling-hun-de-yin-hen-gan-shou-lang-man-le-pai-de-feng-pei-qing-gan.html&CanonicalUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fqi-mei-yin-le-jie-ling-hun-de-yin-hen-gan-shou-lang-man-le-pai-de-feng-pei-qing-gan.html&PublisherDomain=https%3A%2F%2Fbg3.co%2F
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://cdn.adpushup.com/42753/L2EvcWktbWVpLXlpbi1sZS1qaWUtbGluZy1odW4tZGUteWluLWhlbi1nYW4tc2hvdS1sYW5nLW1hbi1sZS1wYWktZGUtZmVuZy1wZWktcWluZy1nYW4uaHRtbA==.json
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://rtb.adxpremium.services/openrtb2/auction
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
other warning URL: https://cdn.ampproject.org/rtv/012208121708000/v0/amp-ad-exit-0.1.mjs(Line 1)
Message:
Unrecognized feature: 'attribution-reporting'.
network error URL: https://ad.audience73.com/adx_sync?google_gid=CAESEEg9uW7nCCkacdCOXI9WBWQ&google_cver=1&google_push=AehlK4CdqVFnIQ1nTV4qOmARZnd2etuN9rRfCst_MRZ84iKO-gDOa34DoM7eNifPw-TjuXnkjjw-osBPYFiM_EtzIB-uYWDR42d9FLiPc8gmM17mh3-gcgE3zjk80PKIPIa3lk8ZmYdusgg
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4126554779393986&output=html&adk=1812271804&adf=2253520748&plat=1%3A520%2C2%3A520%2C8%3A512%2C9%3A520%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1049088%2C32%3A32&format=0x0&url=https%3A%2F%2Fadx.holmesmind.com%2F&ea=0&pra=5&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662798194081&bpp=3&bdt=418&idt=301&shv=r20220907&mjsv=m202209080101&ptt=9&saldr=aa&nras=1&correlator=1336011910620&frm=8&ife=1&pv=2&ga_vid=623293740.1662798194&ga_sid=1662798194&ga_hid=1300708309&ga_fc=0&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=713434785&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31069448&oid=2&pvsid=1759535697485998&tmod=1688359005&uas=0&nvt=1&top=https%3A%2F%2Fwww.bg3.co%2F&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=4&bc=31&ifi=1&uci=1.nj8ribgm1a6b&fsb=1&dtd=319
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4126554779393986&output=html&h=280&slotname=4923695364&adk=3446667921&adf=552093736&pi=t.ma~as.4923695364&w=336&fwrn=16&psa=0&format=336x280&url=https%3A%2F%2Fadx.holmesmind.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662798194085&bpp=1&bdt=421&idt=324&shv=r20220907&mjsv=m202209080101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=1336011910620&frm=8&ife=1&pv=1&ga_vid=623293740.1662798194&ga_sid=1662798194&ga_hid=1300708309&ga_fc=0&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=713434785&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31069448&oid=2&pvsid=1759535697485998&tmod=1688359005&uas=0&nvt=1&top=https%3A%2F%2Fwww.bg3.co%2F&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.o6by91gtoczp&fsb=1&dtd=329
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://pix.impdesk.com/csync/google?google_gid=CAESEMETWLeE20p6rK103u7DeNo&google_cver=1&google_push=AehlK4B66kpw_FkrPKZ1fjbQcGhnQutrGPngMWZUPSHx3HAWdYWUSFseLTHA4v66vdSOyxudoC4MCo3uo4qJZNmJxwvau2YEInHvdu2v_RbIa5qsHESD0_m6WRQwAByVeEHPnGJInnVgrvM
Message:
Failed to load resource: net::ERR_CONNECTION_REFUSED
network error URL: https://ad.audience73.com/adx_sync?google_gid=CAESEEg9uW7nCCkacdCOXI9WBWQ&google_cver=1&google_push=AehlK4BRuKQFUcSkONncv-Tkgl5ngMP6JzGjMIVm-JKx7Up1o-IsQ6hpmrxVaROqw3g6moucrOvPF-xKx4pPyoCTDtDKXcFiJBY
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2885cbeb76d22c3488fb9b4680f20941.safeframe.googlesyndication.com
a.rfihub.com
a.teads.tv
a011a39eb7575a461d98b9823b03d532.safeframe.googlesyndication.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.audience73.com
ad.turn.com
adpushup-d.openx.net
ads.aralego.com
ads.pubmatic.com
ads.servenobid.com
adservice.google.com
adservice.google.com.au
adx.holmesmind.com
aid.send.microad.jp
ap.lijit.com
aplogger.adpushup.com
b1sync.zemanta.com
bidder.criteo.com
c.bing.com
cdn.adpushup.com
cdn.ampproject.org
cdn.aralego.net
cdn.indexww.com
cdn.jsdelivr.net
ce.lijit.com
cm.adform.net
cm.g.doubleclick.net
code.jquery.com
contextual.media.net
cs.emxdgt.com
cs.media.net
csync.loopme.me
d-643269229691911375.ampproject.net
dclk-match.dotomi.com
delivery.adrecover.com
dis.criteo.com
ds.uncn.jp
dsp.adkernel.com
dsum-sec.casalemedia.com
dynalyst-sync.adtdp.com
e3.adpushup.com
eb2.3lift.com
eus.rubiconproject.com
fa1d6bc797a36a4e9c0566e7463c46a1.safeframe.googlesyndication.com
fastlane.rubiconproject.com
g2.gumgum.com
gdn.socdm.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hb-api.omnitagjs.com
hblg.media.net
htlb.casalemedia.com
ib.adnxs.com
id5-sync.com
image6.pubmatic.com
image8.pubmatic.com
ipac.ctnsnet.com
jp-u.openx.net
js-sec.indexww.com
lg3.media.net
match.adsrvr.org
match.prod.bidr.io
onetag-sys.com
p.adsymptotic.com
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
pix.impdesk.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid-server.rubiconproject.com
prebid.a-mo.net
prebid.media.net
public.servenobid.com
px.ads.linkedin.com
pxl.qccerttest.com
qsearch-a.akamaihd.net
rtb-csync.smartadserver.com
rtb.adxpremium.services
rtb.mfadsrvr.com
rtb2-useast.e-volution.ai
rules.quantcount.com
s.amazon-adsystem.com
s0.2mdn.net
secure-assets.rubiconproject.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
ssbsync.smartadserver.com
ssp.disqus.com
ssum-sec.casalemedia.com
stags.bluekai.com
static.bg3.co
static.criteo.net
sync-dsp.ad-m.asia
sync-tm.everesttech.net
sync.aralego.com
sync.go.sonobi.com
sync.mathtag.com
sync.targeting.unrulymedia.com
sync.teads.tv
sync.tidaltv.com
tg.socdm.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
u.openx.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
warp.media.net
www.bg3.co
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
x.yieldlift.com
a.rfihub.com
aax-eu.amazon-adsystem.com
ad.audience73.com
ad.turn.com
ads.servenobid.com
ap.lijit.com
b1sync.zemanta.com
cdn.indexww.com
ce.lijit.com
cm.adform.net
cm.g.doubleclick.net
csync.loopme.me
dsum-sec.casalemedia.com
eus.rubiconproject.com
g2.gumgum.com
hb-api.omnitagjs.com
id5-sync.com
image6.pubmatic.com
image8.pubmatic.com
jp-u.openx.net
match.adsrvr.org
match.prod.bidr.io
pagead2.googlesyndication.com
pix.impdesk.com
pixel.rubiconproject.com
pixel.tapad.com
pr-bh.ybp.yahoo.com
rtb-csync.smartadserver.com
rtb.mfadsrvr.com
s.amazon-adsystem.com
secure.adnxs.com
ssp.disqus.com
stags.bluekai.com
sync-tm.everesttech.net
sync.go.sonobi.com
sync.mathtag.com
sync.targeting.unrulymedia.com
token.rubiconproject.com
tpc.googlesyndication.com
um.simpli.fi
ups.analytics.yahoo.com
x.yieldlift.com
103.229.10.247
104.16.88.20
104.18.100.194
104.18.18.126
104.18.19.126
104.211.156.162
104.254.151.120
104.26.3.91
104.26.5.103
104.83.196.24
104.83.197.63
107.23.149.157
124.146.215.4
13.107.42.14
13.115.99.16
13.227.254.109
13.227.254.11
13.76.45.37
142.251.10.154
142.251.10.97
142.251.12.101
142.251.12.155
142.251.12.157
145.40.88.5
148.251.44.111
151.101.1.108
169.45.107.147
172.217.194.104
172.217.194.132
172.217.194.156
172.253.118.94
174.137.133.49
18.139.80.135
182.161.73.129
182.161.73.136
182.161.73.145
182.161.73.146
198.8.71.129
202.131.200.84
202.233.84.1
202.241.208.56
204.79.197.200
209.58.171.197
23.106.127.53
23.108.102.145
23.15.148.136
23.36.252.26
23.72.44.196
23.72.44.239
3.33.220.150
34.107.148.139
34.98.64.218
35.186.193.173
35.213.12.39
35.244.159.8
35.71.178.8
42.99.128.161
42.99.140.144
42.99.140.161
50.116.239.135
51.79.234.101
52.192.218.173
52.194.67.219
52.48.53.23
52.74.13.196
52.76.108.50
52.84.251.114
52.84.45.7
54.169.94.38
54.254.175.9
69.16.175.42
69.173.158.64
69.173.158.65
74.125.130.132
74.125.200.155
74.125.24.132
74.125.24.148
74.125.24.155
74.125.24.156
74.125.68.156
84.17.37.44
89.207.22.76
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
018bffd7f81cd614c416e15fc498214f5b3f7525cb2c6935de62cb0990d4ffda
02f2b141a82a6933f6d5313defb25a4b63ec629e6f0b168d56612597e513f839
0442590cffbff81278fa733c7e2924fc2a6c54b60e97883b93efca348cd0b433
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
06584301c5b2bd55c199306a76b39a58efaafe348370265942c6ecee5ebe0cc6
071b4bd6731dcdef0932c700227624f44bf95895c613074e3eef95a24bb0a15e
08f09a4d590f897f47dfc1225b7f235abb8ee7d9a2891130ef154c9e023cdae0
0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9
095348d33dfcfa5ed1de252a53bff7ecda596451ce782f98ad45970c44f6ca5e
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bca8517aa151603ee4d67c771c893959de2b5f1e89ba2596ab39e81f0c81816
0ded514870717c9f3f532784ab18c92ef1a9703bae7fd521f91c028d4eb2364a
0eaf9eeca0f6319ae8d567ef93ab4ea0df35b723b185f4a7ff7dcb79d53260b2
0eb3f65506e9dd4ffe7e17304a2f8172dfbfee8e377dac317eee96d4541210ec
1037c4326645dd21466b7fc39e72458ae4e314e06489e4c585f7e33803cc5dea
11bf2892c1e20eca7d4e8145fcbb273d64ca8ef59bfece04a4fa0b6cd59be00b
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1436a0a1c6a1129bbe815f0f17e403a1ccdb6017fde89933ae1e676fac48edf8
14cfb5058acaf3af2f07088f1582f29941d7a4cc74fd1cea5050cecad862d154
1866a766c47824407262904f227838a42dd3e98667b6abf7f73dd5556662fd4e
19f633019dee3ab7f838be4c3a9480c9799ddc02fabe5ddd86a3c57f6dee645d
1a2b1223b0de2adef4069686f9acaf1da6b16d55d37eae00b177a06bebf84f03
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced
1c877b4b7e75bf2c8432415bb762ed9bfc73830abf68497eff686fcc9fa44f9f
20ef0d0404e4822f6483958648bb42a50a00bf51775a9e4d99d56cddd12ba986
21902e4026c2f774fbd13f64845d6fd3a823c1ea64ee93e76a9fe06a49a74711
231fee910520b0c5cde0985cfe2d2e587cf67c42ec85ad06710fc0ade03d9a1a
23fbe90ffdaf3fed12fca252d15e97f25fc250b6ad99f680710e3e227b96086e
248d0f732763fd82701728aff2902d3e6b079e73f1ea00c1c4bb749f45e9226f
26463af484843e3259660c1101556a1d547e59993f9df86eb4825fdc22c33d77
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16
26abfaab1dd7b7815b1f3b6b2a6cad15933a22aa60ebf97efdbd3120614b1e3e
2a40d36b84112f10e6670179fd909ea322eb9c6c8586ef743584a5012724e7c1
2a88de3c2f922c361f8ef2dd11ed86cf766b6c3a18f9a604ba77bb6326d94aac
2c6cd6437201b0cf35c1eccffc8e99291167d496c73ab43ecb3cfeec5a5dc28f
326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
32a0bb127aad9a7b19061909d898721b6a4c22d4ae922ff303eeb77f1af4e118
32cf0a8fe53899cf276cb12df8c8f5f1558bfb49a803502eda8296818dafef6f
3378135f525fc551ce49d2c117e9967735794757a4c71910d8c1b8fa38bf3f2c
35015dfe6bb2f2d529b72d4d50091713ff89f4dcf8cac73bfe1bd44f086c4060
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6
36c5c7cc8ac359b9028446ab4d1b8a7398cf20e14b8ec873d6be0f81b3fac82d
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
388c5feeadc76c0960b6635be32ef74cff2163831cba387670bd40d3595c273a
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3f2c0c4e4c89eae172edef7969867243fca9370249d772d7724ab3bca286e1e1
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
411d52d20bd61f0a87f51b784e1c7acb62721ef8c2c67e2a2840a63465e055ce
412d618519aa7bd4d923227c23cb39a16453a941d0343956ddbcc2f007589b30
45d8a1c989f3fb759ada706bcba787b1d492dfce7b9f2494c9ca704aae6133b8
486ae9b783fdf48074594dce4b5708846ac766dce55f8bcc7546aa84e4523a4a
4946803c26c32c4e02614e061b6a4b9ba5a1008b9918314d7902527a52897b78
4ab34750986ded99337c04d330ad87e55b9d6597c9f80a2ef44db86089fda607
4b53641b1194aa117c5a3881c3331863830e477c64bb14fc4d1fa91c19ba7276
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d115fdd6bcf7131dd4555e5830422890c4fd24ae9ae1b94f52d8d5158139bf5
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50d836b66e850274c34e6ad7c79e99b0ae0c5f42ff380b4666c852beb3dd288e
50f77fa9d32c1323f7e50da8d807f556cdddaea2161de6cf84a0c8b4c1dd6f79
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
546cd5b9641829cffba32680801c7ac253b12ce744ebb40e4e07da815942554c
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
564092551ff10a5e98e0afc31a9a0018e20a82a960d3dbeac96c10d8512af911
57ba9c79273602051bd0fa9f6dcd52a3f199dc59f134308efeeaad35424b8311
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
5c860690473c3d0b95401f667e29bba1eab450d9061bfe14017c990d68c1d856
5d139f799fc35853e39cdeb2b6ebb46eaaaebb4f356982e05dcae54363e1c994
5ff3b3d1ad750611b9db677d0796f42a50f06982315e23ff264a2aa7d74e0bf9
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
622cd4a2d30e2b367e91504a877c0284d39bf4ff04c3fdca849996e4df5553af
6558cd4781a302e56e5d98e926705759503490a6fb4f584ffa866f301e1016de
6578c92b0695fc583cd02df997b4d6bd9e14e785321952a64743fbfa7eff1b04
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
6769d2dadd354b2c66c0951ad3599e7861e23aa16ada5b202a37c7e097e10a18
68ab8e9f6986b266d2e11b9e6e1720f94bde721686a3dfc3d88f04c90793e954
6997292db4f5eefb91b6df8a32cc33f382a9da74890b13d55d9b0263c46f736e
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6cc8acd05cc0467f44ede1de8275f033c906f08c5fe77f756e74077ee88454c1
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088
6d94d8c9dda948f977ea7a029adfd90310a309ad35c866f4551d2bcdfbfc83c4
6e416f9c5beff9b32c1786ebeb3ac32c7c7037311a49b7a05c32cd6dc1c53208
6f555469d4995d756df1afa3818efd83899052c9ed812daf66ebe3fa97e91ed5
6f5cba9f6d10a0e979fae9d1514906036b4bc071ca3f07b4b9fe4d47dcf3adfe
710de537d79be42c3da28884c1212209d9fa1db3a794c0fa2af3aa88b2936045
7236bda38594c6432df8feca8746c6bbf6d59107637ad0db83d5d9edc1c0f42d
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
7bf33c686c7d0098b15fa105f49c725fa99d02b4800bae9e067f339160d4d7b1
7c0b90fe6a2f1f5380a33c83ccd0fc9ead3520adfe057f55f784c12b49fab4be
7ccb44159d19e7b63b19c59a2019adb3a661b2189b0b4d923df39d2d0b3369c6
7ef32f294a526645c225e15443374d0346ff1d5b32f62cf4e1e6f38f73b4a0d6
7efdca1ce8a8ee4fb50887d9f88bdace1026e0f76ea1e64a802b97402d825a79
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8492f3fc13f89700f09e8a96308911979a6289be084af2c497ea54dbd7dd7f5f
85af3052d288ffd9157258dfe4daf5309f0b64d0067ab8221cd0c62909c18419
88b5f7001eebda1f83264bf25784cb637532cc835f328e9465a2113a4744b7a7
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8ae78cfe6ee6192120b022cb3c00d586542309c4b88076fe6f12c0f7ef65f015
8b1a19fda49ce5473414582c9bfae638ea11f01ff0bece4d18145af4c7906931
8de5be317de0e910d5ccea3ce5a604f6fe59df71dfc30b8d7272bd1fab48617e
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
923bfe4249cc964c58e87df66b351ebb93c6fc54f658fda2c259e2ffc089ddd7
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5
92aa39d317688eccaab953ef7fd83477e61ad957a222d6454a6fd45419d998dc
95b36712b7bffac10ed074568f56edd9feb10625a19396c38ed047d16ed2c5ed
966f693f1a992ad027a6d62beea20d748e546d6bf7f5f87d3f4dc8763eb0cf73
968012b3a49390a10d31c6d36b2aab796ec167a83378b5f9787756ee7cb035c5
968e3d44d7648e175b6b08fdc7c40ba1264fe7e1bd76027cc962d05f18c04351
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9cdee7f38217e316bb4f8b87da6345c7dc1901fb1f7f4af7c453fc149343afe5
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0b902d4a1edda7fca6456bf3452909a328b134483e2124b1c0a030fddaf499b
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a40e8992434e535b62d75d7e4b6094b82b407cc034fef81975281c39ecfb2cba
a41aa6181ca08937de11eee721860701ee7e1b1d7050bd6d4350d14f29eaafef
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a690612af8983b689a75a9e58497bb45a06c2c09430f8c2308366ba77e09407b
a6d8bdaa3aa2faef258cab77911cb0c974c1da4ad88edac570deb2320341161c
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a8993772c9eb591474f38d257bebc8c4286703e1af72d04c8c294be5fff7b649
a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87
aa446b1f105b20f07c49f55c8ea00ef9bc42d7f0c5f747319823f00a480ff7f6
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc
b0c35de7e97c6845d33df6e448e10fc57a12dc9029159a609111c6032cc1889d
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b6f82463e9e98ffd7782b239ee71fee00103e68b4f0c27a2ce16f6c91eb1551a
b865c56c4ad5dcba27c8548903262a68eacdb2728a6095b31802eb54178be5b2
ba4e8708b7c90bec734aab7a8530cc90374bfc13a96714e3cbf4dc9583dd3392
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc8407fe752e34b4bb4a770b71757bcfff7c3209e500b1f2c366a4daa2d7f5f4
beb04705b4768996852ded7b4cef6e5fcd8bd57b76f289519c95a007d8ab7693
bee2c5e2a31868cbe503c8b91d964a71e7ae6ec100753a5bc4b59f5c2a9d4c60
bfc8ae749acf76a865a5cf8ea6da7d9ff6247d1dc1fec1477197f3603af80f89
c06bb7367188863b6c828ff2788f0b782ac995b6178fc53b92af5c75d449551b
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
c8356135a2910f429eaab41d100680627e417d126cbed99c410f0d5aad490ab2
c86f041243bcea80e0315fc89fa78a1b81dbc3aec419b11af7302ea2eb3100c9
cbe3d447509bcba10918feab119c9540a97c6eb498450f231903e80c9c8e5c7f
ce67b0786f14c7c1861eebd94f6557072e99e50ab95176a2f23d7444c4dc2741
ce795d24724e49e16344036d57d179a93183e3d0c8faf0688139cc58d35d018f
cee9ee9c76292f7dd906f013e312ae23e92e67d93ecb66a6941d33e9e4c786f5
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d5d2d371a727dced75538c04972ae4ed978402937763c4eb78291954fbef7322
da4085030009e98daf6eb2656f5fae35c7a3bb947e1a290ddbb20581cc2678b9
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32
e06b3a957380d49aeade8c04d425aabd8aa9690b1e7d9803d4f0a6a85f76916b
e0a104fbbee2e540bada9deeb913d367f345ffc77ab96ae1713d3486e2763418
e325e7ac2e5f7158a7ed69054a0a07a499f2af228d98fca31b039b875ae11e85
e368951bc5918b3d9fbc8205bfdf0d8be8b79da09b457bb113307063f3b1bc89
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e45926cd4427970d0ecdcd27d2f4343e89f584a1c02fe00eb5107135ad9b77a9
e6c4445c817f91c6bb63c24449617a725313ca38bd562ddc5ebc3844e05f6baf
e813a8d8d41c0dbdc33020ad6ef27d16afd2b590ceeb998e267409c8f666b829
e8c1c4efe9cfb7153f0fce2f6217d65521daeceb0c4c8c42c20c018f10e4ea8f
e9969ec6163fc467674443a6cd06f78cf8d664794d386558db417565e57423d3
ea04bc7caf56a05b359e082b41eab2542ff2fa0c51666607daba81fe29eccbe9
eb4b12c0cb69834976c26e8f915a121982bd6a72af780109a93e160b6cd1b112
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efa230a3973395419cb2746d720c89db14d28401636f48514642360656c172ce
f1e691269432cba8bed2110866d1a1a67546edcb41cb7e9f5e3fc9de6736a59e
f5d10b88f7de829571588813ed51636bfdf0e0c651362e5c5d20762cb07dfe34
f77f47058428a1c21dad5a75ac13fbfdeb9858947218fee2112fded5972a0b5d
fa0aa1507580b2dc07a90dcbf69c0df1335349e705f103034dec02a2b66f593e
fb54d3a759090684587336727e28cd7f40e3d6e896e5a133a1fbc977b381217a
fd7956a83701dec41d13ac20c925f2c82f5b519de129ad1a399022bdee3f8121
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e